Skip to content

AWS Deploy

AWS Deploy #168

Workflow file for this run

name: AWS Deploy
on:
workflow_dispatch:
inputs:
environment:
description: 'Environment to deploy to'
type: environment
required: true
migrations:
description: 'Run database migrations'
type: boolean
required: true
frontends:
description: 'Deploy frontends'
type: boolean
required: true
version:
description: 'Version Number'
required: false
# push:
# branches:
# - main
# pull_request:
concurrency: ${{ github.event.inputs.environment }}
env:
DOCKER_TAGS: ${{ secrets.AWS_ECR_URI }}:${{ vars.DOCKER_TAGS }}
IMAGE_ID: ${{ secrets.AWS_ECR_URI }}
IMAGE_NAME: bcer-api
TFC_WORKSPACE: ${{ github.event.inputs.environment }}
TF_VERSION: 1.3.7
TG_SRC_PATH: Terraform
TG_VERSION: 0.44.5
permissions:
id-token: write # This is required for requesting the JWT
contents: read # This is required for actions/checkout
jobs:
docker_push:
name: Docker Push
environment: ${{ github.event.inputs.environment }}
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v3
with:
ref: ${{ github.event.workflow_run.head_branch }}
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v2
with:
role-to-assume: ${{ secrets.TERRAFORM_DEPLOY_ROLE_ARN }}
aws-region: ca-central-1
- name: Amazon ECR Login
uses: aws-actions/amazon-ecr-login@v1
with:
mask-password: 'true'
- name: Cache
uses: actions/cache@v3
with:
path: /tmp/.buildx-cache
key: ${{ runner.os }}-buildx-${{ github.sha }}
restore-keys: |
${{ runner.os }}-buildx-
- name: Docker Setup Buildx
uses: docker/setup-buildx-action@v2
- name: Build and push Docker images (run migrations)
if: inputs.migrations == true
uses: docker/build-push-action@v4
with:
builder: ${{ steps.buildx.outputs.name }}
cache-from: type=local,src=/tmp/.buildx-cache
cache-to: type=local,dest=/tmp/.buildx-cache
context: packages/bcer-api/app
file: packages/bcer-api/app/Dockerfile.aws.migrations
push: true
tags: ${{ env.DOCKER_TAGS }}
- name: Build and push Docker images
if: inputs.migrations == false
uses: docker/build-push-action@v4
with:
builder: ${{ steps.buildx.outputs.name }}
cache-from: type=local,src=/tmp/.buildx-cache
cache-to: type=local,dest=/tmp/.buildx-cache
context: packages/bcer-api/app
file: packages/bcer-api/app/Dockerfile.aws
push: true
tags: ${{ env.DOCKER_TAGS }}
terraform_apply:
name: Terraform Apply
environment: ${{ github.event.inputs.environment }}
runs-on: ubuntu-latest
needs: docker_push
steps:
- name: Set TF_VAR_TIMESTAMP
run: echo "TF_VAR_TIMESTAMP=$(date --rfc-3339=seconds)" >> $GITHUB_ENV
- name: Checkout
uses: actions/checkout@v3
with:
ref: ${{ github.event.workflow_run.head_branch }}
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v2
with:
role-to-assume: ${{ secrets.TERRAFORM_DEPLOY_ROLE_ARN }}
aws-region: ca-central-1
- name: HashiCorp - Setup Terraform
uses: hashicorp/setup-terraform@v2
with:
terraform_version: ${{ env.TF_VERSION }}
- name: Terragrunt installer
uses: autero1/action-terragrunt@v1.3.2
with:
terragrunt_version: ${{ env.TG_VERSION }}
- name: Terragrunt Apply
working-directory: ${{ env.TG_SRC_PATH }}/${{ env.TFC_WORKSPACE }}
env:
app_image: ${{ env.IMAGE_ID }}:${{ github.sha }}
LICENSE_PLATE: ${{ secrets.MY_LICENSE_PLATE }}
run: |
terragrunt run-all apply --terragrunt-non-interactive
build_jobs:
name: Build Jobs
if: inputs.frontends == true
environment: ${{ github.event.inputs.environment }}
runs-on: ubuntu-latest
needs: terraform_apply
steps:
- name: Checkout
uses: actions/checkout@v3
with:
ref: ${{ github.event.workflow_run.head_branch }}
- name: Use Node.js 22
uses: actions/setup-node@v3
with:
node-version: 22
- name: Build project shared components
run: |
cd packages/bcer-shared-components
npm install
npm run build
- name: Copy env file to retailer app
run: |
cd packages/bcer-retailer-app
cp .config/.env.aws.${{ github.event.inputs.environment }} app/.env
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v2
with:
role-to-assume: ${{ secrets.TERRAFORM_DEPLOY_ROLE_ARN }}
aws-region: ca-central-1
- name: Build project retailer app
run: |
cd packages/bcer-retailer-app/app
npm install
npm run build
- name: Upload to S3 bucket retail app
run: |
cd packages/bcer-retailer-app/app/build
aws s3 sync . s3://bcer-${{ github.event.inputs.environment }}/retailer --delete
env:
AWS_REGION: ca-central-1
- name: Copy env file to bcer-data-portal
run: |
cd packages/bcer-data-portal
cp .config/.env.aws.${{ github.event.inputs.environment }} app/.env
- name: Build project data portal frontend
run: |
cd packages/bcer-data-portal/app
npm install
npm run build
- name: Upload to S3 bucket data portal
run: |
cd packages/bcer-data-portal/app/build
aws s3 sync . s3://bcer-${{ github.event.inputs.environment }}/portal --delete
env:
AWS_REGION: ca-central-1
# ----------------------------Commenting out while trying to get rollback working-------------------------------
# bump_version:
# runs-on: ubuntu-latest
# permissions: write-all
# steps:
# - uses: actions/checkout@v3
# with:
# fetch-depth: '0'
# - name: Bump version and push tag
# uses: anothrNick/github-tag-action@1.59.0 # Don't use @master unless you're happy to test the latest version
# env:
# DEFAULT_BUMP: major
# DEFAULT_BRANCH: main
# GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
# RELEASE_BRANCHES : main
# WITH_V: true