-
Notifications
You must be signed in to change notification settings - Fork 0
157 lines (143 loc) · 5.18 KB
/
sync-and-deploy.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
name: Sync Infra and Deploy to EKS
on:
push:
branches:
- main
- dev
env:
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
AWS_REGION: ${{ secrets.AWS_BASE_REGION }}
TFSTATE_BUCKET: ${{ secrets.TFSTATE_BUCKET }}
TFSTATE_KEY: ${{ secrets.TFSTATE_KEY }}
GRAFANA_ADMIN_PASSWORD: ${{ secrets.GRAFANA_ADMIN_PASSWORD }}
ECR_REPOSITORY: ${{ secrets.ECR_REPOSITORY }}
EKS_CLUSTER_NAME: ${{ secrets.EKS_CLUSTER_NAME }}
CLOUDFLARE_ZONE_ID: ${{ secrets.CLOUDFLARE_ZONE_ID }}
CLOUDFLARE_TOKEN: ${{ secrets.CLOUDFLARE_TOKEN }}
jobs:
terraform-apply:
name: Sync Terraform
runs-on: ubuntu-latest
outputs:
message: ${{ steps.prepare-slack.outputs.status }}
defaults:
run:
working-directory: ./terraform
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Determine Deployment Stage
id: determine_stage
run: |
if [[ "${{ github.ref_name }}" == "main" ]]; then
echo "stage=prod" >> $GITHUB_ENV
else
echo "stage=dev" >> $GITHUB_ENV
fi
- name: Terraform Apply
id: terraform-apply
uses: ./.github/actions/terraform-apply
with:
aws-access-key-id: ${{ env.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ env.AWS_SECRET_ACCESS_KEY }}
aws-region: ${{ env.AWS_REGION }}
tfstate-bucket: ${{ env.TFSTATE_BUCKET }}
tfstate-key: ${{ env.TFSTATE_KEY }}
stage: ${{ env.stage }}
GRAFANA_ADMIN_PASSWORD: ${{ env.GRAFANA_ADMIN_PASSWORD }}
CLOUDFLARE_ZONE_ID: ${{ env.CLOUDFLARE_ZONE_ID }}
CLOUDFLARE_TOKEN: ${{ env.CLOUDFLARE_TOKEN }}
- name: Prepare Slack Notification
if: always()
id: prepare-slack
run: |
if [ "${{ steps.terraform-apply.outcome }}" == "success" ]; then
echo "status=Deployment successful!" >> $GITHUB_OUTPUT
else
echo "status=Deployment failed!" >> $GITHUB_OUTPUT
exit 1
fi
deploy:
needs: terraform-apply
name: Deploy API
runs-on: ubuntu-latest
outputs:
message: ${{ steps.verify-deployment.outputs.status }}
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Determine Deployment Stage
id: determine_stage
run: |
if [[ "${{ github.ref_name }}" == "main" ]]; then
echo "stage=prod" >> $GITHUB_ENV
else
echo "stage=dev" >> $GITHUB_ENV
fi
- name: Check for Changes
id: find_changes
run: |
if [ -z "$(git diff --name-only ${{ github.event.before }} ${{ github.sha }} -- app)" ]; then
echo "::set-output name=deploy::false"
else
echo "::set-output name=deploy::true"
fi
- name: Build, tag, and push image to Amazon ECR
id: build-push-image
uses: ./.github/actions/build-push-image
with:
aws-access-key-id: ${{ env.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ env.AWS_SECRET_ACCESS_KEY }}
aws-region: ${{ env.AWS_REGION }}
ecr-repository: ${{ env.ECR_REPOSITORY }}
dockerfile: ./Dockerfile
stage: ${{ env.stage }}
buildable: ${{ steps.find_changes.outputs.deploy }}
- name: Update Kubeconfig
run: |
if [ "${{ steps.find_changes.outputs.deploy }}" != "false" ]; then
aws eks update-kubeconfig --name ${{ env.EKS_CLUSTER_NAME }} --region ${{ env.AWS_REGION }}
fi
- name: Deploy to EKS
working-directory: ./k8s
env:
IMAGE: ${{ steps.build-push-image.outputs.image }}
STAGE: ${{ env.stage }}
run: |
if [ "${{ steps.find_changes.outputs.deploy }}" != "false" ]; then
sed -i "s|{{IMAGE}}|${IMAGE}|g" ${STAGE}/deployment.yaml
kubectl apply -f ${STAGE}
fi
- name: Verify Deployment
id: verify-deployment
env:
STAGE: ${{ env.stage }}
shell: bash
run: |
if [ "${{ steps.find_changes.outputs.deploy }}" != "false" ]; then
kubectl rollout status deployment/app -n ${STAGE} --timeout=5m
if [ $? -eq 0 ]; then
echo "status=Deployment successful!" >> $GITHUB_OUTPUT
else
echo "status=Deployment failed!" >> $GITHUB_OUTPUT
exit 1
fi
else
echo "status=No changes to deploy" >> $GITHUB_OUTPUT
fi
notify-slack:
needs:
- deploy
- terraform-apply
if: always()
runs-on: ubuntu-latest
steps:
- uses: rtCamp/action-slack-notify@v2
env:
SLACK_CHANNEL: "#deployments"
SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }}
SLACK_USERNAME: "Deployer on Cloudflare"
SLACK_MESSAGE: ${{ needs.deploy.outputs.message && needs.deploy.outputs.message || needs.terraform-apply.outputs.message }}
SLACK_COLOR: ${{ contains(needs.deploy.outputs.message, 'successful') && 'good' || 'danger' }}
SLACK_ICON: "https://avatars.githubusercontent.com/u/44036562?s=200&v=4"