Skip to content

CI/CD

CI/CD #80

Workflow file for this run

name: CI/CD
on:
workflow_dispatch:
push:
branches: [main]
jobs:
build-and-push:
name: Build and Push to ECR
runs-on: ubuntu-latest
env:
ECR_REPOSITORY: rumble
IMAGE_TAG: ${{ github.run_id }}.${{ github.run_number }}.${{ github.run_attempt }}
steps:
- name: Checkout
uses: actions/checkout@v3
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v1
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: ${{ secrets.AWS_REGION }}
- name: Login to Amazon ECR
id: login-ecr
uses: aws-actions/amazon-ecr-login@v2
- name: Build, Tag, and Push the Image to Amazon ECR
id: build-image
env:
ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }}
POSTGRES_DB: ${{ secrets.POSTGRES_DB }}
POSTGRES_PASSWORD: ${{ secrets.POSTGRES_PASSWORD }}
POSTGRES_USER: ${{ secrets.POSTGRES_USER }}
POSTGRES_HOST: ${{ secrets.POSTGRES_HOST }}
MAP_API_KEY: ${{ secrets.GOOGLE_MAP_API_KEY }}
DJANGO_SECRET_KEY: ${{ secrets.DJANGO_SECRET_KEY }}
run: |
docker compose build
docker push $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG
- name: Set Docker Pull Image Environment Variable
run: echo "DOCKER_PULL_IMAGE=${{ steps.login-ecr.outputs.registry }}/${ECR_REPOSITORY}:${IMAGE_TAG}" >> $GITHUB_ENV
- name: Set Docker Export Environment Variable
run: |
echo "ECR_REPOSITORY=${ECR_REPOSITORY}" >> $GITHUB_ENV
echo "IMAGE_TAG=${IMAGE_TAG}" >> $GITHUB_ENV
- name: Push artifact to server instance
uses: easingthemes/ssh-deploy@main
env:
SSH_PRIVATE_KEY: ${{ secrets.EC2_SSH_KEY }}
REMOTE_HOST: ${{ secrets.HOST_DNS }}
REMOTE_USER: ${{ secrets.USERNAME }}
TARGET: ${{ secrets.TARGET_DIR }}
SCRIPT_BEFORE: mkdir -p ${{ secrets.TARGET_DIR }}
SCRIPT_AFTER: |
aws ecr get-login-password --region "${{ secrets.AWS_REGION }}" | docker login --username AWS --password-stdin "${{ steps.login-ecr.outputs.registry }}"
echo 'export POSTGRES_HOST="${{ secrets.POSTGRES_HOST }}"' > export-env
echo 'export POSTGRES_USER="${{ secrets.POSTGRES_USER }}"' >> export-env
echo 'export POSTGRES_PASSWORD="${{ secrets.POSTGRES_PASSWORD }}"' >> export-env
echo 'export POSTGRES_DB="${{ secrets.POSTGRES_DB }}"' >> export-env
echo 'export POSTGRES_PORT="${{ secrets.POSTGRES_PORT }}"' >> export-env
echo 'export DJANGO_SECRET_KEY="${{ secrets.DJANGO_SECRET_KEY }}"' >> export-env
echo 'export GOOGLE_MAP_API_KEY="${{ secrets.GOOGLE_MAP_API_KEY }}"' >> export-env
echo 'export DJANGO_ALLOWED_HOSTS="${{ secrets.DJANGO_ALLOWED_HOSTS }}"' >> export-env
echo 'export DJANGO_CSRF_TRUSTED_ORIGINS="${{ secrets.DJANGO_CSRF_TRUSTED_ORIGINS }}"' >> export-env
echo 'export SERVER_NAME="${{ vars.SERVER_NAME }}"' >> export-env
echo 'export CERTBOT_EMAIL="${{ secrets.CERTBOT_EMAIL }}"' >> export-env
echo 'export IS_SSL_ACQUIRED="${{ vars.IS_SSL_ACQUIRED }}"' >> export-env
echo 'export ECR_REGISTRY="${{ steps.login-ecr.outputs.registry }}"' > export-ecr
echo 'export ECR_REPOSITORY="${{ env.ECR_REPOSITORY }}"' >> export-ecr
echo 'export IMAGE_TAG="${{ env.IMAGE_TAG }}"' >> export-ecr
source ~/.bash_profile
docker stop rumble
docker rm rumble
cd "${{ secrets.TARGET_DIR }}" && docker compose up -d
docker system prune -a