-
Notifications
You must be signed in to change notification settings - Fork 2
149 lines (128 loc) · 5.29 KB
/
deploy_cms.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
name: Deploy CMS
on:
push:
branches: ['main']
# Run only if there are at least one change matching the following paths
paths:
- 'apps/strapi-cms/**'
- '.github/workflows/deploy_cms.yaml'
workflow_dispatch:
inputs:
environment:
description: 'The environment used as target'
type: choice
required: true
default: dev
options:
- dev
- prod
logLevel:
description: 'Log level'
required: true
default: 'warning'
type: choice
options:
- warning
defaults:
run:
shell: bash
working-directory: apps/strapi-cms
permissions:
id-token: write # This is required for requesting the JWT
contents: read # This is required for actions/checkout
jobs:
cd_deploy_cms:
name: Build and push CMS image (on ${{ matrix.environment }})
if: github.event_name == 'push' && github.event.ref == 'refs/heads/main'
runs-on: ubuntu-latest
continue-on-error: false
strategy:
matrix:
environment: [ 'dev' ]
environment: ${{ matrix.environment }}
steps:
- name: Checkout
uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4.0.0
- name: Configure AWS Credentials
uses: ./.github/actions/configure-aws-credentials
with:
aws_region: ${{ env.AWS_REGION || 'eu-south-1' }}
role_to_assume: ${{ secrets.IAM_ROLE_DEPLOY_CMS }}
- name: Login to Amazon ECR
id: login-ecr
uses: aws-actions/amazon-ecr-login@062b18b96a7aff071d4dc91bc00c4c1a7945b076 # v2.0.1
- name: Build Push and Tag
uses: docker/build-push-action@4a13e500e55cf31b7a5d59a38ab2040ab0f42f56 # v5.1.0
env:
ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }}
ECR_REPOSITORY: strapi
IMAGE_TAG: ${{ github.sha }}
with:
context: apps/strapi-cms
push: true
tags: ${{ env.ECR_REGISTRY }}/${{ env.ECR_REPOSITORY }}:${{ env.IMAGE_TAG }}
provenance: false
- name: Generate task-definition file
run: aws ecs describe-task-definition --task-definition cms-task-def --query taskDefinition > task-definition.json
- name: Update ImageTag in task-definition
id: task-def
uses: aws-actions/amazon-ecs-render-task-definition@4225e0b507142a2e432b018bc3ccb728559b437a # v1.2.0
with:
task-definition: apps/strapi-cms/task-definition.json
container-name: cms-docker
image: ${{ steps.login-ecr.outputs.registry }}/strapi:${{ github.sha }}
- name: Deploy new ECS task definition
uses: aws-actions/amazon-ecs-deploy-task-definition@df9643053eda01f169e64a0e60233aacca83799a # v1.4.11
with:
task-definition: ${{ steps.task-def.outputs.task-definition }}
service: cms-ecs
cluster: cms-ecs-cluster
manual_deploy:
name: Build and push CMS image (manual trigger) - (${{ inputs.environment }})
if: github.event_name == 'workflow_dispatch'
runs-on: ubuntu-latest
continue-on-error: false
steps:
- name: Checkout
uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4.0.0
- name: Configure AWS Credentials
uses: ./.github/actions/configure-aws-credentials
with:
aws_region: ${{ env.AWS_REGION || 'eu-south-1' }}
role_to_assume: ${{ secrets.IAM_ROLE_DEPLOY_CMS }}
- name: Login to Amazon ECR
id: login-ecr
uses: aws-actions/amazon-ecr-login@062b18b96a7aff071d4dc91bc00c4c1a7945b076 # v2.0.1
- name: Build Push and Tag
# Enabling the "continue on error" option allows for a manual rollback
# to be performed in case of any issues. Without this option, the step
# will fail if the image already exists in the Elastic Container
# Registry (ECR). However, by activating this option, the deployment
# process will proceed to the next steps even if the ECR image already
# exists
continue-on-error: true
uses: docker/build-push-action@4a13e500e55cf31b7a5d59a38ab2040ab0f42f56 # v5.1.0
env:
ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }}
ECR_REPOSITORY: strapi
IMAGE_TAG: ${{ github.sha }}
with:
context: apps/strapi-cms
push: true
tags: ${{ env.ECR_REGISTRY }}/${{ env.ECR_REPOSITORY }}:${{ env.IMAGE_TAG }}
provenance: false
- name: Generate task-definition file
run: aws ecs describe-task-definition --task-definition cms-task-def --query taskDefinition > task-definition.json
- name: Update ImageTag in task-definition
id: task-def
uses: aws-actions/amazon-ecs-render-task-definition@4225e0b507142a2e432b018bc3ccb728559b437a # v1.2.0
with:
task-definition: apps/strapi-cms/task-definition.json
container-name: cms-docker
image: ${{ steps.login-ecr.outputs.registry }}/strapi:${{ github.sha }}
- name: Deploy new ECS task definition
uses: aws-actions/amazon-ecs-deploy-task-definition@df9643053eda01f169e64a0e60233aacca83799a # v1.4.11
with:
task-definition: ${{ steps.task-def.outputs.task-definition }}
service: cms-ecs
cluster: cms-ecs-cluster