Skip to content

fix: Update AWS configure action version to v4 #107

fix: Update AWS configure action version to v4

fix: Update AWS configure action version to v4 #107

Workflow file for this run

name: CI/CD
on:
workflow_dispatch:
push:
branches: [main]
permissions:
id-token: write
contents: read
jobs:
build-and-push:
name: Build and Push to ECR
runs-on: ubuntu-latest
env:
ECR_REPOSITORY: rumble
IMAGE_TAG: ${{ github.run_id }}.${{ github.run_number }}.${{ github.run_attempt }}
steps:
- name: Checkout
uses: actions/checkout@v3
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: ${{ secrets.AWS_ROLE_ARN }}
role-duration-seconds: 600
aws-region: ${{ secrets.AWS_REGION }}
- name: Login to Amazon ECR
id: login-ecr
uses: aws-actions/amazon-ecr-login@v2
- name: Build, Tag, and Push the Image to Amazon ECR
id: build-image
env:
ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }}
POSTGRES_DB: ${{ secrets.POSTGRES_DB }}
POSTGRES_PASSWORD: ${{ secrets.POSTGRES_PASSWORD }}
POSTGRES_USER: ${{ secrets.POSTGRES_USER }}
POSTGRES_HOST: ${{ secrets.POSTGRES_HOST }}
MAP_API_KEY: ${{ secrets.GOOGLE_MAP_API_KEY }}
DJANGO_SECRET_KEY: ${{ secrets.DJANGO_SECRET_KEY }}
run: |
docker compose build
docker push $ECR_REGISTRY/$ECR_REPOSITORY:app-$IMAGE_TAG
docker push $ECR_REGISTRY/$ECR_REPOSITORY:nginx-$IMAGE_TAG
- name: Set Docker Pull Image Environment Variable
run: echo "DOCKER_PULL_IMAGE=${{ steps.login-ecr.outputs.registry }}/${ECR_REPOSITORY}:${IMAGE_TAG}" >> $GITHUB_ENV
- name: Set Docker Export Environment Variable
run: |
echo "ECR_REPOSITORY=${ECR_REPOSITORY}" >> $GITHUB_ENV
echo "IMAGE_TAG=${IMAGE_TAG}" >> $GITHUB_ENV
- name: Push artifact to server instance
uses: easingthemes/ssh-deploy@main
env:
SSH_PRIVATE_KEY: ${{ secrets.EC2_SSH_KEY }}
REMOTE_HOST: ${{ secrets.HOST_DNS }}
REMOTE_USER: ${{ secrets.USERNAME }}
TARGET: ${{ secrets.TARGET_DIR }}
SOURCE: "docker-compose.yaml"
SCRIPT_BEFORE: |
mkdir -p ${{ secrets.TARGET_DIR }}
SCRIPT_AFTER: |
aws ecr get-login-password --region "${{ secrets.AWS_REGION }}" | docker login --username AWS --password-stdin "${{ steps.login-ecr.outputs.registry }}"
cd "${{ secrets.TARGET_DIR }}"
echo 'POSTGRES_HOST="${{ secrets.POSTGRES_HOST }}"' > .env
echo 'POSTGRES_USER="${{ secrets.POSTGRES_USER }}"' >> .env
echo 'POSTGRES_PASSWORD="${{ secrets.POSTGRES_PASSWORD }}"' >> .env
echo 'POSTGRES_DB="${{ secrets.POSTGRES_DB }}"' >> .env
echo 'POSTGRES_PORT="${{ secrets.POSTGRES_PORT }}"' >> .env
echo 'DJANGO_SECRET_KEY="${{ secrets.DJANGO_SECRET_KEY }}"' >> .env
echo 'GOOGLE_MAP_API_KEY="${{ secrets.GOOGLE_MAP_API_KEY }}"' >> .env
echo 'DJANGO_ALLOWED_HOSTS="${{ secrets.DJANGO_ALLOWED_HOSTS }}"' >> .env
echo 'DJANGO_CSRF_TRUSTED_ORIGINS="${{ secrets.DJANGO_CSRF_TRUSTED_ORIGINS }}"' >> .env
echo 'SERVER_NAME="${{ vars.SERVER_NAME }}"' >> .env
echo 'CERTBOT_EMAIL="${{ secrets.CERTBOT_EMAIL }}"' >> .env
echo 'ECR_REGISTRY="${{ steps.login-ecr.outputs.registry }}"' >> .env
echo 'ECR_REPOSITORY="${{ env.ECR_REPOSITORY }}"' >> .env
echo 'IMAGE_TAG="${{ env.IMAGE_TAG }}"' >> .env
docker compose pull
docker compose down
docker compose up -d
rm -f local_ssh_script-before-*.sh
docker system prune -af