session-management #31
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Web API Deploy Pipeline | |
| on: | |
| push: | |
| paths: | |
| - '.github/workflows/**' | |
| - 'cicd-section/**' | |
| workflow_dispatch: | |
| env: | |
| AWS_REGION: ap-northeast-1 | |
| ECS_CLUSTER: cluster-test1 | |
| ECS_SERVICE: test-actions-deploy | |
| ECS_TASK_DEFINITION_API: cicd-section/.aws/task-def-api.json | |
| ECR_REPOSITORY: actions-deploy | |
| permissions: | |
| id-token: write | |
| contents: read | |
| jobs: | |
| # Test/Build | |
| test-and-build: | |
| runs-on: ubuntu-latest | |
| defaults: | |
| # GitHub Actions のランナー内のディレクトリ構成は、actions/checkout アクションを使用してリポジトリの内容をダウンロードした後、 | |
| # GitHub リポジトリのディレクトリ構成を反映しています。 | |
| # 'actions/checkout@v4'の機能でリポジトリのディレクトリ構造がそのままランナーに再現されます。 | |
| run: | |
| working-directory: cicd-section/api #GHAのランナーの中のディレクトリを指定 | |
| steps: | |
| - name: Checkout Code | |
| uses: actions/checkout@v4 | |
| # https://github.com/aws-actions/configure-aws-credentials | |
| - name: Configure AWS Credentials OIDC | |
| uses: aws-actions/configure-aws-credentials@v4 | |
| with: | |
| aws-region: ${{ env.AWS_REGION }} | |
| role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }} | |
| # https://github.com/aws-actions/amazon-ecr-login | |
| - name: Login to Amazon ECR | |
| id: login-ecr | |
| uses: aws-actions/amazon-ecr-login@v2 | |
| - name: Push the image to Amazon ECR | |
| env: | |
| ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }} # 'Login to Amazon ECR'の結果の中の'repository'の値を参照する | |
| # docker image tag temp_api_image:latest アカウントID.dkr.ecr.ap-northeast-1.amazonaws.com/my-app-api:sha | |
| run: | | |
| docker image build -t temp_api_image:latest . | |
| docker image tag temp_api_image:latest $ECR_REGISTRY/$ECR_REPOSITORY:${{ github.sha }} | |
| docker image push $ECR_REGISTRY/$ECR_REPOSITORY:${{ github.sha }} | |
| echo $ECR_REGISTRY/$ECR_REPOSITORY:${{ github.sha }} > api-image-uri.txt | |
| # https://github.com/actions/upload-artifact | |
| - name: upload the Artifact | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: api-image-uri | |
| path: cicd-section/api/api-image-uri.txt | |
| # Deploy | |
| deploy: | |
| runs-on: ubuntu-latest | |
| needs: [test-and-build] | |
| steps: | |
| - name: checkout | |
| uses: actions/checkout@v4 | |
| - name: Configure AWS Credentials OIDC | |
| uses: aws-actions/configure-aws-credentials@v4 | |
| with: | |
| aws-region: ${{ env.AWS_REGION }} | |
| role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }} | |
| # https://github.com/actions/download-artifact | |
| - name: Download the Artifact | |
| uses: actions/download-artifact@v4 # uploadと同じバージョン(v4),nameを指定しないとエラーになるので注意。 | |
| with: | |
| name: api-image-uri | |
| path: download/artifacts #ランナーの中でダウンロード先のディレクトリが動的に作成される。 | |
| - name: Define the image URI | |
| run: | | |
| echo "API_IMAGE_URI=$(cat download/artifacts/api-image-uri.txt)" >> $GITHUB_ENV | |
| # https://github.com/aws-actions/amazon-ecs-render-task-definition | |
| - name: Fill in the new image URI in the amazon ECS task definition | |
| id: render-task-def | |
| uses: aws-actions/amazon-ecs-render-task-definition@v1 | |
| with: | |
| task-definition: ${{ env.ECS_TASK_DEFINITION_API }} | |
| container-name: api | |
| image: ${{ env.API_IMAGE_URI }} | |
| # https://github.com/aws-actions/amazon-ecs-deploy-task-definition | |
| - name: Deploy ECS task | |
| uses: aws-actions/amazon-ecs-deploy-task-definition@v1 | |
| with: | |
| task-definition: ${{ steps.render-task-def.outputs.task-definition }} | |
| service: ${{ env.ECS_SERVICE }} | |
| cluster: ${{ env.ECS_CLUSTER }} | |
| wait-for-serivce-stability: true # ECSタスクが安定的に起動状態になるまでワークフローを待機する。 |