Skip to content
This repository has been archived by the owner on Oct 30, 2024. It is now read-only.

Deploy

Deploy #707

# yaml-language server: $schema=https://json.schemastore.org/github-action.json
name: Deploy
on:
workflow_run:
workflows:
- Infra Code Linting & Testing
- Bot Code Linting & Testing
branches:
- main
types:
- completed
permissions:
id-token: write
contents: read
env:
COMMIT: ${GITHUB_SHA}
CDK_IMAGE_NAMETAG: cdk-ralphbot
APP_IMAGE_NAMETAG: ralphbot
REPOSITORY: ralphbot/master
ENVIRONMENT: production-global
# renovate: datasource=github-releases depName=pnpm/pnpm versioning=semver
PNPM_VERSION: v8.8.0
jobs:
#Build and Publish Ralphbot Container Image
ralphbot-publish:
if: ${{ github.event.workflow_run.conclusion == 'success' }}
defaults:
run:
working-directory: ./src/
environment: production-global
name: ralphbot-container-publish
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Set IMAGE_TAG env
run: |
echo "IMAGE_TAG="$(date '+%Y.%m.%d'.${GITHUB_SHA::6})"" >> $GITHUB_ENV
- name: "Configure AWS Credentials"
uses: aws-actions/configure-aws-credentials@v4
with:
aws-region: us-east-1
role-to-assume: arn:aws:iam::${{ secrets.AWS_ACCOUNT_ID }}:role/${{ secrets.GHA_AWS_ROLE }}
role-session-name: ralphbot-deploy
- name: "Login to Amazon Public ECR"
uses: aws-actions/amazon-ecr-login@v2
with:
mask-password: "true"
registry-type: public
- name: "Build Ralphbot Container Image"
run: |
docker build --build-arg MAKE_TARGET=build-deployment-binary --tag ${{ env.APP_IMAGE_NAMETAG }}:$IMAGE_TAG .
- name: "Configure AWS Credentials - Change Region to Deployment Region"
uses: aws-actions/configure-aws-credentials@v4
with:
aws-region: ${{ secrets.AWS_REGION }}
- name: "Login to Ralphbot ECR"
id: login-ralphbot-ecr
uses: aws-actions/amazon-ecr-login@v2
with:
mask-password: "true"
- name: "Push Ralphbot Container Image to Ralphbot ECR"
env:
REGISTRY: ${{ steps.login-ralphbot-ecr.outputs.registry }}
run: |
docker tag ${{ env.APP_IMAGE_NAMETAG }}:$IMAGE_TAG $REGISTRY/${{ env.REPOSITORY }}:$IMAGE_TAG
docker push $REGISTRY/${{ env.REPOSITORY }}:$IMAGE_TAG
#Deploy CDK Stack
cdk-deploy:
defaults:
run:
working-directory: ./ops/
environment: production-global
name: ralphbot-cdk-stack-deploy
needs:
- ralphbot-publish
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Set Job envs
run: |
echo "VERSION=$(date '+%Y.%m.%d'.${GITHUB_SHA::6})" >> $GITHUB_ENV
- uses: pnpm/action-setup@v2
with:
version: ${{ env.PNPM_VERSION }}
- uses: actions/setup-node@v3
with:
node-version-file: .tool-versions
cache: pnpm
cache-dependency-path: ./ops/pnpm-lock.yaml
- name: Install dependencies
run: |
pnpm install --frozen-lockfile
- name: "Configure AWS Credentials"
uses: aws-actions/configure-aws-credentials@v4
with:
aws-region: ${{ secrets.AWS_REGION }}
role-to-assume: arn:aws:iam::${{ secrets.AWS_ACCOUNT_ID }}:role/${{ secrets.GHA_AWS_ROLE }}
role-session-name: ralphbot-deploy
- name: "Run CDK Deploy"
env:
AWS_ACCOUNT_ID: ${{ secrets.AWS_ACCOUNT_ID }}
run: |
pnpm run ci-deploy