Skip to content

Commit

Permalink
Merge pull request #34 from kynmh69/28-feature-add-create-ecs-service
Browse files Browse the repository at this point in the history
28 feature add create ecs service
  • Loading branch information
kynmh69 authored Apr 4, 2024
2 parents 9ede244 + abe1421 commit 044225f
Show file tree
Hide file tree
Showing 5 changed files with 279 additions and 8 deletions.
6 changes: 6 additions & 0 deletions .github/workflows/codecov.yml
Original file line number Diff line number Diff line change
Expand Up @@ -5,9 +5,15 @@ on:
- main
tags:
- 'v*.*.*'
paths:
- '.github/workflows/codecov.yml'
- 'src/**'
pull_request:
branches:
- main
paths:
- '.github/workflows/codecov.yml'
- 'src/**'
env:
UPDATER_DIR: "src/updater"
API_DIR: "src/api"
Expand Down
91 changes: 90 additions & 1 deletion .github/workflows/docker-publish-api.yml
Original file line number Diff line number Diff line change
Expand Up @@ -10,15 +10,34 @@ on:
branches: [ "main" ]
# Publish semver tags as releases.
tags: [ 'v*.*.*' ]
paths:
- 'src/api/**'
- 'src/middleware/**'
- 'src/model/**'
- 'src/util/**'
- '.github/workflows/docker-publish-api.yml'
pull_request:
branches: [ "main" ]
paths:
- 'src/api/**'
- 'src/middleware/**'
- 'src/model/**'
- 'src/util/**'
- '.github/workflows/docker-publish-api.yml'

env:
# Use docker.io for Docker Hub if empty
REGISTRY: ghcr.io
# github.repository as <account>/<repo>
IMAGE_NAME: ${{ github.repository }}
API_DIR: "src/api"
AWS_REGION: us-east-1
ECS_SERVICE: holidays-api-service
ECS_CLUSTER: holidays-cluster
ECS_TASK_DEFINITION: .aws/api_task.json
CONTAINER_NAME: holidays-api
PLATFORM: "linux/amd64,linux/arm64,linux/x86_64"
DOCKER_FILEPATH: "docker/api/Dockerfile"


jobs:
Expand Down Expand Up @@ -179,7 +198,7 @@ jobs:
uses: docker/build-push-action@v5
with:
context: .
file: docker/api/Dockerfile
file: ${{ env.DOCKER_FILEPATH }}
push: ${{ github.event_name != 'pull_request' }}
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
Expand All @@ -201,3 +220,73 @@ jobs:
# This step uses the identity token to provision an ephemeral certificate
# against the sigstore community Fulcio instance.
run: echo "${TAGS}" | xargs -I {} cosign sign --yes {}@${DIGEST}

deploy:
permissions:
id-token: write
needs: test-api
name: Deploy to ECR
runs-on: ubuntu-latest
environment: production

steps:
- name: Checkout
uses: actions/checkout@v4

# Set up BuildKit Docker container builder to be able to build
# multi-platform images and export cache
# https://github.com/docker/setup-buildx-action
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3 # v3.1.0

- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: ${{ secrets.ASSUME_ROLE }}
aws-region: ${{ env.AWS_REGION }}

- name: Login to Amazon ECR
id: login-ecr
uses: aws-actions/amazon-ecr-login@v1
with:
mask-password: 'true'
registry-type: public

# Extract metadata (tags, labels) for Docker
# https://github.com/docker/metadata-action
- name: Extract Docker metadata
id: meta
uses: docker/metadata-action@v5 # v5.0.0
with:
images: ${{ steps.login-ecr.outputs.registry }}/${{ env.IMAGE_NAME }}-api

# Build and push Docker image with Buildx (don't push on PR)
# https://github.com/docker/build-push-action
- name: Build and push Docker image
id: build-and-push
uses: docker/build-push-action@v5
with:
context: .
file: ${{ env.DOCKER_FILEPATH }}
push: ${{ github.event_name != 'pull_request' }}
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
cache-from: type=gha
cache-to: type=gha,mode=max
platforms: ${{ env.PLATFORM }}

# - name: Fill in the new image ID in the Amazon ECS task definition
# id: task-def
# uses: aws-actions/amazon-ecs-render-task-definition@v1
# with:
# task-definition: ${{ env.ECS_TASK_DEFINITION }}
# container-name: ${{ env.CONTAINER_NAME }}
# image: ${{ steps.build-and-push.outputs.image }}

# - name: Deploy Amazon ECS task definition
# uses: aws-actions/amazon-ecs-deploy-task-definition@v1
# with:
# task-definition: ${{ steps.task-def.outputs.task-definition }}
# service: ${{ env.ECS_SERVICE }}
# cluster: ${{ env.ECS_CLUSTER }}
# wait-for-service-stability: true
93 changes: 91 additions & 2 deletions .github/workflows/docker-publish-key-manager.yml
Original file line number Diff line number Diff line change
Expand Up @@ -10,15 +10,34 @@ on:
branches: [ "main" ]
# Publish semver tags as releases.
tags: [ 'v*.*.*' ]
paths:
- 'src/key_management/**'
- 'src/middleware/**'
- 'src/model/**'
- 'src/util/**'
- '.github/workflows/docker-publish-key-manager.yml'
pull_request:
branches: [ "main" ]
paths:
- 'src/key_management/**'
- 'src/middleware/**'
- 'src/model/**'
- 'src/util/**'
- '.github/workflows/docker-publish-key-manager.yml'

env:
# Use docker.io for Docker Hub if empty
REGISTRY: ghcr.io
# github.repository as <account>/<repo>
IMAGE_NAME: ${{ github.repository }}
KEY_MAN_DIR: "src/key_management"
AWS_REGION: us-east-1
ECS_SERVICE: holidays-key-manager-service
ECS_CLUSTER: holidays-cluster
ECS_TASK_DEFINITION: .aws/key_manager_task.json
CONTAINER_NAME: holidays-key-manager
PLATFORM: "linux/amd64,linux/arm64,linux/x86_64"
DOCKER_FILEPATH: "docker/key_management/Dockerfile"


jobs:
Expand Down Expand Up @@ -126,7 +145,7 @@ jobs:
MODE: atomic
run: go test -v ./...

publish-api:
publish-key-manager:
needs: test-key-manager
runs-on: ubuntu-latest
permissions:
Expand Down Expand Up @@ -179,7 +198,7 @@ jobs:
uses: docker/build-push-action@v5
with:
context: .
file: docker/api/Dockerfile
file: ${{ env.DOCKER_FILEPATH }}
push: ${{ github.event_name != 'pull_request' }}
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
Expand All @@ -201,3 +220,73 @@ jobs:
# This step uses the identity token to provision an ephemeral certificate
# against the sigstore community Fulcio instance.
run: echo "${TAGS}" | xargs -I {} cosign sign --yes {}@${DIGEST}

deploy:
permissions:
id-token: write
needs: test-key-manager
name: Deploy to ECR
runs-on: ubuntu-latest
environment: production

steps:
- name: Checkout
uses: actions/checkout@v4

# Set up BuildKit Docker container builder to be able to build
# multi-platform images and export cache
# https://github.com/docker/setup-buildx-action
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3 # v3.1.0

- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: ${{ secrets.ASSUME_ROLE }}
aws-region: ${{ env.AWS_REGION }}

- name: Login to Amazon ECR
id: login-ecr
uses: aws-actions/amazon-ecr-login@v1
with:
mask-password: 'true'
registry-type: public

# Extract metadata (tags, labels) for Docker
# https://github.com/docker/metadata-action
- name: Extract Docker metadata
id: meta
uses: docker/metadata-action@v5 # v5.0.0
with:
images: ${{ steps.login-ecr.outputs.registry }}/${{ env.IMAGE_NAME }}-key-manager

# Build and push Docker image with Buildx (don't push on PR)
# https://github.com/docker/build-push-action
- name: Build and push Docker image
id: build-and-push
uses: docker/build-push-action@v5
with:
context: .
file: ${{ env.DOCKER_FILEPATH }}
push: ${{ github.event_name != 'pull_request' }}
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
cache-from: type=gha
cache-to: type=gha,mode=max
platforms: ${{ env.PLATFORM }}

# - name: Fill in the new image ID in the Amazon ECS task definition
# id: task-def
# uses: aws-actions/amazon-ecs-render-task-definition@v1
# with:
# task-definition: ${{ env.ECS_TASK_DEFINITION }}
# container-name: ${{ env.CONTAINER_NAME }}
# image: ${{ steps.build-and-push.outputs.image }}

# - name: Deploy Amazon ECS task definition
# uses: aws-actions/amazon-ecs-deploy-task-definition@v1
# with:
# task-definition: ${{ steps.task-def.outputs.task-definition }}
# service: ${{ env.ECS_SERVICE }}
# cluster: ${{ env.ECS_CLUSTER }}
# wait-for-service-stability: true
95 changes: 91 additions & 4 deletions .github/workflows/docker-publish-updater.yml
Original file line number Diff line number Diff line change
Expand Up @@ -10,16 +10,33 @@ on:
branches: [ "main" ]
# Publish semver tags as releases.
tags: [ 'v*.*.*' ]
paths:
- 'src/updater/**'
- 'src/middleware/**'
- 'src/model/**'
- 'src/util/**'
- '.github/workflows/docker-publish-updater.yml'
pull_request:
branches: [ "main" ]

paths:
- 'src/updater/**'
- 'src/middleware/**'
- 'src/model/**'
- 'src/util/**'
- '.github/workflows/docker-publish-updater.yml'
env:
# Use docker.io for Docker Hub if empty
REGISTRY: ghcr.io
# github.repository as <account>/<repo>
IMAGE_NAME: ${{ github.repository }}
UPDATER_DIR: "src/updater"

AWS_REGION: us-east-1
ECS_SERVICE: holidays-updater-service
ECS_CLUSTER: holidays-cluster
ECS_TASK_DEFINITION: .aws/updater_task.json
CONTAINER_NAME: holidays-updater
PLATFORM: "linux/amd64,linux/arm64,linux/x86_64"
DOCKER_FILEPATH: "docker/updater/Dockerfile"

jobs:
analyze:
Expand Down Expand Up @@ -176,13 +193,13 @@ jobs:
uses: docker/build-push-action@v5
with:
context: .
file: docker/updater/Dockerfile
file: ${{ env.DOCKER_FILEPATH }}
push: ${{ github.event_name != 'pull_request' }}
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
cache-from: type=gha
cache-to: type=gha,mode=max
platforms: linux/amd64,linux/arm64,linux/x86_64
platforms: ${{ env.PLATFORM }}

# Sign the resulting Docker image digest except on PRs.
# This will only write to the public Rekor transparency log when the Docker
Expand All @@ -198,3 +215,73 @@ jobs:
# This step uses the identity token to provision an ephemeral certificate
# against the sigstore community Fulcio instance.
run: echo "${TAGS}" | xargs -I {} cosign sign --yes {}@${DIGEST}

deploy:
permissions:
id-token: write
needs: test-updater
name: Deploy to ECR
runs-on: ubuntu-latest
environment: production

steps:
- name: Checkout
uses: actions/checkout@v4

# Set up BuildKit Docker container builder to be able to build
# multi-platform images and export cache
# https://github.com/docker/setup-buildx-action
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3 # v3.1.0

- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: ${{ secrets.ASSUME_ROLE }}
aws-region: ${{ env.AWS_REGION }}

- name: Login to Amazon ECR
id: login-ecr
uses: aws-actions/amazon-ecr-login@v2
with:
mask-password: 'true'
registry-type: public

# Extract metadata (tags, labels) for Docker
# https://github.com/docker/metadata-action
- name: Extract Docker metadata
id: meta
uses: docker/metadata-action@v5 # v5.0.0
with:
images: ${{ steps.login-ecr.outputs.registry }}/${{ env.IMAGE_NAME }}-updater

# Build and push Docker image with Buildx (don't push on PR)
# https://github.com/docker/build-push-action
- name: Build and push Docker image
id: build-and-push
uses: docker/build-push-action@v5
with:
context: .
file: ${{ env.DOCKER_FILEPATH }}
push: ${{ github.event_name != 'pull_request' }}
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
cache-from: type=gha
cache-to: type=gha,mode=max
platforms: ${{ env.PLATFORM }}

# - name: Fill in the new image ID in the Amazon ECS task definition
# id: task-def
# uses: aws-actions/amazon-ecs-render-task-definition@v1
# with:
# task-definition: ${{ env.ECS_TASK_DEFINITION }}
# container-name: ${{ env.CONTAINER_NAME }}
# image: ${{ steps.build-and-push.outputs.image }}

# - name: Deploy Amazon ECS task definition
# uses: aws-actions/amazon-ecs-deploy-task-definition@v1
# with:
# task-definition: ${{ steps.task-def.outputs.task-definition }}
# service: ${{ env.ECS_SERVICE }}
# cluster: ${{ env.ECS_CLUSTER }}
# wait-for-service-stability: true
2 changes: 1 addition & 1 deletion README.md
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
# go-ja-holidays

[![Create api image](https://github.com/kynmh69/go-ja-holidays/actions/workflows/docker-publish-api.yml/badge.svg)](https://github.com/kynmh69/go-ja-holidays/actions/workflows/docker-publish-api.yml) [![Create updater image](https://github.com/kynmh69/go-ja-holidays/actions/workflows/docker-publish-updater.yml/badge.svg?branch=main)](https://github.com/kynmh69/go-ja-holidays/actions/workflows/docker-publish-updater.yml) [![CodeQL](https://github.com/kynmh69/go-ja-holidays/actions/workflows/codeql.yml/badge.svg)](https://github.com/kynmh69/go-ja-holidays/actions/workflows/codeql.yml) [![Go Test](https://github.com/kynmh69/go-ja-holidays/actions/workflows/go.yml/badge.svg)](https://github.com/kynmh69/go-ja-holidays/actions/workflows/go.yml) [![codecov](https://codecov.io/gh/kynmh69/go-ja-holidays/graph/badge.svg?token=1OTK685UWI)](https://codecov.io/gh/kynmh69/go-ja-holidays)
[![Create api image](https://github.com/kynmh69/go-ja-holidays/actions/workflows/docker-publish-api.yml/badge.svg)](https://github.com/kynmh69/go-ja-holidays/actions/workflows/docker-publish-api.yml) [![Create updater image](https://github.com/kynmh69/go-ja-holidays/actions/workflows/docker-publish-updater.yml/badge.svg?branch=main)](https://github.com/kynmh69/go-ja-holidays/actions/workflows/docker-publish-updater.yml) [![Create Key Manager image](https://github.com/kynmh69/go-ja-holidays/actions/workflows/docker-publish-key-manager.yml/badge.svg)](https://github.com/kynmh69/go-ja-holidays/actions/workflows/docker-publish-key-manager.yml) [![codecov](https://codecov.io/gh/kynmh69/go-ja-holidays/graph/badge.svg?token=1OTK685UWI)](https://codecov.io/gh/kynmh69/go-ja-holidays)

日本の祝日を返却するAPIを提供します。

Expand Down

0 comments on commit 044225f

Please sign in to comment.