Skip to content

Commit

Permalink
Relocate deployment steps into reusable workflow
Browse files Browse the repository at this point in the history
  • Loading branch information
@gzurowski
gzurowski committed Sep 18, 2024
1 parent a2e01f1 commit a4402c2
Show file tree
Hide file tree
Showing 2 changed files with 87 additions and 53 deletions.
71 changes: 18 additions & 53 deletions .github/workflows/ci.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,7 @@ on:
default: master

jobs:
deploy:
package:
runs-on: ubuntu-latest
if: |
github.event_name == 'workflow_dispatch' ||
Expand All @@ -36,6 +36,10 @@ jobs:
PROD_DEPLOY_ROLE_ARN: ${{ vars.PROD_DEPLOY_ROLE_ARN }}
DEPLOY_ENV: ${{ github.event.inputs.deploy_env || 'staging' }}

outputs:
deploy_role_arn: ${{ steps.get_role_arn.outputs.role_arn }}
short_git_sha: ${{ steps.short_git_sha.outputs.short_git_sha }}

steps:
- name: Workflow details
run: |
Expand All @@ -49,9 +53,11 @@ jobs:
ref: ${{ github.event.inputs.git_ref }}

- name: Set short Git SHA
id: short_git_sha
run: |
SHORT_GIT_SHA=$(git rev-parse HEAD | cut -c1-7)
echo "SHORT_GIT_SHA=$SHORT_GIT_SHA" >> "$GITHUB_ENV"
echo "short_git_sha=$SHORT_GIT_SHA" >> "$GITHUB_OUTPUT"
echo "Git SHA: ${SHORT_GIT_SHA}"
- name: Checkout deploy repository
Expand Down Expand Up @@ -82,60 +88,19 @@ jobs:
path: target/deploy.zip

- name: Get deploy role ARN
id: get-role-arn
id: get_role_arn
run: |
role_arn_name=${DEPLOY_ENV^^}_DEPLOY_ROLE_ARN
role_arn=$(eval echo \$$role_arn_name)
echo "role_arn=$role_arn" >> "$GITHUB_OUTPUT"
- name: Configure AWS credentials with assume role
id: aws_credentials
uses: aws-actions/configure-aws-credentials@v4
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
role-to-assume: ${{ steps.get-role-arn.outputs.role_arn }}
role-session-name: github-actions-beanstalk-session
role-duration-seconds: 1200
role-skip-session-tagging: true
aws-region: us-west-2
output-credentials: true

- name: Deploy ${{ env.DEPLOY_ENV }} Backend - API
uses: einaregilsson/beanstalk-deploy@v22
with:
aws_access_key: ${{ steps.aws_credentials.outputs.aws-access-key-id }}
aws_secret_key: ${{ steps.aws_credentials.outputs.aws-secret-access-key }}
application_name: backend
environment_name: ${{ env.DEPLOY_ENV }}-backend-api
version_label: ${{ env.SHORT_GIT_SHA }}
use_existing_version_if_available: true
region: us-west-2
deployment_package: target/deploy.zip
wait_for_environment_recovery: 120

- name: Deploy ${{ env.DEPLOY_ENV }} Backend - Main Worker
uses: einaregilsson/beanstalk-deploy@v22
with:
aws_access_key: ${{ steps.aws_credentials.outputs.aws-access-key-id }}
aws_secret_key: ${{ steps.aws_credentials.outputs.aws-secret-access-key }}
application_name: backend
environment_name: ${{ env.DEPLOY_ENV }}-backend-worker-main
version_label: ${{ env.SHORT_GIT_SHA }}
use_existing_version_if_available: true
region: us-west-2
deployment_package: target/deploy.zip
wait_for_environment_recovery: 120

- name: Deploy ${{ env.DEPLOY_ENV }} Backend - Cermine Worker
uses: einaregilsson/beanstalk-deploy@v22
with:
aws_access_key: ${{ steps.aws_credentials.outputs.aws-access-key-id }}
aws_secret_key: ${{ steps.aws_credentials.outputs.aws-secret-access-key }}
application_name: backend
environment_name: ${{ env.DEPLOY_ENV }}-backend-worker-cermine
version_label: ${{ env.SHORT_GIT_SHA }}
use_existing_version_if_available: true
region: us-west-2
deployment_package: target/deploy.zip
wait_for_environment_recovery: 120
deploy:
uses: researchhub/researchhub-backend/.github/workflows/deploy_eb.yml@github-workflow-reusable-deploy
needs: package
with:
deploy_env: ${{ inputs.deploy_env }}
deploy_role_arn: ${{ needs.package.outputs.deploy_role_arn }}
version: ${{ needs.package.outputs.short_git_sha }}
secrets:
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
69 changes: 69 additions & 0 deletions .github/workflows/deploy_eb.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,69 @@
name: Deploy Elastic Beanstalk

on:
workflow_call:
inputs:
deploy_env:
required: true
type: string
deploy_role_arn:
required: true
type: string
version:
required: true
type: string
secrets:
AWS_ACCESS_KEY_ID:
required: true
AWS_SECRET_ACCESS_KEY:
required: true

jobs:
deploy:
runs-on: ubuntu-latest

steps:
- name: Checkout application repository
uses: actions/checkout@v4

- name: Download deployment package
uses: actions/download-artifact@v4
with:
name: "backend-${{ inputs.version }}"

- name: Unpack deployment package
run: |
ls -lha
unzip deploy.zip -d target
ls -lhr ./.github/workflows
- name: Configure AWS credentials with assume role
id: aws_credentials
uses: aws-actions/configure-aws-credentials@v4
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
role-to-assume: ${{ inputs.deploy_role_arn }}
role-session-name: github-actions-beanstalk-session
role-duration-seconds: 1200
role-skip-session-tagging: true
aws-region: us-west-2
output-credentials: true

- name: Testing
run: |
echo "Role: ${{ inputs.deploy_role_arn }}"
echo "Env: ${{ inputs.deploy_env }}"
echo "Version: ${{ inputs.version }}"
#- name: Deploy ${{ inputs.deploy_env }} Backend - API
# uses: einaregilsson/beanstalk-deploy@v22
# with:
# aws_access_key: ${{ steps.aws_credentials.outputs.aws-access-key-id }}
# aws_secret_key: ${{ steps.aws_credentials.outputs.aws-secret-access-key }}
# application_name: backend
# environment_name: ${{ inputs.deploy_env }}-backend-api
# version_label: ${{ inputs.version }}
# use_existing_version_if_available: true
# region: us-west-2
# deployment_package: target/deploy.zip
# wait_for_environment_recovery: 120

0 comments on commit a4402c2

Please sign in to comment.