add code deploy configuration for staging environment

akto-api-security · Sep 8, 2023 · ecda469 · ecda469
1 parent 1b25d34
commit ecda469
Show file tree

Hide file tree

Showing 3 changed files with 41 additions and 6 deletions.
diff --git a/.github/scripts/deploy-script.sh b/.github/scripts/deploy-script.sh
@@ -0,0 +1,6 @@
+#! /bin/bash
+
+cd ~/akto/infra
+docker-compose -f docker-compose-dashboard.yml pull
+docker-compose -f docker-compose-dashboard.yml down
+docker-compose -f docker-compose-dashboard.yml up -d
diff --git a/.github/workflows/staging.yml b/.github/workflows/staging.yml
@@ -101,10 +101,6 @@ jobs:
           cd ../testing
           docker buildx build --platform linux/arm64/v8,linux/amd64 -t $ECR_REGISTRY/akto-api-testing:$IMAGE_TAG $IMAGE_TAG_TESTING . --push
           echo "::set-output name=image::$ECR_REGISTRY/akto-api-testing:$IMAGE_TAG"
-      - name: Update flash staging
-        if: ${{ github.event.inputs.Environment == 'prod' && github.event.inputs.Deploy == 'true' }}
-        run: |
-          curl https://flash.staging.akto.io/api/takeUpdate -H X-API-KEY:${{secrets.AKTO_API_KEY}}
       - name: Set up JDK 11
         uses: actions/setup-java@v1
         with:
@@ -121,11 +117,37 @@ jobs:
           path: ~/.m2
           key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }}
           restore-keys: ${{ runner.os }}-m2
+
+  deploy:
+    needs: build
+    runs-on: ubuntu-latest
+    environment: Dev
+    permissions:
+      id-token: write
+      contents: read
+    steps:
+    - uses: actions/checkout@v2
+    - uses: aws-actions/configure-aws-credentials@v1
+      with:
+        role-to-assume: ${{ secrets.IAMROLE_GITHUB }}
+        role-session-name: GitHub-Action-Role
+        aws-region: ${{ vars.AWS_REGION }}
+    - name: Deploy to flash
+      if: ${{ github.event.inputs.Environment == 'prod' && github.event.inputs.Deploy == 'true' }}
+      run: |
+        echo "Deploying branch ${{ env.GITHUB_REF }} to ${{ github.event.inputs.environment }}"
+        commit_hash=`git rev-parse HEAD`
+        aws deploy create-deployment --application-name flash-deploy --deployment-group-name flash-deployment-group --github-location repository=$GITHUB_REPOSITORY,commitId=$commit_hash --ignore-application-stop-failures
+
+  test:
+    needs: deploy
+    runs-on: ubuntu-latest
+    steps:
       - name: Run CI/CD tests
         if: ${{ github.event.inputs.Environment == 'prod' && github.event.inputs.Deploy == 'true' }}
-        uses: oren-akto/akto-github-action@v1.0.0
+        uses: akto-api-security/run-scan@v1.0.3
         with:
           AKTO_DASHBOARD_URL: ${{vars.AKTO_DASHBOARD_URL}}
-          AKTO_API_KEY: ${{vars.AKTO_API_KEY}}
+          AKTO_API_KEY: ${{secrets.AKTO_API_KEY}}
           AKTO_TEST_ID: ${{vars.AKTO_TEST_ID}}
           START_TIME_DELAY: 180
diff --git a/appspec.yml b/appspec.yml
@@ -0,0 +1,7 @@
+version: 0.0
+os: linux
+hooks:
+  AfterInstall:
+    - location: .github/scripts/deploy-script.sh
+      timeout: 300
+      runas: root