Skip to content

AWS Deploy

AWS Deploy #119

Workflow file for this run

name: AWS Deploy
on:
workflow_dispatch:
inputs:
environment:
description: 'Environment to deploy to'
type: environment
required: true
version:
description: 'Version Number'
required: false
# push:
# branches:
# - main
# pull_request:
concurrency: ${{ github.event.inputs.environment }}
env:
IMAGE_ID: ${{ secrets.AWS_ECR_URI }}
IMAGE_NAME: gis
TFC_WORKSPACE: ${{ github.event.inputs.environment }}
TF_VERSION: 1.3.7
TG_SRC_PATH: Terraform
TG_VERSION: 0.44.5
permissions:
id-token: write # This is required for requesting the JWT
contents: read # This is required for actions/checkout
jobs:
docker_push:
name: Docker Push
environment: ${{ github.event.inputs.environment }}
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v3
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v2
with:
role-to-assume: ${{ secrets.TERRAFORM_DEPLOY_ROLE_ARN }}
aws-region: ca-central-1
- name: Amazon ECR Login
uses: aws-actions/amazon-ecr-login@v1
with:
mask-password: 'true'
- name: Cache
uses: actions/cache@v3
with:
path: /tmp/.buildx-cache
key: ${{ runner.os }}-buildx-${{ github.sha }}
restore-keys: |
${{ runner.os }}-buildx-
- name: Docker Setup Buildx
uses: docker/setup-buildx-action@v2
- name: Build and push Docker images
uses: docker/build-push-action@v4
with:
builder: ${{ steps.buildx.outputs.name }}
cache-from: type=local,src=/tmp/.buildx-cache
cache-to: type=local,dest=/tmp/.buildx-cache
file: gis/Dockerfile
push: true
tags: ${{ env.IMAGE_ID }}:latest
build-args: |
ID_RSA=${{ secrets.ID_RSA_BASE64 }}
KNOWN_HOSTS=${{ secrets.KNOWN_HOSTS_BASE64 }}
terraform_apply:
name: Terraform Apply
environment: ${{ github.event.inputs.environment }}
runs-on: ubuntu-latest
needs: docker_push
steps:
- name: Set TF_VAR_TIMESTAMP
run: echo "TF_VAR_TIMESTAMP=$(date --rfc-3339=seconds)" >> $GITHUB_ENV
- name: Checkout
uses: actions/checkout@v3
with:
ref: ${{ github.event.workflow_run.head_branch }}
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v2
with:
role-to-assume: ${{ secrets.TERRAFORM_DEPLOY_ROLE_ARN }}
aws-region: ca-central-1
- name: HashiCorp - Setup Terraform
uses: hashicorp/setup-terraform@v2
with:
terraform_version: ${{ env.TF_VERSION }}
- name: Terragrunt installer
uses: autero1/action-terragrunt@v1.3.2
with:
terragrunt_version: ${{ env.TG_VERSION }}
- name: Terragrunt Apply
working-directory: ${{ env.TG_SRC_PATH }}/${{ env.TFC_WORKSPACE }}
env:
app_image: ${{ env.IMAGE_ID }}:${{ github.sha }}
LICENSE_PLATE: ${{ secrets.MY_LICENSE_PLATE }}
run: |
terragrunt run-all apply --terragrunt-non-interactive