Radbuegel Aachen staging deployment #32
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: "Radbuegel Aachen staging deployment" | |
on: | |
workflow_run: | |
branches: ["develop"] | |
workflows: ["CI"] | |
types: [completed] | |
jobs: | |
build_and_deploy_to_lightsail_container_service: | |
if: ${{ github.event.workflow_run.conclusion == 'success' }} | |
runs-on: ubuntu-latest | |
environment: "radbuegel-aachen-staging" | |
env: | |
ACTIVATION_FRONTEND_URL: ${{ secrets.ACTIVATION_FRONTEND_URL }} | |
ACTIVATION_URL: ${{ secrets.ACTIVATION_URL }} | |
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
AWS_S3_REGION_NAME: eu-central-1 | |
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
AWS_STORAGE_BUCKET_NAME: ${{ secrets.AWS_STORAGE_BUCKET_NAME }} | |
DATABASE_HOST: ${{ secrets.DATABASE_HOST }} | |
DATABASE_NAME: ${{ secrets.DATABASE_NAME }} | |
DATABASE_PASSWORD: ${{ secrets.DATABASE_PASSWORD }} | |
DATABASE_USER: ${{ secrets.DATABASE_USER }} | |
DATA_UPLOAD_MAX_NUMBER_FIELDS: ${{ secrets.DATA_UPLOAD_MAX_NUMBER_FIELDS }} | |
DJANGO_SECRET_KEY: ${{ secrets.DJANGO_SECRET_KEY }} | |
EMAIL_BACKEND: ${{ secrets.EMAIL_BACKEND }} | |
EVENT_SIGNUPS_OPEN: ${{ secrets.EVENT_SIGNUPS_OPEN }} | |
EVENT_SIGNUPS_CLOSE: ${{ secrets.EVENT_SIGNUPS_CLOSE }} | |
FRONTEND_URL: ${{ secrets.FRONTEND_URL }} | |
GASTRO_SIGNUPS_OPEN: ${{ secrets.GASTRO_SIGNUPS_OPEN }} | |
GASTRO_SIGNUPS_CLOSE: ${{ secrets.GASTRO_SIGNUPS_CLOSE }} | |
MAILJET_API_KEY: ${{ secrets.MAILJET_API_KEY }} | |
MAILJET_SECRET_KEY: ${{ secrets.MAILJET_SECRET_KEY }} | |
MAPBOX_ACCESS_TOKEN: ${{ secrets.MAPBOX_ACCESS_TOKEN }} | |
MAPBOX_UPLOAD_NAME_PROJECTS: ${{ secrets.MAPBOX_UPLOAD_NAME_PROJECTS }} | |
MAPBOX_UPLOAD_NAME_SECTIONS: ${{ secrets.MAPBOX_UPLOAD_NAME_SECTIONS }} | |
MAPBOX_UPLOAD_TILESET_PROJECTS: ${{ secrets.MAPBOX_UPLOAD_TILESET_PROJECTS }} | |
MAPBOX_UPLOAD_TILESET_SECTIONS: ${{ secrets.MAPBOX_UPLOAD_TILESET_SECTIONS }} | |
MAPBOX_USERNAME: ${{ secrets.MAPBOX_USERNAME }} | |
PASSWORD_RESET_CONFIRM_FRONTEND_URL: ${{ secrets.PASSWORD_RESET_CONFIRM_FRONTEND_URL }} | |
PASSWORD_RESET_CONFIRM_URL: ${{ secrets.PASSWORD_RESET_CONFIRM_URL }} | |
PLAYSTREET_RECIPIENT: ${{ secrets.PLAYSTREET_RECIPIENT }} | |
NEWSLETTER_LIST_ID: ${{ secrets.NEWSLETTER_LIST_ID }} | |
REPORTS_NOTIFICATION_CAMPAIGN: ${{ secrets.REPORTS_NOTIFICATION_CAMPAIGN }} | |
REPORTS_NOTIFICATION_SENDER: ${{ secrets.REPORTS_NOTIFICATION_SENDER }} | |
SERVICE_NAME: ${{ secrets.SERVICE_NAME }} | |
TOGGLE_GASTRO_DIRECT_SIGNUP: ${{ secrets.TOGGLE_GASTRO_DIRECT_SIGNUP }} | |
TOGGLE_GASTRO_REGISTRATIONS: ${{ secrets.TOGGLE_GASTRO_REGISTRATIONS }} | |
TOGGLE_NEWSLETTER: ${{ secrets.TOGGLE_NEWSLETTER }} | |
USE_X_FORWARDED_HOST: ${{ secrets.USE_X_FORWARDED_HOST }} | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Upgrade AWS CLI version and setup lightsailctl | |
run: | | |
aws --version | |
curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip" | |
unzip awscliv2.zip | |
sudo ./aws/install --bin-dir /usr/local/bin --install-dir /usr/local/aws-cli --update | |
which aws | |
aws --version | |
sudo curl "https://s3.us-west-2.amazonaws.com/lightsailctl/latest/linux-amd64/lightsailctl" -o "/usr/local/bin/lightsailctl" | |
sudo chmod +x /usr/local/bin/lightsailctl | |
- name: Configure AWS credentials | |
uses: aws-actions/configure-aws-credentials@v4 | |
with: | |
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
aws-region: ${{ secrets.AWS_REGION }} | |
- name: Build app image | |
run: > | |
docker build . | |
--file ./docker/app/Dockerfile | |
--tag public.ecr.aws/n0p8j4k5/radbuegel-aachen/app:${GITHUB_SHA} | |
- name: Build nginx image | |
run: > | |
docker build . | |
--file ./docker/nginx/Dockerfile | |
--tag public.ecr.aws/n0p8j4k5/radbuegel-aachen/nginx:${GITHUB_SHA} | |
- name: Push the app image | |
run: | | |
aws ecr-public get-login-password --region us-east-1 | docker login --username AWS --password-stdin public.ecr.aws/n0p8j4k5 | |
docker push public.ecr.aws/n0p8j4k5/radbuegel-aachen/app:${GITHUB_SHA} | |
- name: Push the nginx image | |
run: | | |
aws ecr-public get-login-password --region us-east-1 | docker login --username AWS --password-stdin public.ecr.aws/n0p8j4k5 | |
docker push public.ecr.aws/n0p8j4k5/radbuegel-aachen/nginx:${GITHUB_SHA} | |
- name: Create container_with_image.yml | |
run: | | |
cat .github/workflows/radbuegel-aachen-container.yml.tpl | envsubst > container_with_image.yml | |
cat container_with_image.yml | |
- name: Deploy to Lightsail | |
run: > | |
aws lightsail create-container-service-deployment | |
--cli-input-yaml file://container_with_image.yml | |
--output yaml |