generated from bcgov/MoH-Project-Template
-
Notifications
You must be signed in to change notification settings - Fork 0
171 lines (150 loc) · 5.05 KB
/
aws-deploy.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
name: AWS Deploy
on:
workflow_dispatch:
inputs:
environment:
description: 'Environment to deploy to'
type: environment
required: true
frontend:
description: 'Deploy frontend'
type: boolean
required: true
backend:
description: 'Deploy backend'
type: boolean
required: true
terraform:
description: 'Process terraform templates'
type: boolean
required: true
version:
description: 'Version Number'
required: false
# push:
# branches:
# - main
# pull_request:
concurrency: ${{ github.event.inputs.environment }}
env:
DOCKER_TAGS: ${{ secrets.DOCKER_TAGS }}
IMAGE_ID: ${{ secrets.AWS_ECR_URI }}
IMAGE_NAME: phlat
TFC_WORKSPACE: ${{ github.event.inputs.environment }}
TF_VERSION: 1.3.7
TG_SRC_PATH: Terraform
TG_VERSION: 0.44.5
VITE_TITLE: ${{ vars.VITE_TITLE }}
VITE_FRONTEND_BASEPATH: ${{ vars.VITE_FRONTEND_BASEPATH }}
VITE_BACKEND_API_URL: ${{ vars.VITE_BACKEND_API_URL }}
VITE_KEYCLOAK_PROVIDER_AUTH_URL: ${{ vars.VITE_KEYCLOAK_PROVIDER_AUTH_URL }}
VITE_KEYCLOAK_CLIENT_ID: ${{ vars.VITE_KEYCLOAK_CLIENT_ID }}
VITE_KEYCLOAK_REALM_NAME: ${{ vars.VITE_KEYCLOAK_REALM_NAME }}
permissions:
id-token: write # This is required for requesting the JWT
contents: read # This is required for actions/checkout
jobs:
build_deploy_backend:
name: Build and deploy backend
if: inputs.backend == true
environment: ${{ github.event.inputs.environment }}
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v3
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v2
with:
role-to-assume: ${{ secrets.TERRAFORM_DEPLOY_ROLE_ARN }}
aws-region: ca-central-1
- name: Amazon ECR Login
uses: aws-actions/amazon-ecr-login@v1
with:
mask-password: 'true'
- name: Cache
uses: actions/cache@v3
with:
path: /tmp/.buildx-cache
key: ${{ runner.os }}-buildx-${{ github.sha }}
restore-keys: |
${{ runner.os }}-buildx-
- name: Docker Setup Buildx
uses: docker/setup-buildx-action@v2
- name: Build and push Docker images
uses: docker/build-push-action@v4
with:
builder: ${{ steps.buildx.outputs.name }}
cache-from: type=local,src=/tmp/.buildx-cache
cache-to: type=local,dest=/tmp/.buildx-cache
context: backend/app
file: backend/app/docker/Dockerfile
push: true
tags: ${{ env.DOCKER_TAGS }}
terraform_apply:
name: Terraform Apply
if: inputs.terraform == true
environment: ${{ github.event.inputs.environment }}
runs-on: ubuntu-latest
needs: build_deploy_backend
steps:
- name: Set TF_VAR_TIMESTAMP
run: echo "TF_VAR_TIMESTAMP=$(date --rfc-3339=seconds)" >> $GITHUB_ENV
- name: Checkout
uses: actions/checkout@v3
with:
ref: ${{ github.event.workflow_run.head_branch }}
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v2
with:
role-to-assume: ${{ secrets.TERRAFORM_DEPLOY_ROLE_ARN }}
aws-region: ca-central-1
- name: HashiCorp - Setup Terraform
uses: hashicorp/setup-terraform@v2
with:
terraform_version: ${{ env.TF_VERSION }}
- name: Terragrunt installer
uses: autero1/[email protected]
with:
terragrunt_version: ${{ env.TG_VERSION }}
- name: Terragrunt Apply
working-directory: ${{ env.TG_SRC_PATH }}/${{ env.TFC_WORKSPACE }}
env:
app_image: ${{ env.IMAGE_ID }}:${{ github.sha }}
LICENSE_PLATE: ${{ secrets.MY_LICENSE_PLATE }}
run: |
terragrunt run-all apply --terragrunt-non-interactive
build_deploy_frontend:
name: Build and deploy frontend
if: inputs.frontend == true
environment: ${{ github.event.inputs.environment }}
runs-on: ubuntu-latest
#needs: terraform_apply
steps:
- name: Checkout
uses: actions/checkout@v3
with:
ref: ${{ github.event.workflow_run.head_branch }}
- name: Use Node.js 16
uses: actions/setup-node@v3
with:
node-version: 16
# - name: Copy env file to phlat frontend app
# run: |
# cd frontend/app
# cp .config/.env.aws.${{ github.event.inputs.environment }} app/.env
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v2
with:
role-to-assume: ${{ secrets.TERRAFORM_DEPLOY_ROLE_ARN }}
aws-region: ca-central-1
- name: Build project phlat frontend app
run: |
cd frontend/app
npm install
npm run build
- name: Upload to S3 bucket phlat frontend app
run: |
cd frontend/app/dist
aws s3 sync . s3://phlat-${{ github.event.inputs.environment }}/app --delete
env:
AWS_REGION: ca-central-1