Merge pull request #46 from cds-snc/demolition-destruction-annihilati… #163
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Build and push to AWS ECR on schedule | |
on: | |
push: | |
branches: | |
- main | |
schedule: | |
- cron: "0 12 * * 3" | |
workflow_dispatch: | |
env: | |
DOCKER_ORG: public.ecr.aws/cds-snc | |
DOCKER_SLUG: public.ecr.aws/cds-snc/notify-ipv4-geolocate-webservice | |
KUBECTL_VERSION: '1.25.4' | |
WORKFLOW_PAT: ${{ secrets.WORKFLOW_GITHUB_PAT }} | |
permissions: | |
id-token: write | |
contents: read | |
jobs: | |
deploy: | |
if: ${{ github.ref == 'refs/heads/main' }} | |
runs-on: ubuntu-latest | |
name: Build and push | |
steps: | |
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 | |
- name: Set RELEASE_TAG environment variable | |
run: echo "RELEASE_TAG=$(date '+%Y-%m-%d')" >> $GITHUB_ENV | |
- name: Install AWS CLI | |
run: | | |
curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip" | |
unzip -q awscliv2.zip | |
sudo ./aws/install --update | |
aws --version | |
- name: Configure credentials to CDS public ECR using OIDC | |
uses: aws-actions/configure-aws-credentials@010d0da01d0b5a38af31e9c3470dbfdabdecca3a # v4.0.1 | |
with: | |
role-to-assume: arn:aws:iam::283582579564:role/ipv4-geolocate-webservice-apply | |
role-session-name: Ipv4GeolocateWebserviceGitHubActions | |
aws-region: "us-east-1" | |
- name: Login to ECR | |
id: login-ecr | |
uses: aws-actions/amazon-ecr-login@062b18b96a7aff071d4dc91bc00c4c1a7945b076 # v2.0.1 | |
with: | |
registry-type: public | |
- name: Build | |
run: | | |
docker build --build-arg LICENSE_KEY=${{ secrets.LICENSE_KEY }} -t $DOCKER_SLUG:$RELEASE_TAG -t $DOCKER_SLUG:latest . | |
- name: Publish | |
run: | | |
docker push $DOCKER_SLUG:latest && docker push $DOCKER_SLUG:`date '+%Y-%m-%d'` | |
# DEV won't be supported for the time being until we have a working CI/CD in that env. | |
# - name: Restart ipv4 deployment in dev environment | |
# run: | | |
# ./scripts/callManifestsRollout.sh ${GITHUB_SHA::7} | |
- name: Restart ipv4 deployment in staging environment | |
run: | | |
./scripts/callManifestsRollout.sh $RELEASE_TAG | |
# TODO: To be fixed, broken at the moment. | |
# - name: Restart ipv4 deployment in production environment | |
# run: | | |
# ./scripts/callManifestsRollout.sh ${GITHUB_SHA::7} |