Push environment images to GHCR (#152)

cal-itp · Oct 27, 2021 · 7aac00f · 7aac00f
2 parents 8ab4589 + 7c1ee27
commit 7aac00f
Show file tree

Hide file tree

Showing 5 changed files with 59 additions and 8 deletions.
diff --git a/.github/workflows/ecs-deploy-dev.yml → .github/workflows/deploy-dev.yml b/.github/workflows/ecs-deploy-dev.yml → .github/workflows/deploy-dev.yml
@@ -7,7 +7,7 @@ on:
       - dev
     paths:
       - '.aws/**'
-      - '.github/workflows/ecs-deploy-*.yml'
+      - '.github/workflows/deploy-*.yml'
       - 'benefits/**'
       - 'bin/**'
       - Dockerfile
@@ -58,6 +58,13 @@ jobs:
           username: ${{ secrets.AWS_ACCESS_KEY_ID }}
           password: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
 
+      - name: Docker Login to GitHub Container Registry
+        uses: docker/login-action@v1
+        with:
+          registry: ghcr.io
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
       - name: Set up Docker Buildx
         id: buildx
         uses: docker/setup-buildx-action@v1
@@ -73,6 +80,16 @@ jobs:
           push: true
           tags: ${{ steps.define-image-paths.outputs.client }}
 
+      - name: Build, tag, and push image to GitHub Container Registry
+        uses: docker/build-push-action@v2
+        with:
+          builder: ${{ steps.buildx.outputs.name }}
+          cache-from: type=gha,scope=cal-itp
+          cache-to: type=gha,scope=cal-itp,mode=max
+          context: .
+          push: true
+          tags: ghcr.io/${{github.repository}}:dev
+
       - name: Add environment-specific config to ECS task
         env:
           AWS_ACCOUNT: ${{ secrets.AWS_ACCOUNT }}

diff --git a/.github/workflows/ecs-deploy-prod.yml → .github/workflows/deploy-prod.yml b/.github/workflows/ecs-deploy-prod.yml → .github/workflows/deploy-prod.yml
@@ -49,6 +49,13 @@ jobs:
           username: ${{ secrets.AWS_ACCESS_KEY_ID }}
           password: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
 
+      - name: Docker Login to GitHub Container Registry
+        uses: docker/login-action@v1
+        with:
+          registry: ghcr.io
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
       - name: Set up Docker Buildx
         id: buildx
         uses: docker/setup-buildx-action@v1
@@ -64,6 +71,16 @@ jobs:
           push: true
           tags: ${{ steps.define-image-paths.outputs.client }}
 
+      - name: Build, tag, and push image to GitHub Container Registry
+        uses: docker/build-push-action@v2
+        with:
+          builder: ${{ steps.buildx.outputs.name }}
+          cache-from: type=gha,scope=cal-itp
+          cache-to: type=gha,scope=cal-itp,mode=max
+          context: .
+          push: true
+          tags: ghcr.io/${{github.repository}}:prod
+
       - name: Add environment-specific config to ECS task
         env:
           AWS_ACCOUNT: ${{ secrets.AWS_ACCOUNT }}

diff --git a/.github/workflows/ecs-deploy-test.yml → .github/workflows/deploy-test.yml b/.github/workflows/ecs-deploy-test.yml → .github/workflows/deploy-test.yml
@@ -49,6 +49,13 @@ jobs:
           username: ${{ secrets.AWS_ACCESS_KEY_ID }}
           password: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
 
+      - name: Docker Login to GitHub Container Registry
+        uses: docker/login-action@v1
+        with:
+          registry: ghcr.io
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
       - name: Set up Docker Buildx
         id: buildx
         uses: docker/setup-buildx-action@v1
@@ -64,6 +71,16 @@ jobs:
           push: true
           tags: ${{ steps.define-image-paths.outputs.client }}
 
+      - name: Build, tag, and push image to GitHub Container Registry
+        uses: docker/build-push-action@v2
+        with:
+          builder: ${{ steps.buildx.outputs.name }}
+          cache-from: type=gha,scope=cal-itp
+          cache-to: type=gha,scope=cal-itp,mode=max
+          context: .
+          push: true
+          tags: ghcr.io/${{github.repository}}:test
+
       - name: Add environment-specific config to ECS task
         env:
           AWS_ACCOUNT: ${{ secrets.AWS_ACCOUNT }}

diff --git a/.github/workflows/labeler-deploy-dev.yml b/.github/workflows/labeler-deploy-dev.yml
@@ -6,7 +6,7 @@ on:
     types: [opened]
     paths:
       - '.aws/**'
-      - '.github/workflows/ecs-deploy-*.yml'
+      - '.github/workflows/deploy-*.yml'
       - 'benefits/**'
       - 'bin/**'
       - Dockerfile

diff --git a/docs/deployment/workflows.md b/docs/deployment/workflows.md
@@ -2,9 +2,9 @@
 
 There are three different GitHub Actions deployment workflows, one for each environment:
 
-* [`.github/workflows/ecs-deploy-dev.yml`][deploy-dev]
-* [`.github/workflows/ecs-deploy-test.yml`][deploy-test]
-* [`.github/workflows/ecs-deploy-prod.yml`][deploy-prod]
+* [`.github/workflows/deploy-dev.yml`][deploy-dev]
+* [`.github/workflows/deploy-test.yml`][deploy-test]
+* [`.github/workflows/deploy-prod.yml`][deploy-prod]
 
 !!! info
 
@@ -91,9 +91,9 @@ If in the future GitHub allows for templated workflows or branch-matrix support,
 single file.
 
 
-[deploy-dev]: https://github.com/cal-itp/benefits/blob/dev/.github/workflows/ecs-deploy-dev.yml
-[deploy-test]: https://github.com/cal-itp/benefits/blob/dev/.github/workflows/ecs-deploy-test.yml
-[deploy-prod]: https://github.com/cal-itp/benefits/blob/dev/.github/workflows/ecs-deploy-prod.yml
+[deploy-dev]: https://github.com/cal-itp/benefits/blob/dev/.github/workflows/deploy-dev.yml
+[deploy-test]: https://github.com/cal-itp/benefits/blob/dev/.github/workflows/deploy-test.yml
+[deploy-prod]: https://github.com/cal-itp/benefits/blob/dev/.github/workflows/deploy-prod.yml
 [dockerfile]: https://github.com/cal-itp/benefits/blob/dev/Dockerfile
 [ecr]: https://aws.amazon.com/ecr/
 [ecs-task-template]: https://github.com/cal-itp/benefits/blob/dev/.aws/ecs-task.json