Pipeline CI - Deploy Buddy #6
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Pipeline CI - Deploy Buddy | |
on: | |
pull_request_review: | |
types: [submitted] | |
pull_request: | |
types: [closed] | |
workflow_dispatch: | |
jobs: | |
verify-if-pull-request-is-approved: | |
runs-on: ubuntu-latest | |
steps: | |
- name: Verify if the pull request is approved | |
if: | | |
(github.event_name == 'pull_request_review' && github.event.review.state == 'approved') || | |
(github.event_name == 'pull_request' && github.event.pull_request.merged == true) || | |
(github.event_name == 'workflow_dispatch') | |
run: | | |
echo "Este PR foi aprovado." | |
verify-if-pull-request-is-from-development-branch: | |
needs: verify-if-pull-request-is-approved | |
runs-on: ubuntu-latest | |
steps: | |
- name: Verify if the pull request is sent by the development branch | |
if: github.event_name == 'pull_request' | |
run: | | |
if [[ ${{ github.event.pull_request.head.ref }} == "development" ]]; then | |
echo "Este PR vem da branch develop." | |
else | |
echo "Este PR não vem da branch develop." | |
exit 1 | |
fi | |
unit-tests: | |
needs: verify-if-pull-request-is-from-development-branch | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout Repo | |
uses: actions/checkout@v2 | |
- name: Setup Go | |
uses: actions/setup-go@v2 | |
with: | |
go-version: '1.22.2' | |
- name: Run tests and generate coverage report | |
run: | | |
cd src/sample-app-test-go | |
chmod +x run_tests.sh | |
./run_tests.sh | |
- name: Upload test report | |
uses: actions/upload-artifact@v2 | |
with: | |
name: test-report | |
path: src/sample-app-test-go/test-report.txt | |
- name: Upload coverage report | |
uses: actions/upload-artifact@v2 | |
with: | |
name: coverage-report | |
path: src/sample-app-test-go/coverage.html | |
- name: Upload coverage out file | |
uses: actions/upload-artifact@v2 | |
with: | |
name: coverage-out | |
path: src/sample-app-test-go/coverage.out | |
build-and-push-image-into-ecr: | |
needs: unit-tests | |
# needs: verify-if-pull-request-is-from-development-branch | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout Repo | |
uses: actions/checkout@v2 | |
- name: Configure AWS credentials | |
uses: aws-actions/configure-aws-credentials@v1 | |
with: | |
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
aws-session-token: ${{ secrets.AWS_SESSION_TOKEN }} | |
aws-region: ${{ secrets.AWS_DEFAULT_REGION }} | |
- name: Login to Amazon ECR | |
id: login-ecr | |
uses: aws-actions/amazon-ecr-login@v1 | |
- name: Determine IMAGE_TAG | |
id: set-tag | |
run: | | |
if [ "${{ github.event.inputs.action-type }}" == "release" ]; then | |
echo "IMAGE_TAG=latest" >> $GITHUB_ENV | |
elif [ "${{ github.event.inputs.action-type }}" == "rollback" ]; then | |
echo "IMAGE_TAG=rollback" >> $GITHUB_ENV | |
else | |
echo "IMAGE_TAG=unknown" >> $GITHUB_ENV | |
fi | |
- name: Delete Existing Image | |
run: | | |
aws ecr batch-delete-image --repository-name builds --image-ids imageTag=$IMAGE_TAG || echo "No image found with tag $IMAGE_TAG, or deletion not required." | |
- name: Verifies | |
run: | | |
echo "ECR_REGISTRY=${{ steps.login-ecr.outputs.registry }}" | |
echo "IMAGE_TAG=$IMAGE_TAG" | |
- name: Build the Docker image | |
run: | | |
docker build -t ${{ steps.login-ecr.outputs.registry }}/builds:$IMAGE_TAG -f src/server/Dockerfile src/server | |
- name: Push the Docker image to Amazon ECR | |
run: | | |
docker push ${{ steps.login-ecr.outputs.registry }}/builds:$IMAGE_TAG | |
create-github-release: | |
needs: build-and-push-image-into-ecr | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout Repo | |
uses: actions/checkout@v2 | |
- name: Install GitHub CLI | |
run: | | |
curl -fsSL https://cli.github.com/packages/githubcli-archive-keyring.gpg | sudo dd of=/usr/share/keyrings/githubcli-archive-keyring.gpg | |
sudo chmod go+r /usr/share/keyrings/githubcli-archive-keyring.gpg | |
echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/githubcli-archive-keyring.gpg] https://cli.github.com/packages stable main" | sudo tee /etc/apt/sources.list.d/github-cli.list > /dev/null | |
sudo apt update | |
sudo apt install gh -y | |
- name: Authenticate GitHub CLI | |
run: | | |
echo "${{ secrets.PERSONAL_ACCESS_TOKEN }}" | gh auth login --with-token | |
- name: Set Release Tag and Name | |
id: set-release | |
run: | | |
DATE=$(date +'%Y-%m-%d') | |
VERSION=1 | |
TAG="release-${DATE}-${VERSION}" | |
# Check if the tag already exists e increment the version number if necessary | |
while gh release view $TAG > /dev/null 2>&1; do | |
VERSION=$((VERSION + 1)) | |
TAG="release-${DATE}-${VERSION}" | |
done | |
echo "RELEASE_TAG=$TAG" >> $GITHUB_ENV | |
echo "RELEASE_NAME=Release $DATE-${VERSION}" >> $GITHUB_ENV | |
- name: Create GitHub Release | |
uses: actions/create-release@v1 | |
env: | |
GITHUB_TOKEN: ${{ secrets.PERSONAL_ACCESS_TOKEN }} | |
with: | |
tag_name: ${{ env.RELEASE_TAG }} | |
release_name: ${{ env.RELEASE_NAME }} | |
draft: false | |
prerelease: false | |
body: "New release for ${{ env.RELEASE_NAME }}" |