Deploy Managed EMA #37
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Deploy Managed EMA | |
| on: | |
| workflow_dispatch: | |
| inputs: | |
| releaseVersion: | |
| description: "The tag of the image to push. For dev, we'll pull the 'main' image and for all other environments, we'll pull image A.B.C, then we push the image with tag A.B.C to where it needs to go." | |
| required: true | |
| default: "A.B.C" | |
| deployEnvironment: | |
| description: "Environment to deploy to (development/staging/production)." | |
| required: true | |
| type: choice | |
| options: | |
| - development | |
| - staging | |
| - production | |
| buildNewDevImage: | |
| description: "true/false. If deploying to development, set to 'true' to build a new image, otherwise, we'll pull the 'main' image." | |
| required: false | |
| default: "true" | |
| jobs: | |
| deploy: | |
| runs-on: ubuntu-latest | |
| environment: prod | |
| steps: | |
| - name: Configure AWS credentials | |
| if: ${{ github.event.inputs.deployEnvironment != 'development' || github.event.inputs.buildNewDevImage == 'false' }} | |
| uses: aws-actions/configure-aws-credentials@v2 | |
| with: | |
| aws-access-key-id: ${{ secrets.EMA_AWS_ACCESS_KEY_ID }} | |
| aws-secret-access-key: ${{ secrets.EMA_AWS_SECRET_ACCESS_KEY }} | |
| aws-region: ${{ secrets.EMA_AWS_DEFAULT_REGION }} | |
| - name: Login to Amazon ECR | |
| if: ${{ github.event.inputs.deployEnvironment != 'development' || github.event.inputs.buildNewDevImage == 'false' }} | |
| id: login-ecr | |
| uses: aws-actions/[email protected] | |
| - name: ECR (Dev) - Pull Main Image | |
| if: ${{ github.event.inputs.deployEnvironment == 'development' && github.event.inputs.buildNewDevImage == 'false' }} | |
| run: | | |
| ECR_DEV_IMAGE="${{ steps.login-ecr.outputs.registry }}/${{ github.event.repository.name }}:main" | |
| docker pull $ECR_DEV_IMAGE | |
| echo "ECR_DEV_IMAGE=$ECR_DEV_IMAGE" >> $GITHUB_ENV | |
| - name: "Checkout branch" | |
| uses: actions/checkout@v3 | |
| if: ${{ github.event.inputs.deployEnvironment == 'development' && github.event.inputs.buildNewDevImage == 'true' }} | |
| with: | |
| fetch-depth: 0 | |
| lfs: true | |
| - name: Set up JDK 17 | |
| if: ${{ github.event.inputs.deployEnvironment == 'development' && github.event.inputs.buildNewDevImage == 'true' }} | |
| uses: actions/setup-java@v3 | |
| with: | |
| java-version: 17 | |
| distribution: 'temurin' | |
| cache: 'maven' | |
| - name: Set Build Params | |
| run: | | |
| export SKIP_FLAGS_NON_UNIT_TESTS="-Dcheckstyle.skip -Dpmd.skip -Dcpd.skip -Dfindbugs.skip -Dspotbugs.skip" | |
| echo "SKIP_FLAGS_NON_UNIT_TESTS=$SKIP_FLAGS_NON_UNIT_TESTS" >> $GITHUB_ENV | |
| echo "SKIP_FLAGS_ALL_TESTS=$SKIP_FLAGS_NON_UNIT_TESTS -Dmaven.test.skip=true" >> $GITHUB_ENV | |
| - name: Generate Artifacts | |
| run: | | |
| mvn install $SKIP_FLAGS_ALL_TESTS --file service/pom.xml | |
| - name: ECR (Dev) - Build Image | |
| if: ${{ github.event.inputs.deployEnvironment == 'development' && github.event.inputs.buildNewDevImage == 'true' }} | |
| working-directory: service/application/docker | |
| run: | | |
| ./buildEventManagementAgentDocker.sh -t ${{ github.event.inputs.releaseVersion }} | |
| ECR_DEV_IMAGE="${{ github.event.repository.name }}:${{ github.event.inputs.releaseVersion }}" | |
| echo "ECR_DEV_IMAGE=$ECR_DEV_IMAGE" >> $GITHUB_ENV | |
| - name: ECR (Dev) - Pull Prod Ready Image Tag | |
| if: ${{ github.event.inputs.deployEnvironment != 'development' }} | |
| run: | | |
| ECR_DEV_IMAGE="${{ steps.login-ecr.outputs.registry }}/${{ github.event.repository.name }}:${{ github.event.inputs.releaseVersion }}" | |
| docker pull $ECR_DEV_IMAGE | |
| echo "ECR_DEV_IMAGE=$ECR_DEV_IMAGE" >> $GITHUB_ENV | |
| - name: GCR (Dev) - Login | |
| if: ${{ github.event.inputs.deployEnvironment == 'development' }} | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: gcr.io | |
| username: _json_key | |
| password: ${{ secrets.DEV_GCP_SERVICE_ACCOUNT }} | |
| - name: GCR (Dev) - Tag and Push | |
| if: ${{ github.event.inputs.deployEnvironment == 'development' }} | |
| run: | | |
| GCR_IMAGE_TAGS_TO_PUSH=( | |
| "${{ github.event.inputs.releaseVersion }}" | |
| ) | |
| GCR_DEV_IMAGE_REPO="gcr.io/${{ secrets.DEV_GCP_PROJECT_ID }}/${{ github.event.repository.name }}" | |
| for current_tag in ${GCR_IMAGE_TAGS_TO_PUSH[@]} | |
| do | |
| docker tag $ECR_DEV_IMAGE $GCR_DEV_IMAGE_REPO:$current_tag | |
| docker push $GCR_DEV_IMAGE_REPO:$current_tag | |
| done | |
| - name: GCR (Staging) - Login | |
| if: ${{ github.event.inputs.deployEnvironment == 'staging' }} | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: gcr.io | |
| username: _json_key | |
| password: ${{ secrets.STAGING_GCP_SERVICE_ACCOUNT }} | |
| - name: GCR (Staging) - Tag and Push | |
| if: ${{ github.event.inputs.deployEnvironment == 'staging' }} | |
| run: | | |
| GCR_IMAGE_TAGS_TO_PUSH=( | |
| "${{ github.event.inputs.releaseVersion }}" | |
| ) | |
| GCR_STAGING_IMAGE_REPO="gcr.io/${{ secrets.STAGING_GCP_PROJECT_ID }}/${{ github.event.repository.name }}" | |
| for current_tag in ${GCR_IMAGE_TAGS_TO_PUSH[@]} | |
| do | |
| docker tag $ECR_DEV_IMAGE $GCR_STAGING_IMAGE_REPO:$current_tag | |
| docker push $GCR_STAGING_IMAGE_REPO:$current_tag | |
| done | |
| - name: GCR (Production) - Login | |
| if: ${{ github.event.inputs.deployEnvironment == 'production' }} | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: gcr.io | |
| username: _json_key | |
| password: ${{ secrets.PROD_GCP_SERVICE_ACCOUNT }} | |
| - name: GCR (Prod) - Tag and Push | |
| if: ${{ github.event.inputs.deployEnvironment == 'production' }} | |
| run: | | |
| GCR_IMAGE_TAGS_TO_PUSH=( | |
| "${{ github.event.inputs.releaseVersion }}" | |
| ) | |
| GCR_PROD_IMAGE_REPO="gcr.io/${{ secrets.PROD_GCP_PROJECT_ID }}/${{ github.event.repository.name }}" | |
| for current_tag in ${GCR_IMAGE_TAGS_TO_PUSH[@]} | |
| do | |
| docker tag $ECR_DEV_IMAGE $GCR_PROD_IMAGE_REPO:$current_tag | |
| docker push $GCR_PROD_IMAGE_REPO:$current_tag | |
| done | |
| - name: Log in to Azure China prod docker registry | |
| if: ${{ github.event.inputs.deployEnvironment == 'production' }} | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ${{ secrets.AZURE_CHINA_PROD_HOSTNAME }} | |
| username: ${{ secrets.AZURE_CHINA_PROD_USERNAME }} | |
| password: ${{ secrets.AZURE_CHINA_PROD_PASSWORD }} | |
| - name: Azure China (Prod) - Tag and Push | |
| if: ${{ github.event.inputs.deployEnvironment == 'production' }} | |
| run: | | |
| IMAGE_TAGS_TO_PUSH=( | |
| "${{ github.event.inputs.releaseVersion }}" | |
| ) | |
| PROD_IMAGE_REPO="${{ secrets.AZURE_CHINA_PROD_HOSTNAME }}/${{ github.event.repository.name }}" | |
| for current_tag in ${IMAGE_TAGS_TO_PUSH[@]} | |
| do | |
| docker tag $ECR_DEV_IMAGE $PROD_IMAGE_REPO:$current_tag | |
| docker push $PROD_IMAGE_REPO:$current_tag | |
| done |