1.106.0 #208
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Deploy to Production Environment | |
| on: | |
| release: | |
| types: [released] | |
| env: | |
| AWS_REGION: 'us-west-2' | |
| jobs: | |
| build-web: | |
| name: Build Web Image | |
| runs-on: ubuntu-22.04 | |
| environment: production | |
| outputs: | |
| image: ${{ steps.build-image.outputs.image }} | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 #6.0.1 | |
| with: | |
| submodules: true | |
| ref: ${{ github.head_ref }} | |
| token: ${{ secrets.PAT }} | |
| - name: Configure AWS credentials | |
| uses: aws-actions/configure-aws-credentials@61815dcd50bd041e203e49132bacad1fd04d2708 #5.1.1 | |
| with: | |
| aws-access-key-id: ${{ secrets.PROD_AWS_ACCESS_KEY_ID }} | |
| aws-secret-access-key: ${{ secrets.PROD_AWS_SECRET_ACCESS_KEY }} | |
| aws-region: ${{ env.AWS_REGION }} | |
| - name: Login to Amazon ECR | |
| id: login-ecr | |
| uses: aws-actions/amazon-ecr-login@062b18b96a7aff071d4dc91bc00c4c1a7945b076 #2.0.1 | |
| - name: Build, tag, and push image to Amazon ECR | |
| id: build-image | |
| env: | |
| ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }} | |
| IMAGE_TAG: ${{ github.event.release.tag_name }} | |
| ECR_REPOSITORY: 'advisingapp' | |
| run: | | |
| # Build a docker container and | |
| # push it to ECR so that it can | |
| # be deployed to ECS. | |
| docker build -t $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG --target web-deploy --platform linux/amd64 --build-arg USER_ID=9999 --build-arg GROUP_ID=9999 . | |
| docker push $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG | |
| echo "image=$ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG" >> $GITHUB_OUTPUT | |
| deploy-web: | |
| name: Deploy Web Service | |
| runs-on: ubuntu-22.04 | |
| needs: [build-web, deploy-worker] | |
| environment: production | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 #6.0.1 | |
| with: | |
| submodules: true | |
| ref: ${{ github.head_ref }} | |
| token: ${{ secrets.PAT }} | |
| - name: Configure AWS credentials | |
| uses: aws-actions/configure-aws-credentials@61815dcd50bd041e203e49132bacad1fd04d2708 #5.1.1 | |
| with: | |
| aws-access-key-id: ${{ secrets.PROD_AWS_ACCESS_KEY_ID }} | |
| aws-secret-access-key: ${{ secrets.PROD_AWS_SECRET_ACCESS_KEY }} | |
| aws-region: ${{ env.AWS_REGION }} | |
| - name: Fill in the new image ID in the Amazon ECS task definition | |
| id: task-def | |
| uses: aws-actions/amazon-ecs-render-task-definition@6b89923a897d41e9ad789181d8865b532ecf973c #1.8.3 | |
| with: | |
| task-definition: 'docker/devops/ecs/advisingapp/advisingapp-prod-task-definition.json' | |
| container-name: 'app' | |
| image: ${{ needs.build-web.outputs.image }} | |
| - name: Deploy Amazon ECS task definition | |
| id: task-deploy | |
| uses: aws-actions/amazon-ecs-deploy-task-definition@cbf54ec46642b86ff78c2f5793da6746954cf8ff #2.6.0 | |
| with: | |
| task-definition: ${{ steps.task-def.outputs.task-definition }} | |
| service: 'advisingapp-p-crm-ecs-service' | |
| cluster: 'advisingapp-prod' | |
| wait-for-service-stability: true | |
| - name: Check if deployment was successful | |
| id: check-deployment | |
| run: | | |
| CURRENT_TASK_DEF_ARN=$(aws ecs describe-services --cluster advisingapp-prod --services advisingapp-p-crm-ecs-service --query services[0].deployments[0].taskDefinition | jq -r ".") | |
| NEW_TASK_DEF_ARN=${{ steps.task-deploy.outputs.task-definition-arn }} | |
| echo "Current task arn: $CURRENT_TASK_DEF_ARN" | |
| echo "New task arn: $NEW_TASK_DEF_ARN" | |
| if [ "$CURRENT_TASK_DEF_ARN" != "$NEW_TASK_DEF_ARN" ]; then | |
| echo "Deployment failed." | |
| exit 1 | |
| fi | |
| build-worker: | |
| name: Build Worker Image | |
| runs-on: ubuntu-22.04 | |
| environment: production | |
| outputs: | |
| image: ${{ steps.build-image.outputs.image }} | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 #6.0.1 | |
| with: | |
| submodules: true | |
| ref: ${{ github.head_ref }} | |
| token: ${{ secrets.PAT }} | |
| - name: Configure AWS credentials | |
| uses: aws-actions/configure-aws-credentials@61815dcd50bd041e203e49132bacad1fd04d2708 #5.1.1 | |
| with: | |
| aws-access-key-id: ${{ secrets.PROD_AWS_ACCESS_KEY_ID }} | |
| aws-secret-access-key: ${{ secrets.PROD_AWS_SECRET_ACCESS_KEY }} | |
| aws-region: ${{ env.AWS_REGION }} | |
| - name: Login to Amazon ECR | |
| id: login-ecr | |
| uses: aws-actions/amazon-ecr-login@062b18b96a7aff071d4dc91bc00c4c1a7945b076 #2.0.1 | |
| - name: Build, tag, and push image to Amazon ECR | |
| id: build-image | |
| env: | |
| ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }} | |
| IMAGE_TAG: ${{ github.event.release.tag_name }} | |
| ECR_REPOSITORY: 'advisingapp/worker' | |
| run: | | |
| # Build a docker container and | |
| # push it to ECR so that it can | |
| # be deployed to ECS. | |
| docker build -t $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG --target worker-deploy --platform linux/amd64 --build-arg USER_ID=9999 --build-arg GROUP_ID=9999 . | |
| docker push $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG | |
| echo "image=$ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG" >> $GITHUB_OUTPUT | |
| deploy-worker: | |
| name: Deploy Worker Service | |
| runs-on: ubuntu-22.04 | |
| needs: [build-worker] | |
| environment: production | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 #6.0.1 | |
| with: | |
| submodules: true | |
| ref: ${{ github.head_ref }} | |
| token: ${{ secrets.PAT }} | |
| - name: Configure AWS credentials | |
| uses: aws-actions/configure-aws-credentials@61815dcd50bd041e203e49132bacad1fd04d2708 #5.1.1 | |
| with: | |
| aws-access-key-id: ${{ secrets.PROD_AWS_ACCESS_KEY_ID }} | |
| aws-secret-access-key: ${{ secrets.PROD_AWS_SECRET_ACCESS_KEY }} | |
| aws-region: ${{ env.AWS_REGION }} | |
| - name: Fill in the new image ID in the Amazon ECS task definition | |
| id: task-def | |
| uses: aws-actions/amazon-ecs-render-task-definition@6b89923a897d41e9ad789181d8865b532ecf973c #1.8.3 | |
| with: | |
| task-definition: 'docker/devops/ecs/advisingapp/advisingapp-worker-prod-task-definition.json' | |
| container-name: 'worker' | |
| image: ${{ needs.build-worker.outputs.image }} | |
| - name: Deploy Amazon ECS task definition | |
| id: task-deploy | |
| uses: aws-actions/amazon-ecs-deploy-task-definition@cbf54ec46642b86ff78c2f5793da6746954cf8ff #2.6.0 | |
| with: | |
| task-definition: ${{ steps.task-def.outputs.task-definition }} | |
| service: 'advisingapp-worker-prod-service' | |
| cluster: 'advisingapp-prod' | |
| wait-for-service-stability: true | |
| - name: Check if deployment was successful | |
| id: check-deployment | |
| run: | | |
| CURRENT_TASK_DEF_ARN=$(aws ecs describe-services --cluster advisingapp-prod --services advisingapp-worker-prod-service --query services[0].deployments[0].taskDefinition | jq -r ".") | |
| NEW_TASK_DEF_ARN=${{ steps.task-deploy.outputs.task-definition-arn }} | |
| echo "Current task arn: $CURRENT_TASK_DEF_ARN" | |
| echo "New task arn: $NEW_TASK_DEF_ARN" | |
| if [ "$CURRENT_TASK_DEF_ARN" != "$NEW_TASK_DEF_ARN" ]; then | |
| echo "Deployment failed." | |
| exit 1 | |
| fi | |
| build-scheduler: | |
| name: Build Scheduler Image | |
| runs-on: ubuntu-22.04 | |
| outputs: | |
| image: ${{ steps.build-image.outputs.image }} | |
| environment: production | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 #6.0.1 | |
| with: | |
| submodules: true | |
| ref: ${{ github.head_ref }} | |
| token: ${{ secrets.PAT }} | |
| - name: Configure AWS credentials | |
| uses: aws-actions/configure-aws-credentials@61815dcd50bd041e203e49132bacad1fd04d2708 #5.1.1 | |
| with: | |
| aws-access-key-id: ${{ secrets.PROD_AWS_ACCESS_KEY_ID }} | |
| aws-secret-access-key: ${{ secrets.PROD_AWS_SECRET_ACCESS_KEY }} | |
| aws-region: ${{ env.AWS_REGION }} | |
| - name: Login to Amazon ECR | |
| id: login-ecr | |
| uses: aws-actions/amazon-ecr-login@062b18b96a7aff071d4dc91bc00c4c1a7945b076 #2.0.1 | |
| - name: Build, tag, and push image to Amazon ECR | |
| id: build-image | |
| env: | |
| ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }} | |
| IMAGE_TAG: ${{ github.event.release.tag_name }} | |
| ECR_REPOSITORY: 'advisingapp/scheduler' | |
| run: | | |
| # Build a docker container and | |
| # push it to ECR so that it can | |
| # be deployed to ECS. | |
| docker build -t $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG --target scheduler-deploy --platform linux/amd64 --build-arg USER_ID=9999 --build-arg GROUP_ID=9999 . | |
| docker push $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG | |
| echo "image=$ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG" >> $GITHUB_OUTPUT | |
| deploy-scheduler: | |
| name: Deploy Scheduler Service | |
| runs-on: ubuntu-22.04 | |
| needs: [build-scheduler, deploy-worker] | |
| environment: production | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 #6.0.1 | |
| with: | |
| submodules: true | |
| ref: ${{ github.head_ref }} | |
| token: ${{ secrets.PAT }} | |
| - name: Configure AWS credentials | |
| uses: aws-actions/configure-aws-credentials@61815dcd50bd041e203e49132bacad1fd04d2708 #5.1.1 | |
| with: | |
| aws-access-key-id: ${{ secrets.PROD_AWS_ACCESS_KEY_ID }} | |
| aws-secret-access-key: ${{ secrets.PROD_AWS_SECRET_ACCESS_KEY }} | |
| aws-region: ${{ env.AWS_REGION }} | |
| - name: Fill in the new image ID in the Amazon ECS task definition | |
| id: task-def | |
| uses: aws-actions/amazon-ecs-render-task-definition@6b89923a897d41e9ad789181d8865b532ecf973c #1.8.3 | |
| with: | |
| task-definition: 'docker/devops/ecs/advisingapp/advisingapp-scheduler-prod-task-definition.json' | |
| container-name: 'scheduler' | |
| image: ${{ needs.build-scheduler.outputs.image }} | |
| - name: Deploy Amazon ECS task definition | |
| id: task-deploy | |
| uses: aws-actions/amazon-ecs-deploy-task-definition@cbf54ec46642b86ff78c2f5793da6746954cf8ff #2.6.0 | |
| with: | |
| task-definition: ${{ steps.task-def.outputs.task-definition }} | |
| service: 'advisingapp-scheduler-prod-service' | |
| cluster: 'advisingapp-prod' | |
| wait-for-service-stability: true | |
| - name: Check if deployment was successful | |
| id: check-deployment | |
| run: | | |
| CURRENT_TASK_DEF_ARN=$(aws ecs describe-services --cluster advisingapp-prod --services advisingapp-scheduler-prod-service --query services[0].deployments[0].taskDefinition | jq -r ".") | |
| NEW_TASK_DEF_ARN=${{ steps.task-deploy.outputs.task-definition-arn }} | |
| echo "Current task arn: $CURRENT_TASK_DEF_ARN" | |
| echo "New task arn: $NEW_TASK_DEF_ARN" | |
| if [ "$CURRENT_TASK_DEF_ARN" != "$NEW_TASK_DEF_ARN" ]; then | |
| echo "Deployment failed." | |
| exit 1 | |
| fi | |
| build-release-automation: | |
| name: Build Release Automation Image | |
| runs-on: ubuntu-22.04 | |
| outputs: | |
| image: ${{ steps.build-image.outputs.image }} | |
| environment: production | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 #6.0.1 | |
| with: | |
| submodules: true | |
| ref: ${{ github.head_ref }} | |
| token: ${{ secrets.PAT }} | |
| - name: Configure AWS credentials | |
| uses: aws-actions/configure-aws-credentials@61815dcd50bd041e203e49132bacad1fd04d2708 #5.1.1 | |
| with: | |
| aws-access-key-id: ${{ secrets.PROD_AWS_ACCESS_KEY_ID }} | |
| aws-secret-access-key: ${{ secrets.PROD_AWS_SECRET_ACCESS_KEY }} | |
| aws-region: ${{ env.AWS_REGION }} | |
| - name: Login to Amazon ECR | |
| id: login-ecr | |
| uses: aws-actions/amazon-ecr-login@062b18b96a7aff071d4dc91bc00c4c1a7945b076 #2.0.1 | |
| - name: Build, tag, and push image to Amazon ECR | |
| id: build-image | |
| env: | |
| ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }} | |
| IMAGE_TAG: ${{ github.event.release.tag_name }} | |
| ECR_REPOSITORY: 'advisingapp/release-automation' | |
| run: | | |
| # Build a docker container and | |
| # push it to ECR so that it can | |
| # be deployed to ECS. | |
| docker build -t $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG --target release-automation --platform linux/amd64 --build-arg USER_ID=9999 --build-arg GROUP_ID=9999 . | |
| docker push $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG | |
| echo "image=$ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG" >> $GITHUB_OUTPUT | |
| deploy-release-automation: | |
| name: Deploy and Run Release Automation Service | |
| needs: [deploy-web, deploy-worker, deploy-scheduler, build-release-automation] | |
| runs-on: ubuntu-22.04 | |
| environment: production | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 #6.0.1 | |
| with: | |
| submodules: true | |
| ref: ${{ github.head_ref }} | |
| token: ${{ secrets.PAT }} | |
| - name: Configure AWS credentials | |
| uses: aws-actions/configure-aws-credentials@61815dcd50bd041e203e49132bacad1fd04d2708 #5.1.1 | |
| with: | |
| aws-access-key-id: ${{ secrets.PROD_AWS_ACCESS_KEY_ID }} | |
| aws-secret-access-key: ${{ secrets.PROD_AWS_SECRET_ACCESS_KEY }} | |
| aws-region: ${{ env.AWS_REGION }} | |
| - name: Fill in the new image ID in the Amazon ECS task definition | |
| id: task-def | |
| uses: aws-actions/amazon-ecs-render-task-definition@6b89923a897d41e9ad789181d8865b532ecf973c #1.8.3 | |
| with: | |
| task-definition: 'docker/devops/ecs/advisingapp/advisingapp-release-automation-prod-task-definition.json' | |
| container-name: 'release-automation' | |
| image: ${{ needs.build-release-automation.outputs.image }} | |
| - name: Deploy Amazon ECS task definition | |
| uses: aws-actions/amazon-ecs-deploy-task-definition@cbf54ec46642b86ff78c2f5793da6746954cf8ff #2.6.0 | |
| with: | |
| task-definition: ${{ steps.task-def.outputs.task-definition }} | |
| cluster: 'advisingapp-prod' | |
| desired-count: 1 | |
| run-task: true | |
| run-task-security-groups: ${{ secrets.RELEASE_AUTOMATION_SECURITY_GROUPS }} | |
| run-task-subnets: ${{ secrets.RELEASE_AUTOMATION_SUBNETS }} | |
| run-task-assign-public-IP: 'DISABLED' | |
| run-task-launch-type: 'FARGATE' | |
| wait-for-task-stopped: true |