-
Notifications
You must be signed in to change notification settings - Fork 86
144 lines (132 loc) · 6.1 KB
/
deploy-eb.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
name: Deploy to AWS Elastic Beanstalk
on:
push:
# There should be 7 environments in github actions secrets:
# release, release-al2, staging, staging-alt, staging-alt2, uat.
# This is different from the DEPLOY_ENV secret which corresponds to elastic beanstalk environment name.
branches:
- release
- release-al2
- staging
- staging-alt
- staging-alt2
- uat
permissions:
id-token: write
contents: read
jobs:
set_environment:
outputs:
current_env: ${{ steps.set-environment.outputs.current_env }}
runs-on: ubuntu-latest
steps:
- id: set-environment
run: echo "current_env=${{github.ref_name}}" >> $GITHUB_OUTPUT
build_deploy_application:
needs: set_environment
environment:
name: ${{ needs.set_environment.outputs.current_env }}
env:
IMAGE_TAG: github-actions-${{ github.sha }}-${{ github.run_id }}-${{github.run_attempt}}
BRANCH: ${{ needs.set_environment.outputs.current_env }}
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Setup secrets for datadog sourcemap deployment
run: |
echo "APP_VERSION=$(jq -r .version package.json)-$(echo ${GITHUB_REF##*/})-$(echo ${GITHUB_SHA} | cut -c1-8)" >> $GITHUB_ENV
- name: Inject frontend build env vars
env:
VITE_APP_DD_RUM_APP_ID: ${{ secrets.DD_RUM_APP_ID }}
VITE_APP_DD_RUM_CLIENT_TOKEN: ${{ secrets.DD_RUM_CLIENT_TOKEN }}
VITE_APP_DD_RUM_ENV: ${{ secrets.DD_ENV }}
VITE_APP_DD_SAMPLE_RATE: ${{ secrets.DD_SAMPLE_RATE }}
VITE_APP_GA_TRACKING_ID: ${{ secrets.GA_TRACKING_ID }}
VITE_APP_FORMSG_SDK_MODE: ${{ secrets.REACT_APP_FORMSG_SDK_MODE }}
VITE_APP_URL: ${{ secrets.APP_URL }}
run: |
sed -i -e "s|@VITE_APP_URL|${{secrets.APP_URL}}|g" -e "s/@VITE_APP_DD_RUM_APP_ID/$VITE_APP_DD_RUM_APP_ID/g" -e "s/@VITE_APP_DD_RUM_CLIENT_TOKEN/$VITE_APP_DD_RUM_CLIENT_TOKEN/g" -e "s/@VITE_APP_DD_RUM_ENV/$VITE_APP_DD_RUM_ENV/g" -e "s/@VITE_APP_VERSION/${{env.APP_VERSION}}/g" -e "s/@VITE_APP_DD_SAMPLE_RATE/$VITE_APP_DD_SAMPLE_RATE/g" frontend/datadog-chunk.ts
echo VITE_APP_VERSION=${{env.APP_VERSION}} > frontend/.env
echo VITE_APP_URL=$VITE_APP_URL > frontend/.env
echo VITE_APP_GA_TRACKING_ID=$VITE_APP_GA_TRACKING_ID >> frontend/.env
echo VITE_APP_FORMSG_SDK_MODE=$VITE_APP_FORMSG_SDK_MODE >> frontend/.env
echo VITE_APP_DD_RUM_CLIENT_TOKEN=$VITE_APP_DD_RUM_CLIENT_TOKEN >> frontend/.env
echo VITE_APP_DD_RUM_ENV=$VITE_APP_DD_RUM_ENV >> frontend/.env
- name: Configure AWS credentials
uses: aws-actions/[email protected]
with:
role-to-assume: ${{ secrets.AWS_CI_ROLE_TO_ASSUME }}
aws-region: ${{ secrets.AWS_DEFAULT_REGION }}
- name: Login to Amazon ECR
id: login-ecr
uses: aws-actions/amazon-ecr-login@v1
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
- name: Build docker image
uses: docker/build-push-action@v3
env:
ECR_REPO: ${{ secrets.ECR_REPO }}
DD_API_KEY: ${{ secrets.DD_API_KEY }}
DD_ENV: ${{ secrets.DD_ENV }}
with:
context: .
file: ./Dockerfile.production
push: false
load: true # Load image into local docker daemon so we can tag and push in later steps
tags: ${{env.ECR_REPO}}:${{env.IMAGE_TAG}}
build-args: |
APP_VERSION=${{env.APP_VERSION}}
APP_URL=${{secrets.APP_URL}}
REPO_URL=${{github.server_url}}/${{github.repository}}
secrets: |
"dd_api_key=${{ secrets.DD_API_KEY }}"
- name: Push image to Amazon ECR
env:
ECR_REPOSITORY: ${{ secrets.ECR_REPO }}
DD_API_KEY: ${{ secrets.DD_API_KEY }}
DD_ENV: ${{ secrets.DD_ENV }}
DD_GIT_REPOSITORY_URL: ${{ github.server_url }}/${{ github.repository }}
DD_GIT_COMMIT_SHA: ${{ github.sha }}
run: |
docker tag $ECR_REPOSITORY:$IMAGE_TAG $ECR_REPOSITORY:$BRANCH
docker push -a $ECR_REPOSITORY
sed -i -e "s/@TAG/$IMAGE_TAG/g" Dockerrun.aws.json
sed -i -e "s/@DD_API_KEY/$DD_API_KEY/g" -e "s/@DD_ENV/$DD_ENV/g" .ebextensions/99datadog-amazon-linux-2.config
# Using "+" as delimiter to avoid escaping / in DD_GIT_REPOSITORY_URL
sed -i -e "s+@DD_GIT_REPOSITORY_URL+$DD_GIT_REPOSITORY_URL+g" -e "s/@DD_GIT_COMMIT_SHA/$DD_GIT_COMMIT_SHA/g" .ebextensions/02env-file-datadog.config
zip -r "$IMAGE_TAG.zip" .ebextensions Dockerrun.aws.json
- name: Copy Image to S3
env:
BUCKET_NAME: ${{ secrets.BUCKET_NAME }}
run: |
aws s3 cp $IMAGE_TAG.zip s3://$BUCKET_NAME/$IMAGE_TAG.zip
- name: Copy Static Assets from Docker Image and Push to S3
env:
S3_STATIC_ASSETS_BUCKET_NAME: ${{ secrets.S3_STATIC_ASSETS_BUCKET_NAME }}
ECR_REPOSITORY: ${{ secrets.ECR_REPO }}
run: |
mkdir -p /tmp/s3static
chmod 777 /tmp/s3static
docker run --rm -v /tmp/s3static:/tmp/s3static $ECR_REPOSITORY:$IMAGE_TAG cp -r ./dist/frontend/. /tmp/s3static
aws s3 sync /tmp/s3static s3://$S3_STATIC_ASSETS_BUCKET_NAME
- name: Create application version
env:
BUCKET_NAME: ${{ secrets.BUCKET_NAME }}
APP_NAME: ${{ secrets.APP_NAME }}
run: |
TRUNCATED_DESC=$(echo "${{github.event.head_commit.message}}" | head -c 180)
aws elasticbeanstalk create-application-version --application-name $APP_NAME \
--version-label $IMAGE_TAG \
--source-bundle S3Bucket=$BUCKET_NAME,S3Key=$IMAGE_TAG.zip \
--description "$TRUNCATED_DESC"
- name: Update EB environment
id: update-eb-1
env:
APP_NAME: ${{ secrets.APP_NAME }}
DEPLOY_ENV: ${{ secrets.DEPLOY_ENV }}
run: |
aws elasticbeanstalk update-environment --application-name $APP_NAME \
--environment-name $DEPLOY_ENV \
--version-label $IMAGE_TAG