movie-api/.github/workflows/deploy.yml at b4790c4eca1293a8be9618fdc60e7548a9b07383 · Convert-Group/movie-api · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
name: Build & Deploy

on:
  push:
    branches:
      - main
      - images/ECR
  workflow_dispatch:

jobs:

  detect-changes:
    runs-on: ubuntu-latest
    outputs:
      backend: ${{ steps.changes.outputs.backend }}
      frontend: ${{ steps.changes.outputs.frontend }}
      gateway: ${{ steps.changes.outputs.gateway }}
    steps:
      - uses: actions/checkout@v4
      - id: changes
        uses: dorny/paths-filter@v3
        with:
          filters: |
            backend:
              - 'backend/**'
            frontend:
              - 'frontend/**'
            gateway:
              - 'gateway/**'

  build-backend:
    needs: detect-changes
    if: needs.detect-changes.outputs.backend == 'true'
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      - name: Configure AWS credentials
        uses: aws-actions/configure-aws-credentials@v4
        with:
          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
          aws-region: eu-west-1
      - name: Log in to Amazon ECR
        uses: aws-actions/amazon-ecr-login@v2
      - name: Build backend image
        run: |
          docker build -t 620914207029.dkr.ecr.eu-west-1.amazonaws.com/movie_api:movie-api -f backend/Dockerfile ./backend
      - name: Push backend image
        run: |
          docker push 620914207029.dkr.ecr.eu-west-1.amazonaws.com/movie_api:movie-api

  build-frontend:
    needs: detect-changes
    if: needs.detect-changes.outputs.frontend == 'true'
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      - name: Configure AWS credentials
        uses: aws-actions/configure-aws-credentials@v4
        with:
          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
          aws-region: eu-west-1
      - name: Log in to Amazon ECR
        uses: aws-actions/amazon-ecr-login@v2
      - name: Build frontend image
        run: |
          docker build -t 620914207029.dkr.ecr.eu-west-1.amazonaws.com/movie_api:frontend -f frontend/Dockerfile ./frontend
      - name: Push frontend image
        run: |
          docker push 620914207029.dkr.ecr.eu-west-1.amazonaws.com/movie_api:frontend

  build-gateway:
    needs: detect-changes
    if: needs.detect-changes.outputs.gateway == 'true'
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      - name: Configure AWS credentials
        uses: aws-actions/configure-aws-credentials@v4
        with:
          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
          aws-region: eu-west-1
      - name: Log in to Amazon ECR
        uses: aws-actions/amazon-ecr-login@v2
      - name: Build gateway image
        run: |
          docker build -t 620914207029.dkr.ecr.eu-west-1.amazonaws.com/movie_api:gateway -f gateway/Dockerfile ./gateway
      - name: Push gateway image
        run: |
          docker push 620914207029.dkr.ecr.eu-west-1.amazonaws.com/movie_api:gateway

  deploy:
    needs: [build-backend, build-frontend, build-gateway]
    runs-on: ubuntu-latest
    if: always() # Ensures deploy runs even if no images were built
    steps:
      - name: Checkout code
        uses: actions/checkout@v4

      - name: Set up SSH key
        uses: kielabokkie/ssh-key-and-known-hosts-action@v1
        with:
          ssh-private-key: ${{ secrets.EC2_SSH_KEY }}
          ssh-host: ${{ vars.SSH_PROXY_HOST }}

      - name: Add SSH config
        run: |
          printf "Host ec2-docker\nHostName %s\nUser ubuntu\nIdentityFile ~/.ssh/id_rsa\nStrictHostKeyChecking no\nProxyCommand ssh -W %%h:%%p -q pure@xanderbit.cgitverse.com\n" "${{ secrets.EC2_HOST }}" > ~/.ssh/config
          chmod 600 ~/.ssh/config

      - name: Create .env file
        run: |
          echo "DB_HOST=${{ secrets.DB_HOST }}" >> .env
          echo "DB_PORT=${{ secrets.DB_PORT }}" >> .env
          echo "DB_NAME=${{ secrets.DB_NAME }}" >> .env
          echo "DB_USER=${{ secrets.DB_USER }}" >> .env
          echo "DB_PASSWORD=${{ secrets.DB_PASSWORD }}" >> .env
          echo "REDIS_HOST=${{ secrets.REDIS_HOST }}" >> .env
          echo "REDIS_PORT=${{ secrets.REDIS_PORT }}" >> .env
          echo "DATA_SOURCE_NAME=${{ secrets.DATA_SOURCE_NAME }}" >> .env

      - name: Configure AWS credentials
        uses: aws-actions/configure-aws-credentials@v4
        with:
          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
          aws-region: eu-west-1

      - name: Log in to Amazon ECR
        id: login-ecr
        uses: aws-actions/amazon-ecr-login@v2

      - name: Install Ansible
        run: |
          sudo apt-get update
          sudo apt-get install -y ansible

      - name: Upgrade Ansible
        run: |
          pip install --upgrade ansible


      - name: Run Ansible Playbook
        run: |
          ansible-playbook ansible/deploy.yml \
            -i ansible/inventory.ini