Skip to content

added github env for export aws_profile #31

added github env for export aws_profile

added github env for export aws_profile #31

Workflow file for this run

name: Catalog Deployment
on:
push:
branches:
- CF-test-ci/cd
jobs:
deploy:
runs-on: self-hosted
#runs-on: ubuntu-latest
steps:
- name: Checkout Code
uses: actions/checkout@v3
# - name: Install Docker
# run: |
# sudo apt-get update
# sudo apt-get install -y docker.io
# sudo systemctl start docker
# sudo systemctl enable docker
# - name: Install Docker
# run: |
# # Add Docker's official GPG key:
# sudo apt-get update
# sudo apt-get install ca-certificates curl
# sudo install -m 0755 -d /etc/apt/keyrings
# sudo curl -fsSL https://download.docker.com/linux/ubuntu/gpg -o /etc/apt/keyrings/docker.asc
# sudo chmod a+r /etc/apt/keyrings/docker.asc # Add the repository to Apt sources:
# echo \
# "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/ubuntu \
# $(. /etc/os-release && echo "$VERSION_CODENAME") stable" | \
# sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
# sudo apt-get update
# sudo apt-get install -y docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin
# - name: Install AWS CLI
# run: |
# sudo apt-get install -y unzip
# curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip"
# unzip awscliv2.zip
# sudo ./aws/install --update
# rm -rf awscliv2.zip aws/
# added and remove sudo
# - name: Set up OpenJDK 8
# uses: actions/setup-java@v3
# with:
# java-version: '8'
# distribution: 'temurin'
# cache: maven
# - name: Install Maven
# run: |
# sudo apt update
# sudo apt install -y maven
# - name: Verify Java and Maven Versions
# run: |
# java -version
# mvn -version
# - name: Configure AWS CLI Profile (tf_user)
# run: |
# aws configure set aws_access_key_id ${{ secrets.AWS_ACCOUNT_ACCESS_KEY_ID }} --profile tf_user
# aws configure set aws_secret_access_key ${{ secrets.AWS_ACCOUNT_SECRET_ACCESS_KEY }} --profile tf_user
# aws configure set region us-east-2 --profile tf_user
# - name: Configure AWS CLI Profile (feeds)
# run: |
# aws configure set aws_access_key_id ${{ secrets.AWS_ACCOUNT_ACCESS_KEY_ID }} --profile feeds
# aws configure set aws_secret_access_key ${{ secrets.AWS_ACCOUNT_SECRET_ACCESS_KEY }} --profile feeds
# aws configure set region us-east-2 --profile feeds
# aws configure set role_arn arn:aws:iam::868719706466:role/CloudfeedsEnvTrustRole --profile feeds
# aws configure set source_profile tf_user --profile feeds
# - name: Set default AWS profile to tf_user
# run: |
# export AWS_PROFILE=tf_user
- name: Log in to Amazon ECR
run: |
aws ecr get-login-password --region us-east-2 --profile tf_user | docker login --username AWS --password-stdin 583275065488.dkr.ecr.us-east-2.amazonaws.com
# ADDED aws credentials so that during docker build the s3 objacet can be accessed
- name: Build Docker image with unique tag
run: |
export IMAGE_TAG=$(date +%Y%m%d%H%M%S)
echo "IMAGE_TAG=$IMAGE_TAG" >> $GITHUB_ENV
export NEW_IMAGE_URI="583275065488.dkr.ecr.us-east-2.amazonaws.com/catalog:$IMAGE_TAG"
echo "NEW_IMAGE_URI=$NEW_IMAGE_URI" >> $GITHUB_ENV
docker build --build-arg TOKEN=${{ secrets.TOKEN }} -f docker/Dockerfile -t test-catalog:$IMAGE_TAG .
docker tag test-catalog:$IMAGE_TAG $NEW_IMAGE_URI
- name: Push Docker image to Amazon ECR
run: |
docker push $NEW_IMAGE_URI
- name: Set environment variables and profile feeds
run: |
echo "AWS_PROFILE=feeds" >> $GITHUB_ENV
echo "CLUSTER_NAME=abdu7511-test-cloudfeeds-ecs-cluster" >> $GITHUB_ENV
echo "SERVICE_NAME=test-abdu7511-catalog" >> $GITHUB_ENV
echo "TASK_DEFINITION_NAME=test-abdu7511-catalog" >> $GITHUB_ENV
echo "IMAGE_TAG=$(date +%Y%m%d%H%M%S)" >> $GITHUB_ENV
echo "NEW_IMAGE_URI=583275065488.dkr.ecr.us-east-2.amazonaws.com/catalog:${IMAGE_TAG}" >> $GITHUB_ENV
- name: Update ECS task definition with new image
run: |
aws ecs describe-task-definition --task-definition $TASK_DEFINITION_NAME --query 'taskDefinition | {containerDefinitions: containerDefinitions, family: family, taskRoleArn: taskRoleArn, executionRoleArn: executionRoleArn, networkMode: networkMode, volumes: volumes, placementConstraints: placementConstraints, requiresCompatibilities: requiresCompatibilities, cpu: cpu, memory: memory}' --output json > task-def-template.json
sed -i.bak '/"name": "abdu7511-catalog"/,/}/s|\"image\": \".*\"|\"image\": \"$NEW_IMAGE_URI\"|' task-def-template.json
NEW_TASK_DEF_ARN=$(aws ecs register-task-definition --cli-input-json file://task-def-template.json --query 'taskDefinition.taskDefinitionArn' --output text)
echo "task_definition_arn=$NEW_TASK_DEF_ARN" >> $GITHUB_ENV
rm task-def-template.json task-def-template.json.bak
# - name: Update ECS task definition with new image
# run: |
# aws ecs describe-task-definition --task-definition $TASK_DEFINITION_NAME --query 'taskDefinition' --output json > task-def-template.json
# aws ecs describe-task-definition --task-definition $TASK_DEFINITION_NAME --query 'taskDefinition | {containerDefinitions: containerDefinitions, family: family, taskRoleArn: taskRoleArn, executionRoleArn: executionRoleArn, networkMode: networkMode, volumes: volumes, placementConstraints: placementConstraints, requiresCompatibilities: requiresCompatibilities, cpu: cpu, memory: memory}' --output json > task-def-template.json
# sed -i.bak '/"name": "abdu7511-catalog"/,/}/s|\"image\": \".*\"|\"image\": \"$NEW_IMAGE_URI\"|' task-def-template.json
# NEW_TASK_DEF_ARN=$(aws ecs register-task-definition --cli-input-json file://task-def-template.json --query 'taskDefinition.taskDefinitionArn' --output text)
# echo "task_definition_arn=$NEW_TASK_DEF_ARN" >> $GITHUB_ENV
# rm task-def-template.json task-def-template.json.bak
- name: Deploy updated task definition to ECS
run: |
aws ecs update-service --cluster $CLUSTER_NAME --service $SERVICE_NAME --task-definition "$NEW_TASK_DEF_ARN" --region us-east-2