diff --git a/.github/workflows/prod.yml b/.github/workflows/prod.yml new file mode 100644 index 00000000..2bd74613 --- /dev/null +++ b/.github/workflows/prod.yml @@ -0,0 +1,111 @@ +name: Build and deploy CREDO DEV to ECS + +on: + push: + branches: + - pipeline-implementation + + +env: + + ECR_IMAGE_TAG: "AFJ_V_${{ github.run_number }}" + + ECR_REPOSITORY: "stage-services" + AWS_REGION: "ap-southeast-1" + CLUSTER: "STAGE_AFJ_CLUSTER" + +jobs: + build: + runs-on: ubuntu-latest + permissions: + id-token: write + contents: read + + steps: + - name: Checkout Repository + uses: actions/checkout@v2 + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v1 + + - name: Configure AWS Credentials + uses: aws-actions/configure-aws-credentials@v3 + with: + role-to-assume: ${{ secrets.IAM_ROLE }} + aws-region: ap-southeast-1 + + - name: Login to Amazon ECR + id: login-ecr + uses: aws-actions/amazon-ecr-login@v1 + + - name: update modules + run: | + rm -rf node_modules + yarn + + - name: Build, tag, and push image to Amazon ECR + env: + ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }} + ECR_REPOSITORY: dev-services + IMAGE_TAG: "AFJ_V_${{ github.run_number }}" + run: | + docker build -t $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG . + docker push $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG + docker image list + + - name: Set environment variables + run: | + echo "ECR_REGISTRY=${{ steps.login-ecr.outputs.registry }}" >> $GITHUB_ENV + echo "ECR_REPOSITORY=dev-services" >> $GITHUB_ENV + echo "IMAGE_TAG=AFJ_V_${{ github.run_number }}" >> $GITHUB_ENV + + - name: Print environment variables + run: | + echo "ECR_REGISTRY: $ECR_REGISTRY" + echo "ECR_REPOSITORY: $ECR_REPOSITORY" + echo "IMAGE_TAG: $IMAGE_TAG" + + - name: Retrieve Repository URI + run: | + REPOSITORY_URI=$(aws ecr describe-repositories --repository-names ${{ env.ECR_REPOSITORY }} --region ${{ env.AWS_REGION }} | jq -r '.repositories[].repositoryUri') + echo "REPOSITORY_URI=${REPOSITORY_URI}" >> $GITHUB_ENV + + - name: Replace executionRoleArn in task definition + run: | + sed -i "s#\"executionRoleArn\": \"arn:aws:iam::.*:role/ecsTaskExecutionRole\"#\"executionRoleArn\": \"arn:aws:iam::${{ secrets.AWS_ACCOUNT_ID }}:role/ecsTaskExecutionRole\"#" taskdef/stage-credo-service.json + + - name: Update Task Definition and service + run: | + FAMILY= "stage_Platform-admin_TASKDEFITION" + NAME=$(sed -n 's/.*"name": "\(.*\)",/\1/p' taskdef/stage-credo-service.json) + SERVICE_NAME="049b3262-5b2e-4d81-af7d-7badf7187736-Platform-admin-service-Njl" + echo "SERVICE_NAME: $SERVICE_NAME" + + # Replace placeholders in the JSON file + sed -e "s;%BUILD_NUMBER%;${{ github.run_number }};g" -e "s;%REPOSITORY_URI%;${REPOSITORY_URI};g" taskdef/stage-credo-service.json > ${GITHUB_WORKSPACE}/${NAME}-v_${{ github.run_number }}.json + + # Debug: Print the content of the modified JSON file + cat ${GITHUB_WORKSPACE}/${NAME}-v_${{ github.run_number }}.json + + # Register the task definition using the modified JSON file + aws ecs register-task-definition --family ${FAMILY} --cli-input-json file://${GITHUB_WORKSPACE}/${NAME}-v_${{ github.run_number }}.json --region ${{ env.AWS_REGION }} + + SERVICE_INFO=$(aws ecs describe-services --services ${SERVICE_NAME} --cluster ${CLUSTER} --region ap-southeast-1) + + # Check if the service exists + if [ -z "$SERVICE_INFO" ]; then + echo "Service does not exist, creating new service..." + # Your logic to create a new service goes here + else + echo "Entered existing service" + # Extract desired count from the stored service info + DESIRED_COUNT=$(echo "$SERVICE_INFO" | jq -r '.services[].desiredCount') + echo "DESIRED_COUNT: $DESIRED_COUNT" + + if [ "$DESIRED_COUNT" = "0" ]; then + DESIRED_COUNT="1" + fi + # Update the existing service + REVISION=$(aws ecs describe-task-definition --task-definition ${FAMILY} --region ap-southeast-1 | jq -r '.taskDefinition.revision') + aws ecs update-service --cluster ${CLUSTER} --region ap-southeast-1 --service ${SERVICE_NAME} --task-definition ${FAMILY}:${REVISION} --desired-count ${DESIRED_COUNT} + fi diff --git a/.github/workflows/stage.yml b/.github/workflows/stage.yml new file mode 100644 index 00000000..f834525e --- /dev/null +++ b/.github/workflows/stage.yml @@ -0,0 +1,110 @@ +name: Build and deploy CREDO DEV to ECS + +on: + push: + branches: + - pipeline-implementation + + +env: + + ECR_IMAGE_TAG: "AFJ_V_${{ github.run_number }}" + + ECR_REPOSITORY: "stage-services" + AWS_REGION: "ap-southeast-1" + CLUSTER: "STAGE_AFJ_CLUSTER" + +jobs: + build: + runs-on: ubuntu-latest + permissions: + id-token: write + contents: read + + steps: + - name: Checkout Repository + uses: actions/checkout@v2 + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v1 + + - name: Configure AWS Credentials + uses: aws-actions/configure-aws-credentials@v3 + with: + role-to-assume: ${{ secrets.IAM_ROLE }} + aws-region: ap-southeast-1 + + - name: Login to Amazon ECR + id: login-ecr + uses: aws-actions/amazon-ecr-login@v1 + + - name: update modules + run: | + rm -rf node_modules + yarn + + - name: Build, tag, and push image to Amazon ECR + env: + ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }} + ECR_REPOSITORY: prod-services + IMAGE_TAG: "AFJ_V_${{ github.run_number }}" + run: | + docker build -t $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG . + docker push $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG + docker image list + + - name: Set environment variables + run: | + echo "ECR_REGISTRY=${{ steps.login-ecr.outputs.registry }}" >> $GITHUB_ENV + echo "ECR_REPOSITORY=prod-services" >> $GITHUB_ENV + echo "IMAGE_TAG=AFJ_V_${{ github.run_number }}" >> $GITHUB_ENV + + - name: Print environment variables + run: | + echo "ECR_REGISTRY: $ECR_REGISTRY" + echo "ECR_REPOSITORY: $ECR_REPOSITORY" + echo "IMAGE_TAG: $IMAGE_TAG" + + - name: Retrieve Repository URI + run: | + REPOSITORY_URI=$(aws ecr describe-repositories --repository-names ${{ env.ECR_REPOSITORY }} --region ${{ env.AWS_REGION }} | jq -r '.repositories[].repositoryUri') + echo "REPOSITORY_URI=${REPOSITORY_URI}" >> $GITHUB_ENV + + - name: Replace executionRoleArn in task definition + run: | + sed -i "s#\"executionRoleArn\": \"arn:aws:iam::.*:role/ecsTaskExecutionRole\"#\"executionRoleArn\": \"arn:aws:iam::${{ secrets.AWS_ACCOUNT_ID }}:role/ecsTaskExecutionRole\"#" taskdef/prod-credo-service.json + + - name: Update Task Definition and service + run: | + FAMILY= "stage_Platform-admin_TASKDEFITION" + SERVICE_NAME="3dcc6bba-a81a-4a1a-a256-267a09acb005-Platform-admin-service-NWJ" + echo "SERVICE_NAME: $SERVICE_NAME" + + # Replace placeholders in the JSON file + sed -e "s;%BUILD_NUMBER%;${{ github.run_number }};g" -e "s;%REPOSITORY_URI%;${REPOSITORY_URI};g" taskdef/prod-credo-service.json > ${GITHUB_WORKSPACE}/${NAME}-v_${{ github.run_number }}.json + + # Debug: Print the content of the modified JSON file + cat ${GITHUB_WORKSPACE}/${NAME}-v_${{ github.run_number }}.json + + # Register the task definition using the modified JSON file + aws ecs register-task-definition --family ${FAMILY} --cli-input-json file://${GITHUB_WORKSPACE}/${NAME}-v_${{ github.run_number }}.json --region ${{ env.AWS_REGION }} + + SERVICE_INFO=$(aws ecs describe-services --services ${SERVICE_NAME} --cluster ${CLUSTER} --region ap-southeast-1) + + # Check if the service exists + if [ -z "$SERVICE_INFO" ]; then + echo "Service does not exist, creating new service..." + # Your logic to create a new service goes here + else + echo "Entered existing service" + # Extract desired count from the stored service info + DESIRED_COUNT=$(echo "$SERVICE_INFO" | jq -r '.services[].desiredCount') + echo "DESIRED_COUNT: $DESIRED_COUNT" + + if [ "$DESIRED_COUNT" = "0" ]; then + DESIRED_COUNT="1" + fi + # Update the existing service + REVISION=$(aws ecs describe-task-definition --task-definition ${FAMILY} --region ap-southeast-1 | jq -r '.taskDefinition.revision') + aws ecs update-service --cluster ${CLUSTER} --region ap-southeast-1 --service ${SERVICE_NAME} --task-definition ${FAMILY}:${REVISION} --desired-count ${DESIRED_COUNT} + fi diff --git a/taskdef/prod-credo-service.json b/taskdef/prod-credo-service.json new file mode 100644 index 00000000..4ce54b67 --- /dev/null +++ b/taskdef/prod-credo-service.json @@ -0,0 +1,80 @@ +{ + "family": "Prod_Platform-admin_TASKDEFITION", + "containerDefinitions": [ + { + "name": "Platform-admin", + "image": "%REPOSITORY_URI%:CREDO_V_%BUILD_NUMBER%", + "cpu": 2048, + "memory": 8019, + "portMappings": [ + { + "name": "platform-admin-8002-tcp", + "containerPort": 8002, + "hostPort": 8002, + "protocol": "tcp" + }, + { + "name": "platform-admin-9002-tcp", + "containerPort": 9002, + "hostPort": 9002, + "protocol": "tcp" + } + ], + "essential": true, + "command": [ + "--auto-accept-connections", + "--config", + "/config/3dcc6bba-a81a-4a1a-a256-267a09acb005_Platform-admin.json" + ], + "environment": [], + "environmentFiles": [ + { + "value": "arn:aws:s3:::env-stagebucket/.env", + "type": "s3" + } + ], + "mountPoints": [ + { + "sourceVolume": "AGENT-CONFIG", + "containerPath": "/config", + "readOnly": true + } + ], + "volumesFrom": [], + "ulimits": [], + "logConfiguration": { + "logDriver": "awslogs", + "options": { + "awslogs-group": "/ecs/Prod_Platform-admin_TASKDEFITION", + "awslogs-create-group": "true", + "awslogs-region": "ap-southeast-1", + "awslogs-stream-prefix": "ecs" + }, + "secretOptions": [] + }, + "systemControls": [] + } + ], + "executionRoleArn": "arn:aws:iam::id:role/ecsTaskExecutionRole", + "networkMode": "awsvpc", + "volumes": [ + { + "name": "AGENT-CONFIG", + "efsVolumeConfiguration": { + "fileSystemId": "fs-07c309727dd8993de", + "rootDirectory": "/", + "transitEncryption": "ENABLED", + "authorizationConfig": { + "accessPointId": "fsap-08d8c4b70c9f945ce", + "iam": "DISABLED" + } + } + } + ], + "placementConstraints": [], + "requiresCompatibilities": [ + "FARGATE" + ], + "cpu": "2048", + "memory": "8019" +} diff --git a/taskdef/stage-credo-service.json b/taskdef/stage-credo-service.json new file mode 100644 index 00000000..30f28cf0 --- /dev/null +++ b/taskdef/stage-credo-service.json @@ -0,0 +1,80 @@ +{ + "family": "Stage_Platform-admin_TASKDEFIITION", + "containerDefinitions": [ + { + "name": "Platform-admin", + "image": "%REPOSITORY_URI%:CREDO_V_%BUILD_NUMBER%", + "cpu": 2048, + "memory": 8019, + "portMappings": [ + { + "name": "platform-admin-8012-tcp", + "containerPort": 8012, + "hostPort": 8012, + "protocol": "tcp" + }, + { + "name": "platform-admin-9012-tcp", + "containerPort": 9012, + "hostPort": 9012, + "protocol": "tcp" + } + ], + "essential": true, + "command": [ + "--auto-accept-connections", + "--config", + "/config/049b3262-5b2e-4d81-af7d-7badf7187736_Platform-admin.json" + ], + "environment": [], + "environmentFiles": [ + { + "value": "arn:aws:s3:::env-stagebucket/.env", + "type": "s3" + } + ], + "mountPoints": [ + { + "sourceVolume": "AGENT-CONFIG", + "containerPath": "/config", + "readOnly": true + } + ], + "volumesFrom": [], + "ulimits": [], + "logConfiguration": { + "logDriver": "awslogs", + "options": { + "awslogs-group": "/ecs/stage_Platform-admin_TASKDEFITION", + "awslogs-create-group": "true", + "awslogs-region": "ap-southeast-1", + "awslogs-stream-prefix": "ecs" + }, + "secretOptions": [] + }, + "systemControls": [] + } + ], + "executionRoleArn": "arn:aws:iam::id:role/ecsTaskExecutionRole", + "networkMode": "awsvpc", + "volumes": [ + { + "name": "AGENT-CONFIG", + "efsVolumeConfiguration": { + "fileSystemId": "fs-0d8cf2678c1623315", + "rootDirectory": "/", + "transitEncryption": "ENABLED", + "authorizationConfig": { + "accessPointId": "fsap-052f7f42375b640a5", + "iam": "DISABLED" + } + } + } + ], + "placementConstraints": [], + "requiresCompatibilities": [ + "FARGATE" + ], + "cpu": "2048", + "memory": "8019" +}