Skip to content

Bump actions/checkout from 4.1.2 to 4.1.3 (#2951) #610

Bump actions/checkout from 4.1.2 to 4.1.3 (#2951)

Bump actions/checkout from 4.1.2 to 4.1.3 (#2951) #610

name: AWS Deploy Staging
on:
push:
branches: [ main, main-vnext ]
workflow_dispatch:
jobs:
build:
name: Build and push to ECR
runs-on: ubuntu-latest
environment:
name: AWS Staging
outputs:
aws_public_registry: ${{ steps.login-ecr-public.outputs.registry }}
steps:
- uses: actions/[email protected]
- id: docker-tag
uses: yuya-takeyama/docker-tag-from-github-ref-action@v1
- name: Configure AWS credentials
id: aws-credentials
uses: aws-actions/configure-aws-credentials@v4
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
# Should use us-east-1 region to push to ECR public registry
aws-region: ${{ secrets.AWS_REGION }}
- name: Login to Amazon ECR
id: login-ecr
uses: aws-actions/amazon-ecr-login@v2
- name: Get a latest Git tag
uses: actions-ecosystem/action-get-latest-tag@v1
id: get-latest-tag
with:
semver_only: true
- name: Bump the semver version up
uses: actions-ecosystem/action-bump-semver@v1
id: bump-semver
with:
current_version: ${{ steps.get-latest-tag.outputs.tag }}
level: minor
- name: Remove leading v to semver
id: final-version
run: |
echo "::set-output name=new_version::$(echo ${{ steps.bump-semver.outputs.new_version }} | sed 's/^v//')"
- name: Docker meta
id: meta
uses: docker/metadata-action@v5
with:
# list of Docker images to use as base name for tags
images: |
${{ steps.login-ecr.outputs.registry }}/${{ vars.AWS_ECR_REPOSITORY }}
tags: |
type=raw,enable=true,priority=200,prefix=,suffix=,value=${{ steps.final-version.outputs.new_version }}
type=sha,enable=true,priority=100,prefix=sha-,suffix=,format=short
- name: Build and push
# You may pin to the exact commit or the version.
uses: docker/[email protected]
with:
# Build's context is the set of files located in the specified PATH or URL
context: src/
# Push is a shorthand for --output=type=registry
push: true
build-args: |
BUILD_VERSION=${{ steps.final-version.outputs.new_version }}
GITHUB_RUN_NUMBER=${{ github.run_number }}
tags:
${{ steps.meta.outputs.tags }}
deploy:
name: Deploy to AWS
runs-on: ubuntu-latest
needs: build
environment:
name: AWS Staging
steps:
- uses: actions/[email protected]
- name: Configure AWS credentials
id: aws-credentials
uses: aws-actions/configure-aws-credentials@v4
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: ${{ secrets.AWS_REGION }}
- name: Login to Amazon ECR
id: login-ecr
uses: aws-actions/amazon-ecr-login@v2
- name: Set outputs
id: git_sha
run: echo "sha_short=$(git rev-parse --short HEAD)" >> $GITHUB_OUTPUT
- name: Deploy to App Runner Image
id: deploy-apprunner
uses: awslabs/amazon-app-runner-deploy@main
env:
ASPNETCORE_ENVIRONMENT: Development
CLOUDPROVIDER: AWS
PORTALNAME: ${{ vars.PORTALNAME }}
AWS__REGION: ${{ secrets.AWS_REGION }}
AWS__ACCOUNTID: ${{ secrets.AWS_ACCOUNTID }}
AWS__BUCKETNAME: ${{ vars.AWS_BUCKETNAME }}
OIDC__APICLIENTID: ${{ vars.OIDC_APICLIENTID }}
OIDC__CLIENTID: ${{ vars.OIDC_CLIENTID }}
OIDC__AUTHORITY: ${{ vars.OIDC_AUTHORITY }}
OIDC__METADATAURL: ${{ vars.OIDC_METADATAURL }}
OIDC__SCOPE: ${{ vars.OIDC_SCOPE }}
OIDC__VALIDATEAUDIENCE: ${{ vars.OIDC_VALIDATEAUDIENCE }}
AWS__GREENGRASSCORETOKENEXCHANGEROLEALIASNAME: "aurademoiot-GreengrassCoreTokenExchangeRoleAlias"
AWS__GREENGRASSREQUIREDROLES__0: "aurademoiot-GreengrassCoreTokenExchangeRoleAliasPolicy"
AWS__GREENGRASSREQUIREDROLES__1: "aurademoiot-GreengrassV2IoTThingPolicy"
with:
service: ${{ vars.AWS_APP_RUNNER_NAME }}
image: ${{ steps.login-ecr.outputs.registry }}/${{ vars.AWS_ECR_REPOSITORY }}:sha-${{ steps.git_sha.outputs.sha_short }}
access-role-arn: ${{ secrets.AWS_ROLE_ARN }}
region: ${{ secrets.AWS_REGION }}
cpu : 1
memory : 2
wait-for-service-stability-seconds: 1200
copy-env-vars: |
ASPNETCORE_ENVIRONMENT
CLOUDPROVIDER
PORTALNAME
AWS__REGION
AWS__ACCOUNTID
AWS__BUCKETNAME
OIDC__APICLIENTID
OIDC__CLIENTID
OIDC__AUTHORITY
OIDC__METADATAURL
OIDC__SCOPE
OIDC__VALIDATEAUDIENCE
AWS__GREENGRASSCORETOKENEXCHANGEROLEALIASNAME
AWS__GREENGRASSREQUIREDROLES__0
AWS__GREENGRASSREQUIREDROLES__1
- name: App Runner URL
run: echo "App runner URL ${{ steps.deploy-apprunner.outputs.service-url }}"