From 24fe72d922b12f65bbcc794f5f3f34b76616a02d Mon Sep 17 00:00:00 2001 From: Joonas Lehtimaki Date: Mon, 15 Apr 2024 12:47:16 +0300 Subject: [PATCH] feat(ci): use GHCR instead of ECR --- .github/workflows/build_push.yml | 90 +++++++++----------------------- 1 file changed, 24 insertions(+), 66 deletions(-) diff --git a/.github/workflows/build_push.yml b/.github/workflows/build_push.yml index 89086d905..a2e9571a5 100644 --- a/.github/workflows/build_push.yml +++ b/.github/workflows/build_push.yml @@ -5,7 +5,7 @@ on: workflow_dispatch: inputs: service_name: - description: 'Service' + description: "Service" required: true type: choice options: @@ -18,82 +18,40 @@ on: service_name: required: true type: string - secrets: - PAT: - required: true - -env: - AWS_REGION: eu-west-1 - EKS_CLUSTER_NAME: ${{ vars.CLUSTER_NAME }} jobs: build-and-push: + name: Build and Push ${{inputs.service_name }} runs-on: ubuntu-latest permissions: id-token: write contents: read + packages: write steps: - uses: actions/checkout@v4 - - uses: aws-actions/configure-aws-credentials@v4 + - name: Log in to the Container registry + uses: docker/login-action@v3 with: - role-to-assume: ${{ vars.AWS_ROLE }} - aws-region: ${{ env.AWS_REGION }} - - uses: aws-actions/amazon-ecr-login@v2 - id: login-ecr - - name: Set tags - id: vars - run: | - echo "SHORT_SHA=$(git rev-parse --short HEAD)" >> $GITHUB_ENV - echo "COMMIT_SHA=$(git rev-parse HEAD)" >> $GITHUB_ENV - echo "VERSION=$(git describe --tags --always --match "v*" | sed 's/^v//')" >> $GITHUB_ENV - echo "BUILD_DATE=$(git show -s --format=%ci ${{ env.COMMIT_SHA }})" >> $GITHUB_ENV - echo "ECR_REPO=${{ vars.ECR_REGISTRY }}.dkr.ecr.eu-west-1.amazonaws.com/wardenprotocol/production" >> $GITHUB_ENV - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v3 - - name: Build and Push - id: image - uses: docker/build-push-action@v4 + registry: ${{ vars.REGISTRY }} + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + - name: Extract metadata (tags, labels) for Docker + id: meta + uses: docker/metadata-action@v4 + with: + images: ${{ vars.REGISTRY }}/${{ inputs.service_name }} + tags: | + type=semver,pattern={{raw}} + type=sha,format=short,prefix= + - name: Build and push Docker image + uses: docker/build-push-action@v5 with: context: . + push: true target: ${{ inputs.service_name }} + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} build-args: | - SERVICE=${{ inputs.service_name }} - COMMIT=${{ env.COMMIT_SHA }} - VERSION=${{ env.VERSION }} - BUILD_DATE=${{ env.BUILD_DATE }} - push: true - tags: | - ${{ env.ECR_REPO }}/${{ inputs.service_name }}:${{ env.SHORT_SHA }} - cache-from: type=gha - cache-to: type=gha,mode=max - - name: 'Clone Helm repository' - uses: actions/checkout@v3 - with: - repository: ${{ vars.HELM_REPOSITORY }} - ref: 'main' - token: ${{ secrets.PAT }} - - name: Update kube config - run: aws eks update-kubeconfig --name $EKS_CLUSTER_NAME --region $AWS_REGION - - uses: azure/setup-helm@v3 - with: - version: 'v3.12.0' - - name: Deploy to EKS - run: | - helm upgrade \ - -i ${{ inputs.service_name }} \ - -n devnet \ - --set fullnameOverride=${{ inputs.service_name }} \ - --set image.repository=${{ env.ECR_REPO }} \ - --set image.name=${{ inputs.service_name }} \ - --set image.tag=${{ env.SHORT_SHA }} \ - ./charts/${{ inputs.service_name }}/ - - name: send telegram message on push - uses: appleboy/telegram-action@master - with: - to: ${{ secrets.TELEGRAM_TO }} - token: ${{ secrets.TELEGRAM_TOKEN }} - message: | - ✅ Deployed to devnet - Service: ${{ inputs.service_name }} - Commit: ${{ env.SHORT_SHA }} - See changes: https://github.com/${{ github.repository }}/commit/${{env.COMMIT_SHA}} + SERVICE=${{ inputs.service_name }} + COMMIT=${{ steps.meta.sha }} + VERSION=${{ steps.meta.semver }}