Skip to content

Commit 4972d53

Browse files
vdevcicinfvdevcicinf
committed
Add Docker build and ECS task definition
1 parent d25dd86 commit 4972d53

File tree

3 files changed

+298
-0
lines changed

3 files changed

+298
-0
lines changed

.aws/ecs/task-definition-app-staging.json

Lines changed: 84 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,84 @@
1+
{
2+
"containerDefinitions": [
3+
{
4+
"name": "js-react-example",
5+
"image": "702192518610.dkr.ecr.eu-west-1.amazonaws.com/js-react-example:latest",
6+
"cpu": 0,
7+
"portMappings": [
8+
{
9+
"containerPort": 3000,
10+
"hostPort": 3000,
11+
"protocol": "tcp"
12+
}
13+
],
14+
"essential": true,
15+
"entryPoint": [],
16+
"command": [],
17+
"stopTimeout": 70,
18+
"environment": [
19+
{
20+
"name": "SITE_URL",
21+
"value": "https://react-example.byinfinum.co"
22+
},
23+
{
24+
"name": "NEXT_PUBLIC_API_ENDPOINT",
25+
"value": "https://cekila.infinum.co/api/v1/"
26+
},
27+
{
28+
"name": "NEXT_PUBLIC_NEXT_APP_ENV",
29+
"value": "staging"
30+
},
31+
{
32+
"name": "NEXT_PUBLIC_BUGSNAG_API_KEY",
33+
"value": "156963fd85bf53f2811f45106f5fcb2d"
34+
}
35+
],
36+
"mountPoints": [],
37+
"volumesFrom": [],
38+
"secrets": [],
39+
"logConfiguration": {
40+
"logDriver": "awslogs",
41+
"options": {
42+
"awslogs-group": "js-react-example-staging-eu-west-1",
43+
"awslogs-region": "eu-west-1",
44+
"awslogs-stream-prefix": "container"
45+
}
46+
}
47+
}
48+
],
49+
"family": "infinum-staging-cluster-js-react-example",
50+
"taskRoleArn": "arn:aws:iam::702192518610:role/infinum-staging-cluster-js-react-example-task-role",
51+
"executionRoleArn": "arn:aws:iam::702192518610:role/js-react-example-staging-task-execution-role",
52+
"networkMode": "awsvpc",
53+
"volumes": [],
54+
"placementConstraints": [],
55+
"requiresCompatibilities": ["FARGATE"],
56+
"cpu": "256",
57+
"memory": "512",
58+
"tags": [
59+
{
60+
"key": "Project",
61+
"value": "js-react-example"
62+
},
63+
{
64+
"key": "Environment",
65+
"value": "staging"
66+
},
67+
{
68+
"key": "terraform",
69+
"value": "false"
70+
},
71+
{
72+
"key": "Client",
73+
"value": "Infinum"
74+
},
75+
{
76+
"key": "Contact",
77+
"value": "[email protected]"
78+
},
79+
{
80+
"key": "Name",
81+
"value": "staging-task-definition-js-react-example"
82+
}
83+
]
84+
}

.github/workflows/build-and-push.yml

Lines changed: 35 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,35 @@
1+
name: Build and push
2+
3+
on:
4+
push:
5+
branches:
6+
- main
7+
paths-ignore:
8+
- '.github/**'
9+
- '**.md'
10+
workflow_dispatch:
11+
inputs:
12+
custom_tag:
13+
description: 'Set custom tag for image'
14+
required: true
15+
type: string
16+
17+
jobs:
18+
build-and-push:
19+
if: ${{ github.event_name == 'push' }}
20+
name: 'Run on push'
21+
uses: infinum/devops-pipelines/.github/workflows/[email protected]
22+
with:
23+
cloud: 'AWS'
24+
environment: 'production'
25+
secrets: inherit
26+
27+
build-and-push-manual:
28+
if: ${{ github.event_name == 'workflow_dispatch' }}
29+
name: 'Run on workflow dispatch'
30+
uses: infinum/devops-pipelines/.github/workflows/[email protected]
31+
with:
32+
cloud: 'AWS'
33+
environment: 'production'
34+
custom_tag: ${{ inputs.custom_tag }}
35+
secrets: inherit

.github/workflows/deploy-staging-ecs.yml

Lines changed: 179 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,179 @@
1+
name: Deploy-staging
2+
3+
on:
4+
workflow_dispatch:
5+
inputs:
6+
custom_tag:
7+
description: 'Set custom tag for image'
8+
required: true
9+
type: string
10+
environment:
11+
type: choice
12+
description: 'The environment to deploy to'
13+
options:
14+
- staging
15+
- production
16+
required: true
17+
default: 'staging'
18+
push:
19+
branches:
20+
- main
21+
paths-ignore:
22+
- '.github/**'
23+
- '**.md'
24+
25+
jobs:
26+
context:
27+
name: Setup context
28+
runs-on: ubuntu-latest
29+
environment: ${{ inputs.environment }}
30+
outputs:
31+
aws_region: ${{ steps.get.outputs.aws_region }}
32+
aws_ecr_uri: ${{ steps.get.outputs.aws_ecr_uri }}
33+
aws_ecr_region: ${{ steps.get.outputs.aws_ecr_region }}
34+
aws_ecr_account_id: ${{ steps.get.outputs.aws_ecr_account_id }}
35+
aws_ecs_cluster: ${{ steps.get.outputs.aws_ecs_cluster }}
36+
steps:
37+
- id: get
38+
run: |
39+
echo "aws_region=${{ vars.AWS_REGION }}" >> "$GITHUB_OUTPUT"
40+
echo "aws_ecr_uri=${{ vars.AWS_ECR_URI }}" >> "$GITHUB_OUTPUT"
41+
echo "aws_ecr_region=${{ vars.AWS_ECR_REGION }}" >> "$GITHUB_OUTPUT"
42+
echo "aws_ecr_account_id=${{ vars.AWS_ECR_ACCOUNT_ID }}" >> "$GITHUB_OUTPUT"
43+
echo "aws_ecs_cluster=${{ vars.AWS_ECS_CLUSTER }}" >> "$GITHUB_OUTPUT"
44+
45+
build-push-image:
46+
if: ${{ github.event_name == 'push' }}
47+
name: Build deploy image and push to registry
48+
uses: infinum/devops-pipelines/.github/workflows/[email protected]
49+
needs: context
50+
with:
51+
environment: ${{ inputs.environment }}
52+
cloud: AWS
53+
tags: ${{ needs.context.outputs.aws_ecr_uri }}:${{ github.sha }}
54+
aws_ecr_region: ${{ needs.context.outputs.aws_ecr_region }}
55+
aws_ecr_account_id: ${{ needs.context.outputs.aws_ecr_account_id }}
56+
target: deploy
57+
secrets: inherit
58+
59+
build-push-image-manual:
60+
if: ${{ github.event_name == 'workflow_dispatch' }}
61+
name: Run on workflow dispatch
62+
uses: infinum/devops-pipelines/.github/workflows/[email protected]
63+
needs: context
64+
with:
65+
environment: ${{ inputs.environment }}
66+
cloud: AWS
67+
tags: ${{ needs.context.outputs.aws_ecr_uri }}:${{ inputs.custom_tag }}
68+
aws_ecr_region: ${{ needs.context.outputs.aws_ecr_region }}
69+
aws_ecr_account_id: ${{ needs.context.outputs.aws_ecr_account_id }}
70+
secrets: inherit
71+
72+
run-migrations:
73+
name: Run Prisma db migrations
74+
runs-on: ubuntu-latest
75+
needs: [context, build-push-image]
76+
environment: ${{ inputs.environment }}
77+
steps:
78+
- name: Checkout code
79+
uses: actions/checkout@v2
80+
- name: Set up Node
81+
uses: actions/setup-node@v2
82+
with:
83+
node-version: '20'
84+
- name: Install dependencies
85+
run: npm ci
86+
- name: Open SSH tunnel
87+
env:
88+
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
89+
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
90+
AWS_REGION: ${{ needs.context.outputs.aws_region }}
91+
run: |
92+
aws ssm start-session \
93+
--target i-0cb09814d228ec31d \
94+
--document-name AWS-StartPortForwardingSessionToRemoteHost \
95+
--parameters host="${{ secrets.JUMPHOST_HOST }}",portNumber="5432",localPortNumber="5432" &
96+
sleep 10
97+
- name: Run migrations
98+
env:
99+
DATABASE_URL: ${{ secrets.DATABASE_URL }}
100+
run: npx prisma migrate deploy
101+
102+
run-migrations-manual:
103+
name: Run Prisma db migrations
104+
runs-on: ubuntu-latest
105+
needs: [context, build-push-image-manual]
106+
environment: ${{ inputs.environment }}
107+
steps:
108+
- name: Checkout code
109+
uses: actions/checkout@v2
110+
- name: Set up Node
111+
uses: actions/setup-node@v2
112+
with:
113+
node-version: '20'
114+
- name: Install dependencies
115+
run: npm ci
116+
- name: Open SSH tunnel
117+
env:
118+
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
119+
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
120+
AWS_REGION: ${{ needs.context.outputs.aws_region }}
121+
run: |
122+
aws ssm start-session \
123+
--target ${{ vars.JUMPHOST_ID }} \
124+
--document-name AWS-StartPortForwardingSessionToRemoteHost \
125+
--parameters host="${{ secrets.JUMPHOST_HOST }}",portNumber="${{ vars.JUMPHOST_PORT }}",localPortNumber="${{ vars.SERVER_PORT }}" &
126+
- name: Run migrations
127+
env:
128+
DATABASE_URL: ${{ secrets.DATABASE_URL }}
129+
run: npx prisma migrate deploy
130+
131+
deploy-image:
132+
if: ${{ github.event_name == 'push' }}
133+
name: Deploy backend
134+
uses: infinum/devops-pipelines/.github/workflows/[email protected]
135+
needs: [context, build-push-image, run-migrations]
136+
with:
137+
image_uri: ${{ needs.context.outputs.aws_ecr_uri }}:${{ github.sha }}
138+
environment: ${{ inputs.environment }}
139+
aws_region: ${{ needs.context.outputs.aws_region }}
140+
ecs_cluster: ${{ needs.context.outputs.aws_ecs_cluster }}
141+
ecs_service: js-revisor
142+
task_def_path: .aws/ecs/task-definition-app-staging.json
143+
container_name: js-revisor
144+
secrets: inherit
145+
146+
deploy-image-manual:
147+
if: ${{ github.event_name == 'workflow_dispatch' }}
148+
name: Deploy backend
149+
uses: infinum/devops-pipelines/.github/workflows/[email protected]
150+
needs: [context, build-push-image-manual, run-migrations-manual]
151+
with:
152+
image_uri: ${{ needs.context.outputs.aws_ecr_uri }}:${{ inputs.custom_tag }}
153+
environment: ${{ inputs.environment }}
154+
aws_region: ${{ needs.context.outputs.aws_region }}
155+
ecs_cluster: ${{ needs.context.outputs.aws_ecs_cluster }}
156+
ecs_service: js-revisor
157+
task_def_path: .aws/ecs/task-definition-app-staging.json
158+
container_name: js-revisor
159+
secrets: inherit
160+
161+
notify-deployment-automatic:
162+
name: Send Slack notification
163+
uses: infinum/devops-pipelines/.github/workflows/[email protected]
164+
needs:
165+
[
166+
context,
167+
build-push-image,
168+
build-push-image-manual,
169+
run-migrations,
170+
run-migrations-manual,
171+
deploy-image,
172+
deploy-image-manual,
173+
]
174+
with:
175+
channel: project-js-revisor-notifications
176+
outcome: ${{ needs.build-push-image.result == 'success' || needs.build-push-image-manual.result == 'success'}}
177+
color: ${{ needs.build-push-image.result == 'success' || needs.build-push-image-manual.result == 'success' }}
178+
title: "[Staging] deploy js-revisor: ${{ needs.build-push-image.result == 'success' || needs.build-push-image-manual.result == 'success'}}"
179+
secrets: inherit

0 commit comments

Comments
 (0)