From a7abb76c2246498dd83d798b442a5353bb0e9b27 Mon Sep 17 00:00:00 2001 From: Jo Date: Tue, 28 May 2024 12:14:01 -0400 Subject: [PATCH] separate build and deploy jobs --- .github/workflows/deploy-staging.yml | 169 ++++++++++++++++++++------- 1 file changed, 126 insertions(+), 43 deletions(-) diff --git a/.github/workflows/deploy-staging.yml b/.github/workflows/deploy-staging.yml index 36f0fbcdc..2c6995364 100644 --- a/.github/workflows/deploy-staging.yml +++ b/.github/workflows/deploy-staging.yml @@ -8,12 +8,83 @@ on: push: branches: - main + - flexible-release-creation permissions: id-token: write # This is required for requesting the JWT contents: write # This is required to create a release jobs: + + build-frontend: + runs-on: ubuntu-latest + environment: staging + steps: + - uses: actions/checkout@v4 + + - name: Setup NPM + uses: actions/setup-node@v4 + with: + node-version: '18.x' + + - name: Install dependencies + run: cd frontend && yarn install + + - name: Build project + run: | + cp frontend/.env.stage.example frontend/.env.stage + cd frontend && yarn build --mode ${{ vars.APP_ENV }} + + - name: Create Frontend Archive + run: zip frontend.zip frontend/dist + + - name: Archive Frontend + uses: actions/upload-artifact@v4 + with: + name: frontend + path: frontend.zip + + build-backend: + runs-on: ubuntu-latest + environment: staging + steps: + - uses: actions/checkout@v4 + + - name: Configure AWS credentials + uses: aws-actions/configure-aws-credentials@v4 + with: + role-to-assume: ${{ secrets.IAM_ROLE }} + role-session-name: Appointment_GitHub_to_AWS_via_FederatedOIDC + aws-region: ${{ vars.AWS_REGION }} + + - name: create release tag + id: create-release-tag + run: echo "tag_name=r-$(printf %04d $GITHUB_RUN_NUMBER)" >> $GITHUB_OUTPUT + + - name: Login to Amazon ECR + id: login-ecr + uses: aws-actions/amazon-ecr-login@v2 + with: + mask-password: 'true' + + - name: Build, tag, and push backend image to Amazon ECR + id: build-backend + env: + ECR_TAG: '${{ steps.login-ecr.outputs.registry }}/${{ vars.PROJECT }}:backend-${{ github.sha }}' + run: | + # Build a docker container and push it to ECR so that it can be deployed to ECS + docker build -t $ECR_TAG ./backend -f ./backend/deploy.dockerfile + docker push $ECR_TAG + echo "image_backend=$ECR_TAG" >> $GITHUB_OUTPUT + echo $ECR_TAG > ecr_tag.txt + zip ecr_tag.zip ecr_tag.txt + + - name: Archive ECR tag + uses: actions/upload-artifact@v4 + with: + name: ecr_tag + path: ecr_tag.zip + detect-changes: runs-on: ubuntu-latest environment: staging @@ -119,6 +190,7 @@ jobs: needs: - detect-changes - deploy-iac + - build-frontend if: | always() && @@ -133,18 +205,18 @@ jobs: steps: - uses: actions/checkout@v4 - - name: Setup NPM - uses: actions/setup-node@v4 - with: - node-version: '18.x' - - - name: Install dependencies - run: cd frontend && yarn install - - - name: Build project - run: | - cp frontend/.env.stage.example frontend/.env.stage - cd frontend && yarn build --mode ${{ vars.APP_ENV }} +# - name: Setup NPM +# uses: actions/setup-node@v4 +# with: +# node-version: '18.x' +# +# - name: Install dependencies +# run: cd frontend && yarn install +# +# - name: Build project +# run: | +# cp frontend/.env.stage.example frontend/.env.stage +# cd frontend && yarn build --mode ${{ vars.APP_ENV }} - name: install opentofu uses: opentofu/setup-opentofu@v1 @@ -171,14 +243,14 @@ jobs: role-session-name: Appointment_GitHub_to_AWS_via_FederatedOIDC aws-region: ${{ vars.AWS_REGION }} - - name: Create Frontend Archive - run: zip frontend.zip frontend/dist +# - name: Create Frontend Archive +# run: zip frontend.zip frontend/dist - - name: Archive Frontend - uses: actions/upload-artifact@v4 - with: - name: frontend - path: frontend.zip +# - name: Archive Frontend +# uses: actions/upload-artifact@v4 +# with: +# name: frontend +# path: frontend.zip - name: Get frontend bucket & distribution id: get-frontend-resources @@ -199,6 +271,7 @@ jobs: needs: - detect-changes - deploy-iac + - build-backend if: | always() && @@ -243,38 +316,48 @@ jobs: sudo chmod +x /bin/terragrunt terragrunt -v - - name: Login to Amazon ECR - id: login-ecr - uses: aws-actions/amazon-ecr-login@v2 + - name: download ecr tag + uses: actions/download-artifact@v4 with: - mask-password: 'true' - - - name: Build, tag, and push backend image to Amazon ECR - id: build-backend - env: - ECR_TAG: '${{ steps.login-ecr.outputs.registry }}/${{ vars.PROJECT }}:backend-${{ github.sha }}' - run: | - # Build a docker container and - # push it to ECR so that it can - # be deployed to ECS. - docker build -t $ECR_TAG ./backend -f ./backend/deploy.dockerfile - docker push $ECR_TAG - echo "image_backend=$ECR_TAG" >> $GITHUB_OUTPUT - echo $ECR_TAG > ecr_tag.txt - zip ecr_tag.zip ecr_tag.txt + name: + ecr_tag - - name: Archive ECR tag - uses: actions/upload-artifact@v4 - with: - name: ecr_tag - path: ecr_tag.zip +# - name: create release tag +# id: create-release-tag +# run: echo "tag_name=r-$(printf %04d $GITHUB_RUN_NUMBER)" >> $GITHUB_OUTPUT + +# - name: Login to Amazon ECR +# id: login-ecr +# uses: aws-actions/amazon-ecr-login@v2 +# with: +# mask-password: 'true' + +# - name: Build, tag, and push backend image to Amazon ECR +# id: build-backend +# env: +# ECR_TAG: '${{ steps.login-ecr.outputs.registry }}/${{ vars.PROJECT }}:backend-${{ github.sha }}' +# run: | +# # Build a docker container and +# # push it to ECR so that it can +# # be deployed to ECS. +# docker build -t $ECR_TAG ./backend -f ./backend/deploy.dockerfile +# docker push $ECR_TAG +# echo "image_backend=$ECR_TAG" >> $GITHUB_OUTPUT +# echo $ECR_TAG > ecr_tag.txt +# zip ecr_tag.zip ecr_tag.txt + +# - name: Archive ECR tag +# uses: actions/upload-artifact@v4 +# with: +# name: ecr_tag +# path: ecr_tag.zip - name: deploy backend-service working-directory: ./tofu/environments/stage/services/backend-service run: | terragrunt init -upgrade terragrunt validate - terragrunt plan -var 'image=${{ steps.build-backend.outputs.image_backend }}' -out tfplan + terragrunt plan -var 'image=${{ steps.create-release-tag.outputs.tag_name }}' -out tfplan terragrunt apply tfplan create-release: