Skip to content

Post release2.1.3 actions #3427

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 2 commits into from
Apr 17, 2025
Merged

Post release2.1.3 actions #3427

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
fa023df
Streamline github workflows for deployment
TheOneFromNorway Apr 15, 2025
c959f94
Post release of v2.1.3 remove old service
TheOneFromNorway Apr 10, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
123 changes: 29 additions & 94 deletions .github/workflows/deploy-application.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -16,10 +16,6 @@ on:
- preview
- training
- production
image_tag:
description: Docker image tag
required: false
type: string
server_types:
description: Server types to deploy
required: true
Expand All @@ -34,9 +30,6 @@ on:
environment:
required: true
type: string
image_tag:
required: false
type: string
server_types:
required: true
type: string
Expand All @@ -48,60 +41,11 @@ env:
aws-role: ${{ inputs.environment == 'production'
&& 'arn:aws:iam::820242920762:role/GithubDeployMavisAndInfrastructure'
|| 'arn:aws:iam::393416225559:role/GithubDeployMavisAndInfrastructure' }}
terraform-working-directory: terraform/app

jobs:
plan-changes:
name: Plan task definition changes
runs-on: ubuntu-latest
permissions:
id-token: write
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: ${{ env.aws-role }}
aws-region: eu-west-2
- name: Login to ECR
id: login-ecr
uses: aws-actions/amazon-ecr-login@v2
- name: pull docker image
run: |
DOCKER_IMAGE="${{ steps.login-ecr.outputs.registry }}/mavis/webapp:${{ inputs.image_tag || github.sha }}"
docker pull "$DOCKER_IMAGE"
echo "DOCKER_IMAGE=$DOCKER_IMAGE" >> $GITHUB_ENV
- name: Extract image digest
run: |
DOCKER_DIGEST=$(docker inspect --format='{{index .RepoDigests 0}}' "$DOCKER_IMAGE")
DIGEST="${DOCKER_DIGEST#*@}"
echo "DIGEST=$DIGEST" >> $GITHUB_ENV
- name: Install terraform
uses: hashicorp/setup-terraform@v3
with:
terraform_version: 1.10.5
- name: Update the task definition
id: plan
working-directory: ${{ env.terraform-working-directory }}
run: |
terraform init -backend-config="env/${{ inputs.environment }}-backend.hcl" -upgrade
terraform plan -var-file="env/${{ inputs.environment }}.tfvars" \
-var="image_digest=$DIGEST" -out=${{ runner.temp }}/tfplan | tee ${{ runner.temp }}/tf_stdout
- name: Validate the changes
run: |
./terraform/scripts/check_task_definition.sh ${{ runner.temp }}/tf_stdout
- name: Upload artifact
uses: actions/upload-artifact@v4
with:
name: tfplan_app-${{ inputs.environment }}
path: ${{ runner.temp }}/tfplan

apply-changes:
name: Apply task definition changes
prepare-deployment:
name: Prepare deployment
runs-on: ubuntu-latest
needs: plan-changes
environment: ${{ inputs.environment }}
permissions:
id-token: write
steps:
Expand All @@ -112,26 +56,25 @@ jobs:
with:
role-to-assume: ${{ env.aws-role }}
aws-region: eu-west-2
- name: Download artifact
uses: actions/download-artifact@v4
with:
name: tfplan_app-${{ inputs.environment }}
path: ${{ runner.temp }}
- name: Install terraform
uses: hashicorp/setup-terraform@v3
with:
terraform_version: 1.10.5
- name: Apply the changes
working-directory: ${{ env.terraform-working-directory }}
- name: Get terraform output
id: terraform-output
working-directory: terraform/app
run: |
terraform init -backend-config="env/${{ inputs.environment }}-backend.hcl" -upgrade
terraform apply ${{ runner.temp }}/tfplan
echo "s3_bucket=$(terraform output -raw s3_bucket)" >> ${{ runner.temp }}/DEPLOYMENT_ENVS
echo "s3_key=$(terraform output -raw s3_key)" >> ${{ runner.temp }}/DEPLOYMENT_ENVS
echo "application=$(terraform output -raw codedeploy_application_name)" >> ${{ runner.temp }}/DEPLOYMENT_ENVS
echo "application_group=$(terraform output -raw codedeploy_deployment_group_name)" >> ${{ runner.temp }}/DEPLOYMENT_ENVS
echo "ecs_variables=$(terraform output -json ecs_variables | sed 's/\"/\\"/g')" >> ${{ runner.temp }}/DEPLOYMENT_ENVS
- name: Upload artifact
terraform init -backend-config=env/${{ inputs.environment }}-backend.hcl -reconfigure
terraform output -json | jq -r '
"s3_bucket=" + .s3_bucket.value,
"s3_key=" + .s3_key.value,
"application=" + .codedeploy_application_name.value,
"application_group=" + .codedeploy_deployment_group_name.value,
"cluster_name=" + .ecs_variables.value.cluster_name,
"good_job_service=" + .ecs_variables.value.good_job.service_name,
"good_job_task_definition=" + .ecs_variables.value.good_job.task_definition.arn
' > ${{ runner.temp }}/DEPLOYMENT_ENVS
- name: Upload Artifact
uses: actions/upload-artifact@v4
with:
name: DEPLOYMENT_ENVS-${{ inputs.environment }}
Expand All @@ -140,7 +83,7 @@ jobs:
create-web-deployment:
name: Create web deployment
runs-on: ubuntu-latest
needs: apply-changes
needs: prepare-deployment
if: inputs.server_types == 'web' || inputs.server_types == 'all'
environment: ${{ inputs.environment }}
permissions:
Expand All @@ -150,41 +93,39 @@ jobs:
uses: actions/download-artifact@v4
with:
name: DEPLOYMENT_ENVS-${{ inputs.environment }}
path: ${{ runner.temp }}/artifact
path: ${{ runner.temp }}
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: ${{ env.aws-role }}
aws-region: eu-west-2
- name: Install AWS CLI
run: sudo snap install --classic aws-cli
- name: Trigger CodeDeploy deployment
run: |
source ${{ runner.temp }}/artifact/DEPLOYMENT_ENVS
source ${{ runner.temp }}/DEPLOYMENT_ENVS
deployment_id=$(aws deploy create-deployment \
--application-name "$application" --deployment-group-name "$application_group" \
--s3-location bucket="$s3_bucket",key="$s3_key",bundleType=yaml | jq -r .deploymentId)
echo "Deployment started: $deployment_id"
echo "deployment_id=$deployment_id" >> $GITHUB_ENV
- name: Wait up to 30 minutes for deployment to complete
run: |
aws deploy wait deployment-successful --deployment-id $deployment_id
aws deploy wait deployment-successful --deployment-id "$deployment_id"
echo "Deployment successful"

create-good-job-deployment:
name: Create good-job deployment
runs-on: ubuntu-latest
needs: apply-changes
if: inputs.server_types == 'good-job' || inputs.server_types == 'all'
needs: prepare-deployment
if: inputs.server_types == 'good-job' || inputs.server_types == 'all'
environment: ${{ inputs.environment }}
permissions:
id-token: write
steps:
- name: Download artifact
- name: Download Artifact
uses: actions/download-artifact@v4
with:
name: DEPLOYMENT_ENVS-${{ inputs.environment }}
path: ${{ runner.temp }}/artifact
path: ${{ runner.temp }}
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v4
with:
Expand All @@ -194,26 +135,20 @@ jobs:
run: sudo snap install --classic aws-cli
- name: Trigger ECS Deployment
run: |
source ${{ runner.temp }}/artifact/DEPLOYMENT_ENVS
echo "$ecs_variables"
cluster_name=$(echo "$ecs_variables" | jq -r '.cluster_name')
service_name=$(echo "$ecs_variables" | jq -r '.good_job.service_name')
task_definition=$(echo "$ecs_variables" | jq -r '.good_job.task_definition.arn')
DEPLOYMENT_ID=$(aws ecs update-service --cluster $cluster_name --service $service_name \
--task-definition $task_definition --force-new-deployment \
source ${{ runner.temp }}/DEPLOYMENT_ENVS
DEPLOYMENT_ID=$(aws ecs update-service --cluster $cluster_name --service $good_job_service \
--task-definition $good_job_task_definition --force-new-deployment \
--query 'service.deployments[?rolloutState==`IN_PROGRESS`].[id][0]' --output text)
echo "Deployment started: $DEPLOYMENT_ID"
echo "deployment_id=$DEPLOYMENT_ID" >> $GITHUB_ENV
- name: Wait for deployment to complete
run: |
source ${{ runner.temp }}/artifact/DEPLOYMENT_ENVS
cluster_name=$(echo "$ecs_variables" | jq -r '.cluster_name')
service_name=$(echo "$ecs_variables" | jq -r '.good_job.service_name')
source ${{ runner.temp }}/DEPLOYMENT_ENVS
DEPLOYMENT_STATE=IN_PROGRESS
while [ "$DEPLOYMENT_STATE" == "IN_PROGRESS" ]; do
echo "Waiting for deployment to complete..."
sleep 30
DEPLOYMENT_STATE="$(aws ecs describe-services --cluster $cluster_name --services $service_name \
DEPLOYMENT_STATE="$(aws ecs describe-services --cluster $cluster_name --services $good_job_service \
--query "services[0].deployments[?id == \`$deployment_id\`].[rolloutState][0]" --output text)"
done
if [ "$DEPLOYMENT_STATE" != "COMPLETED" ]; then
Expand Down
39 changes: 24 additions & 15 deletions .github/workflows/deploy-infrastructure.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -16,8 +16,8 @@ on:
- preview
- training
- production
docker_sha:
description: "Docker image sha to deploy. This is used only if no existing task definition is found"
image_tag:
description: Docker image tag to deploy
required: false
type: string
workflow_call:
Expand All @@ -26,6 +26,9 @@ on:
description: Deployment environment
required: true
type: string
image_tag:
required: false
type: string

concurrency:
group: deploy-infrastructure-${{ inputs.environment }}
Expand Down Expand Up @@ -53,30 +56,36 @@ jobs:
with:
role-to-assume: ${{ env.aws_role }}
aws-region: eu-west-2
- name: Set image tag
run: |
IMAGE_TAG="${{ inputs.image_tag || github.sha }}"
echo "IMAGE_TAG=$IMAGE_TAG" >> $GITHUB_ENV
- name: Login to ECR
id: login-ecr
uses: aws-actions/amazon-ecr-login@v2
- name: Pull Docker image
run: |
DOCKER_IMAGE="${{ steps.login-ecr.outputs.registry }}/mavis/webapp:${IMAGE_TAG}"
docker pull "$DOCKER_IMAGE"
echo "DOCKER_IMAGE=$DOCKER_IMAGE" >> $GITHUB_ENV
- name: Extract image digest
run: |
DOCKER_DIGEST=$(docker inspect --format='{{index .RepoDigests 0}}' "$DOCKER_IMAGE")
DIGEST="${DOCKER_DIGEST#*@}"
echo "DIGEST=$DIGEST" >> $GITHUB_ENV
- name: Install terraform
uses: hashicorp/setup-terraform@v3
with:
terraform_version: 1.10.5
- name: Install AWS Cli
- name: Install AWS CLI
run: sudo snap install --classic aws-cli
- name: Check if any deployments are running
run: ../scripts/check-for-running-deployments.sh ${{ inputs.environment }}
- name: Get image digest
run: |
DIGEST="${{ inputs.docker_sha }}"
if terraform state list | grep -q 'aws_ecs_task_definition.task_definition'; then
DIGEST=$(terraform state show aws_ecs_task_definition.task_definition | grep -oP '(?<=mavis/webapp@)sha256:[0-9a-z]{64}')
echo "Existing task definition found, using image digest from the state: $DIGEST"
elif [ -z "$DIGEST" ]; then
echo "Aborting infrastructure deployment: Missing existing task definition or image digest input parameter"
else
echo "No existing task definition found: Using image digest from the input parameter: $DIGEST"
fi
echo "DIGEST=$DIGEST" >> $GITHUB_ENV
- name: Terraform Plan
id: plan
run: |
set -e
terraform init -backend-config="env/${{ inputs.environment }}-backend.hcl" -upgrade
terraform plan -var="image_digest=$DIGEST" -var-file="env/${{ inputs.environment }}.tfvars" \
-out ${{ runner.temp }}/tfplan | tee ${{ runner.temp }}/tf_stdout
- name: Validate the changes
Expand Down
1 change: 0 additions & 1 deletion .github/workflows/deploy.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -50,5 +50,4 @@ jobs:
uses: ./.github/workflows/deploy-application.yml
with:
environment: ${{ inputs.environment }}
image_tag: ${{ github.sha }}
server_types: ${{ inputs.server_types }}
Loading
Loading