From ecda469b951d443f8577311a40232bb497a4acff Mon Sep 17 00:00:00 2001 From: Shivansh Agrawal Date: Fri, 8 Sep 2023 15:00:46 +0530 Subject: [PATCH] add code deploy configuration for staging environment --- .github/scripts/deploy-script.sh | 6 ++++++ .github/workflows/staging.yml | 34 ++++++++++++++++++++++++++------ appspec.yml | 7 +++++++ 3 files changed, 41 insertions(+), 6 deletions(-) create mode 100644 .github/scripts/deploy-script.sh create mode 100644 appspec.yml diff --git a/.github/scripts/deploy-script.sh b/.github/scripts/deploy-script.sh new file mode 100644 index 0000000000..02031eaed3 --- /dev/null +++ b/.github/scripts/deploy-script.sh @@ -0,0 +1,6 @@ +#! /bin/bash + +cd ~/akto/infra +docker-compose -f docker-compose-dashboard.yml pull +docker-compose -f docker-compose-dashboard.yml down +docker-compose -f docker-compose-dashboard.yml up -d \ No newline at end of file diff --git a/.github/workflows/staging.yml b/.github/workflows/staging.yml index 9a9bab93ad..04b410ad34 100644 --- a/.github/workflows/staging.yml +++ b/.github/workflows/staging.yml @@ -101,10 +101,6 @@ jobs: cd ../testing docker buildx build --platform linux/arm64/v8,linux/amd64 -t $ECR_REGISTRY/akto-api-testing:$IMAGE_TAG $IMAGE_TAG_TESTING . --push echo "::set-output name=image::$ECR_REGISTRY/akto-api-testing:$IMAGE_TAG" - - name: Update flash staging - if: ${{ github.event.inputs.Environment == 'prod' && github.event.inputs.Deploy == 'true' }} - run: | - curl https://flash.staging.akto.io/api/takeUpdate -H X-API-KEY:${{secrets.AKTO_API_KEY}} - name: Set up JDK 11 uses: actions/setup-java@v1 with: @@ -121,11 +117,37 @@ jobs: path: ~/.m2 key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }} restore-keys: ${{ runner.os }}-m2 + + deploy: + needs: build + runs-on: ubuntu-latest + environment: Dev + permissions: + id-token: write + contents: read + steps: + - uses: actions/checkout@v2 + - uses: aws-actions/configure-aws-credentials@v1 + with: + role-to-assume: ${{ secrets.IAMROLE_GITHUB }} + role-session-name: GitHub-Action-Role + aws-region: ${{ vars.AWS_REGION }} + - name: Deploy to flash + if: ${{ github.event.inputs.Environment == 'prod' && github.event.inputs.Deploy == 'true' }} + run: | + echo "Deploying branch ${{ env.GITHUB_REF }} to ${{ github.event.inputs.environment }}" + commit_hash=`git rev-parse HEAD` + aws deploy create-deployment --application-name flash-deploy --deployment-group-name flash-deployment-group --github-location repository=$GITHUB_REPOSITORY,commitId=$commit_hash --ignore-application-stop-failures + + test: + needs: deploy + runs-on: ubuntu-latest + steps: - name: Run CI/CD tests if: ${{ github.event.inputs.Environment == 'prod' && github.event.inputs.Deploy == 'true' }} - uses: oren-akto/akto-github-action@v1.0.0 + uses: akto-api-security/run-scan@v1.0.3 with: AKTO_DASHBOARD_URL: ${{vars.AKTO_DASHBOARD_URL}} - AKTO_API_KEY: ${{vars.AKTO_API_KEY}} + AKTO_API_KEY: ${{secrets.AKTO_API_KEY}} AKTO_TEST_ID: ${{vars.AKTO_TEST_ID}} START_TIME_DELAY: 180 diff --git a/appspec.yml b/appspec.yml new file mode 100644 index 0000000000..0c55291cf0 --- /dev/null +++ b/appspec.yml @@ -0,0 +1,7 @@ +version: 0.0 +os: linux +hooks: + AfterInstall: + - location: .github/scripts/deploy-script.sh + timeout: 300 + runas: root \ No newline at end of file