Skip to content

Commit

Permalink
Migrate to GCP
Browse files Browse the repository at this point in the history
  • Loading branch information
danieltrolezi committed Oct 4, 2024
1 parent bffc284 commit 85a1e93
Show file tree
Hide file tree
Showing 6 changed files with 362 additions and 47 deletions.
86 changes: 40 additions & 46 deletions .github/workflows/ci-cd.yml
Original file line number Diff line number Diff line change
Expand Up @@ -8,77 +8,71 @@ jobs:
tests-n-cs:
uses: ./.github/workflows/tests-n-cs.yml

docker-image-ecr:
docker-image-ar:
runs-on: ubuntu-latest
needs: tests-n-cs

steps:
- name: Check out the repository
uses: actions/checkout@v4

- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v4
- name: Set up Google Cloud authentication
uses: google-github-actions/auth@v1
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: ${{ vars.AWS_REGION }}
credentials_json: ${{ secrets.GCP_SA_KEY }}

- name: Login to Amazon ECR
run: |
aws ecr get-login-password --region ${{ vars.AWS_REGION }} \
| docker login --username AWS --password-stdin ${{ secrets.ECR_REPOSITORY_URI }}
- name: Set up gcloud CLI
uses: google-github-actions/setup-gcloud@v1
with:
project_id: ${{ secrets.GCP_PROJECT_ID }}
service_account_key: ${{ secrets.GCP_SA_KEY }}
export_default_credentials: true

- name: Configure Docker to use Artifact Registry
run: gcloud auth configure-docker ${{ secrets.GCP_REGION }}-docker.pkg.dev

- name: Build Docker image (Octane)
run: docker build . --file Dockerfile.app --tag ${{ vars.DOCKER_IMAGE_TAG }}/octane
run: docker build . --file Dockerfile.app --tag octane:latest

- name: Build Docker image (Nginx)
run: docker build . --file Dockerfile.nginx --tag ${{ vars.DOCKER_IMAGE_TAG }}/nginx
run: docker build . --file Dockerfile.nginx --tag nginx:latest

- name: Tag Docker images
run: |
docker tag ${{ vars.DOCKER_IMAGE_TAG }}/octane:latest ${{ secrets.ECR_REPOSITORY_URI }}:latest-octane
docker tag ${{ vars.DOCKER_IMAGE_TAG }}/nginx:latest ${{ secrets.ECR_REPOSITORY_URI }}:latest-nginx
docker tag octane:latest ${{ secrets.GCP_AR_REPOSITORY }}/octane:latest
docker tag nginx:latest ${{ secrets.GCP_AR_REPOSITORY }}/nginx:latest
- name: Push Docker images to ECR
- name: Push Docker images to Artifact Registry
run: |
docker push ${{ secrets.ECR_REPOSITORY_URI }}:latest-octane
docker push ${{ secrets.ECR_REPOSITORY_URI }}:latest-nginx
docker push ${{ secrets.GCP_AR_REPOSITORY }}/octane:latest
docker push ${{ secrets.GCP_AR_REPOSITORY }}nginx:latest
ecs-service-deploy:
cr-service-deploy:
runs-on: ubuntu-latest
needs: docker-image-ecr
needs: docker-image-ar

steps:
- name: Check out the repository
uses: actions/checkout@v4

- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v4
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: ${{ vars.AWS_REGION }}

- name: Update ECS task definition
- name: Update Cloud Run Service definition
run: |
sed -i 's|<ECS_TASK_EXEC_ROLE>|${{ secrets.ECS_TASK_EXEC_ROLE }}|' ./ecs/deployment-task.json
sed -i 's|<ECS_TASK_ROLE>|${{ secrets.ECS_TASK_ROLE }}|' ./ecs/deployment-task.json
sed -i 's|<ECS_SERVICE_NAME>|${{ vars.ECS_SERVICE_NAME }}|' ./ecs/deployment-task.json
sed -i 's|<SSM_NAMESPACE>|${{ secrets.SSM_NAMESPACE }}|' ./ecs/deployment-task.json
sed -i 's|<IMAGE_OCTANE>|${{ secrets.ECR_REPOSITORY_URI }}:latest-octane|' ./ecs/deployment-task.json
sed -i 's|<IMAGE_NGINX>|${{ secrets.ECR_REPOSITORY_URI }}:latest-nginx|' ./ecs/deployment-task.json
sed -i 's|<GCP_PROJECT_ID>|${{ secrets.GCP_PROJECT_ID }}|' ./gcp/cloud-run/service.yaml
sed -i 's|<GCP_CLOUD_RUN_SERVICE>|${{ secrets.GCP_CLOUD_RUN_SERVICE }}|' ./gcp/cloud-run/service.yaml
sed -i 's|<DOCKER_IMAGE_OCTANE>|${{ secrets.GCP_AR_REPOSITORY }}/octane:latest|' ./gcp/cloud-run/service.yaml
sed -i 's|<DOCKER_IMAGE_NGINX>|${{ secrets.GCP_AR_REPOSITORY }}/nginx:latest|' ./gcp/cloud-run/service.yaml
- name: Register updated task definition
run: |
aws ecs register-task-definition \
--cli-input-json file://./ecs/deployment-task.json \
--region ${{ vars.AWS_REGION }}
- name: Set up Google Cloud authentication
uses: google-github-actions/auth@v1
with:
credentials_json: ${{ secrets.GCP_SA_KEY }}

- name: Deploy updated ECS service
run: |
aws ecs update-service \
--cluster ${{ vars.ECS_CLUSTER }} \
--service ${{ vars.ECS_SERVICE_NAME }} \
--task-definition ${{ vars.ECS_SERVICE_NAME }}-task \
--force-new-deployment \
--region ${{ vars.AWS_REGION }}
- name: Set up gcloud CLI
uses: google-github-actions/setup-gcloud@v1
with:
project_id: ${{ secrets.GCP_PROJECT_ID }}
service_account_key: ${{ secrets.GCP_SA_KEY }}
export_default_credentials: true

- name: Deploy to Cloud Run
run: gcloud run services replace ./gcp/cloud-run/service.yaml --region ${{ secrets.GCP_REGION }}
2 changes: 1 addition & 1 deletion Dockerfile.app
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
FROM 471112560082.dkr.ecr.us-east-2.amazonaws.com/codelab92/php:8.3-swoole
FROM southamerica-east1-docker.pkg.dev/codelab92/php/8.3-swoole:latest

ARG APP_ENV=production
ENV APP_ENV=${APP_ENV}
Expand Down
File renamed without changes.
84 changes: 84 additions & 0 deletions aws/workflows/ci-cd.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,84 @@
name: Application CI/CD

on:
push:
branches: [ "master" ]

jobs:
tests-n-cs:
uses: ./.github/workflows/tests-n-cs.yml

docker-image-ecr:
runs-on: ubuntu-latest
needs: tests-n-cs

steps:
- name: Check out the repository
uses: actions/checkout@v4

- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v4
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: ${{ vars.AWS_REGION }}

- name: Login to Amazon ECR
run: |
aws ecr get-login-password --region ${{ vars.AWS_REGION }} \
| docker login --username AWS --password-stdin ${{ secrets.ECR_REPOSITORY_URI }}
- name: Build Docker image (Octane)
run: docker build . --file Dockerfile.app --tag ${{ vars.DOCKER_IMAGE_TAG }}/octane

- name: Build Docker image (Nginx)
run: docker build . --file Dockerfile.nginx --tag ${{ vars.DOCKER_IMAGE_TAG }}/nginx

- name: Tag Docker images
run: |
docker tag ${{ vars.DOCKER_IMAGE_TAG }}/octane:latest ${{ secrets.ECR_REPOSITORY_URI }}:latest-octane
docker tag ${{ vars.DOCKER_IMAGE_TAG }}/nginx:latest ${{ secrets.ECR_REPOSITORY_URI }}:latest-nginx
- name: Push Docker images to ECR
run: |
docker push ${{ secrets.ECR_REPOSITORY_URI }}:latest-octane
docker push ${{ secrets.ECR_REPOSITORY_URI }}:latest-nginx
ecs-service-deploy:
runs-on: ubuntu-latest
needs: docker-image-ecr

steps:
- name: Check out the repository
uses: actions/checkout@v4

- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v4
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: ${{ vars.AWS_REGION }}

- name: Update ECS task definition
run: |
sed -i 's|<ECS_TASK_EXEC_ROLE>|${{ secrets.ECS_TASK_EXEC_ROLE }}|' ./aws/ecs/deployment-task.json
sed -i 's|<ECS_TASK_ROLE>|${{ secrets.ECS_TASK_ROLE }}|' ./aws/ecs/deployment-task.json
sed -i 's|<ECS_SERVICE_NAME>|${{ vars.ECS_SERVICE_NAME }}|' ./aws/ecs/deployment-task.json
sed -i 's|<SSM_NAMESPACE>|${{ secrets.SSM_NAMESPACE }}|' ./aws/ecs/deployment-task.json
sed -i 's|<IMAGE_OCTANE>|${{ secrets.ECR_REPOSITORY_URI }}:latest-octane|' ./aws/ecs/deployment-task.json
sed -i 's|<IMAGE_NGINX>|${{ secrets.ECR_REPOSITORY_URI }}:latest-nginx|' ./aws/ecs/deployment-task.json
- name: Register updated task definition
run: |
aws ecs register-task-definition \
--cli-input-json file://./aws/ecs/deployment-task.json \
--region ${{ vars.AWS_REGION }}
- name: Deploy updated ECS service
run: |
aws ecs update-service \
--cluster ${{ vars.ECS_CLUSTER }} \
--service ${{ vars.ECS_SERVICE_NAME }} \
--task-definition ${{ vars.ECS_SERVICE_NAME }}-task \
--force-new-deployment \
--region ${{ vars.AWS_REGION }}
Loading

0 comments on commit 85a1e93

Please sign in to comment.