generated from energywebfoundation/EWFRepositoryTemplate
-
Notifications
You must be signed in to change notification settings - Fork 3
139 lines (125 loc) · 5.76 KB
/
deploy.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
name: Build and deploy
on:
push:
branches: ['develop']
paths-ignore: ['devops/**']
workflow_dispatch:
jobs:
cancel-previous:
name: 'Cancel Previous Runs'
runs-on: ubuntu-latest
timeout-minutes: 3
steps:
- uses: styfle/[email protected]
with:
access_token: ${{ github.token }}
unique_id:
runs-on: ubuntu-latest
steps:
- name: Generate unique id
id: unique_id
run: echo "::set-output name=id::$(uuidgen)"
outputs:
unique_id: ${{ steps.unique_id.outputs.id }}
install-build-and-push:
runs-on: ubuntu-latest
needs: [cancel-previous, unique_id]
steps:
- name: Get GHA environment name
id: env_vars
run: |
echo "Running on branch ${{ github.ref }}"
if [ "${{ github.ref }}" = "refs/heads/develop" ]; then
echo "::set-output name=aws_region::${{ secrets.AWS_REGION }}"
echo "::set-output name=aws_access_key_id_ssi::${{ secrets.DEV_AWS_ACCESS_KEY_ID }}"
echo "::set-output name=aws_secret_key_ssi::${{ secrets.DEV_AWS_SECRET_ACCESS_KEY }}"
echo "::set-output name=aws_ecr_repository_ssi::${{ secrets.DEV_ECR_REPOSITORY }}"
echo "::set-output name=aws_access_key_id_idc::${{ secrets.DEV_AWS_ACCESS_KEY_ID_IDC }}"
echo "::set-output name=aws_secret_key_idc::${{ secrets.DEV_AWS_SECRET_ACCESS_KEY_IDC }}"
echo "::set-output name=aws_ecr_repository_idc::${{ secrets.DEV_ECR_REPOSITORY_IDC }}"
echo "::set-output name=argocd_url::${{ secrets.DEV_ARGOCD_URL }}"
echo "::set-output name=argocd_username::${{ secrets.DEV_ARGOCD_USERNAME }}"
echo "::set-output name=argocd_password::${{ secrets.DEV_ARGOCD_PASS }}"
else
echo "Branch ${{ github.ref }} is not configured for deployment"
exit 1
fi
- uses: actions/checkout@v2
- name: Get the tag version
id: get_version
run: echo ::set-output name=VERSION::${GITHUB_REF#refs/tags/}
- name: Bump version and push tag
id: tag_version
uses: mathieudutour/[email protected]
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
release_branches: develop
custom_release_rules: major:major:Major Changes,minor:minor:Minor Changes,chore:patch:Chores
- name: Create a GitHub release
uses: ncipollo/release-action@v1
with:
tag: ${{ steps.tag_version.outputs.new_tag }}
name: Release ${{ steps.tag_version.outputs.new_tag }}
body: ${{ steps.tag_version.outputs.changelog }}
- name: Configure AWS credentials SSI
uses: aws-actions/configure-aws-credentials@v1
with:
aws-access-key-id: ${{ steps.env_vars.outputs.aws_access_key_id_ssi }}
aws-secret-access-key: ${{ steps.env_vars.outputs.aws_secret_key_ssi }}
aws-region: ${{ steps.env_vars.outputs.aws_region }}
- name: Login to Amazon ECR
id: login-ecr-ssi
uses: aws-actions/amazon-ecr-login@v1
- name: Build & push docker SSI images
env:
BUILD_ID: ${{ steps.tag_version.outputs.new_tag }}
ECR_REGISTRY: ${{ steps.login-ecr-ssi.outputs.registry }}
run: |
docker build -t $ECR_REGISTRY/${{ steps.env_vars.outputs.aws_ecr_repository_ssi }}:$BUILD_ID -f apps/vc-api/Dockerfile .
docker push $ECR_REGISTRY/${{ steps.env_vars.outputs.aws_ecr_repository_ssi }}:$BUILD_ID
- name: Logout of Amazon ECR
if: always()
run: docker logout ${{ steps.login-ecr-ssi.outputs.registry }}
- name: Deploy SSI
uses: clowdhaus/argo-cd-action/@v1.9.0
id: argocd_login_ssi
with:
command: login ${{ steps.env_vars.outputs.argocd_url }}
options: --insecure --password ${{ steps.env_vars.outputs.argocd_password }} --username ${{ steps.env_vars.outputs.argocd_username }}
- name: ArgoCD overvrite SSI values.yaml
uses: clowdhaus/argo-cd-action/@v1.9.0
id: argocd_image_tag_overwrite_ssi
with:
command: app set ssi-wallet
options: -p image.tag=${{ steps.tag_version.outputs.new_tag }}
- name: Configure AWS credentials IDC
uses: aws-actions/configure-aws-credentials@v1
with:
aws-access-key-id: ${{ steps.env_vars.outputs.aws_access_key_id_idc }}
aws-secret-access-key: ${{ steps.env_vars.outputs.aws_secret_key_idc }}
aws-region: ${{ steps.env_vars.outputs.aws_region }}
- name: Login to Amazon ECR
id: login-ecr-idc
uses: aws-actions/amazon-ecr-login@v1
- name: Build & push docker images IDC
env:
BUILD_ID: ${{ steps.tag_version.outputs.new_tag }}
ECR_REGISTRY: ${{ steps.login-ecr-idc.outputs.registry }}
run: |
docker build -t $ECR_REGISTRY/${{ steps.env_vars.outputs.aws_ecr_repository_idc }}:$BUILD_ID -f apps/input-descriptor-to-credential/Dockerfile .
docker push $ECR_REGISTRY/${{ steps.env_vars.outputs.aws_ecr_repository_idc }}:$BUILD_ID
- name: Logout of Amazon ECR
if: always()
run: docker logout ${{ steps.login-ecr-idc.outputs.registry }}
- name: Deploy IDC
uses: clowdhaus/argo-cd-action/@v1.9.0
id: argocd_login_idc
with:
command: login ${{ steps.env_vars.outputs.argocd_url }}
options: --insecure --password ${{ steps.env_vars.outputs.argocd_password }} --username ${{ steps.env_vars.outputs.argocd_username }}
- name: ArgoCD overvrite IDC values.yaml
uses: clowdhaus/argo-cd-action/@v1.9.0
id: argocd_image_tag_overwrite_idc
with:
command: app set input-descriptor-credential
options: -p image.tag=${{ steps.tag_version.outputs.new_tag }}