Mergeback release v0.31.0-rc1 to alpha #1051
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Alpha branch Build and Deployment | |
on: | |
pull_request: | |
types: [closed] | |
branches: | |
- alpha | |
jobs: | |
build-and-push-docker-image: | |
if: github.event.pull_request.merged == true && !contains(github.event.pull_request.labels.*.name, 'no-deploy') | |
permissions: | |
id-token: write # This is required for requesting the JWT for gaining permissions to assume the IAM role to perform AWS actions | |
runs-on: ubuntu-20.04 | |
steps: | |
- name: Check out repository code | |
uses: actions/checkout@v3 | |
with: | |
fetch-depth: 0 | |
- name: Store release tag in env | |
shell: bash | |
run: | | |
echo "tagname=$(git describe --tags)" >> $GITHUB_ENV | |
# This step will configure environment variables to be used by all steps | |
# involving AWS interaction further down | |
- name: AWS credentials configuration | |
uses: aws-actions/configure-aws-credentials@v4 | |
with: | |
role-to-assume: ${{secrets.GH_ACTIONS_AWS_ROLE}} | |
role-session-name: gh-actions-${{github.run_id}}.${{github.run_number}}.${{github.run_attempt}}-build-image | |
aws-region: us-east-1 | |
- name: Amazon ECR login | |
id: login-ecr | |
uses: aws-actions/amazon-ecr-login@v2 | |
- name: Build, tag, and push image to Amazon ECR | |
env: | |
ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }} | |
ECR_REPOSITORY: agr_curation | |
IMAGE_TAG: ${{ env.tagname }} | |
run: | | |
docker build --build-arg OVERWRITE_VERSION=${IMAGE_TAG} -t $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG . | |
docker tag $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG $ECR_REGISTRY/$ECR_REPOSITORY:${GITHUB_REF#refs/heads/} | |
docker push $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG | |
docker push $ECR_REGISTRY/$ECR_REPOSITORY:${GITHUB_REF#refs/heads/} | |
build-deploy-maven-central-package: | |
runs-on: ubuntu-20.04 | |
steps: | |
- name: Check out repository code | |
uses: actions/checkout@v3 | |
- name: Set up Maven Central Repository | |
uses: actions/setup-java@v4 | |
with: | |
java-version: '17' | |
distribution: 'temurin' | |
server-id: ossrh | |
server-username: MAVEN_USERNAME | |
server-password: MAVEN_PASSWORD | |
- name: Set Proper version | |
run: mvn versions:set -ntp -DnewVersion=0.0.0-SNAPSHOT | |
- id: install-secret-key | |
name: Install gpg secret key | |
run: | | |
cat <(echo -e "${{ secrets.OSSRH_GPG_SECRET_KEY }}") | gpg --batch --import | |
gpg --list-secret-keys --keyid-format LONG | |
- name: Publish package | |
run: mvn --batch-mode -ntp -Dmaven.test.skip=true -Dquarkus.hibernate-search-orm.elasticsearch.version=1.2.4 deploy | |
env: | |
MAVEN_USERNAME: ${{ secrets.OSSRH_USERNAME }} | |
MAVEN_PASSWORD: ${{ secrets.OSSRH_TOKEN }} | |
deploy-to-alpha: | |
if: github.event.pull_request.merged == true && !contains(github.event.pull_request.labels.*.name, 'no-deploy') | |
permissions: | |
id-token: write # This is required for requesting the JWT for gaining permissions to assume the IAM role to perform AWS actions | |
needs: [build-and-push-docker-image] | |
runs-on: ubuntu-20.04 | |
steps: | |
- name: Slack Notification | |
uses: tokorom/action-slack-incoming-webhook@main | |
env: | |
INCOMING_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} | |
with: | |
text: "Auto Deployment to alpha initiated" | |
attachments: | | |
[ | |
{ | |
"color": "good", | |
"author_name": "${{ github.actor }}", | |
"author_icon": "${{ github.event.sender.avatar_url }}", | |
"fields": [ | |
{ | |
"title": "GitHub Actions URL", | |
"value": "${{ github.event.repository.html_url }}/actions/runs/${{ github.run_id }}" | |
} | |
] | |
} | |
] | |
- name: Check out repository code | |
uses: actions/checkout@v3 | |
with: | |
fetch-depth: 0 | |
- name: Store release tag in env | |
shell: bash | |
run: | | |
echo "tagname=$(git describe --tags)" >> $GITHUB_ENV | |
- name: Save curation app version to be deployed in EB env variables through config file | |
run: | | |
sed -i 's/\(AGR_CURATION_RELEASE: \).\+/\1${{ env.tagname }}/' .ebextensions/version.config | |
echo "Stored version config:" | |
echo "----------------------" | |
cat .ebextensions/version.config | |
- name: Generate deployment package | |
run: zip -r ${{ env.tagname }}.zip docker-compose.yml .ebextensions/ | |
- name: AWS credentials configuration | |
uses: aws-actions/configure-aws-credentials@v4 | |
with: | |
role-to-assume: ${{secrets.GH_ACTIONS_AWS_ROLE}} | |
role-session-name: gh-actions-${{github.run_id}}.${{github.run_number}}.${{github.run_attempt}}-eb-deploy | |
aws-region: us-east-1 | |
- name: Deploy to EB | |
uses: einaregilsson/beanstalk-deploy@v21 | |
with: | |
aws_access_key: ${{ env.AWS_ACCESS_KEY_ID }} | |
aws_secret_key: ${{ env.AWS_SECRET_ACCESS_KEY }} | |
aws_session_token: ${{env.AWS_SESSION_TOKEN}} | |
application_name: curation-app | |
environment_name: curation-alpha | |
version_label: ${{ env.tagname }} | |
deployment_package: ${{ env.tagname }}.zip | |
use_existing_version_if_available: true | |
region: us-east-1 | |
- name: Set COMMIT_MESSAGE | |
run: echo "COMMIT_MESSAGE=$(git show -s --format=%s ${{github.event.pull_request.head.sha}})" >> $GITHUB_ENV | |
- name: Slack Notification | |
uses: tokorom/action-slack-incoming-webhook@main | |
env: | |
INCOMING_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} | |
with: | |
text: "Deployment of release ${{ env.tagname }} to alpha completed! :tada:" | |
attachments: | | |
[ | |
{ | |
"color": "good", | |
"author_name": "${{ github.actor }}", | |
"author_icon": "${{ github.event.sender.avatar_url }}", | |
"fields": [ | |
{ | |
"title": "Commit Message", | |
"value": "${{ env.COMMIT_MESSAGE }}" | |
}, | |
{ | |
"title": "Deployment URL", | |
"value": "https://alpha-curation.alliancegenome.org" | |
} | |
] | |
} | |
] |