diff --git a/.github/workflows/deploy-eks.yml b/.github/workflows/deploy-eks.yml index 0daf83a9..b88c848d 100644 --- a/.github/workflows/deploy-eks.yml +++ b/.github/workflows/deploy-eks.yml @@ -33,9 +33,7 @@ on: types: [ "trigger_deploy_release_event" ] env: - AWS_REGION: us-west-2 # set this to your preferred AWS region, e.g. us-west-1\ # file, e.g. .aws/task-definition.json - CONTAINER_NAME: MY_CONTAINER_NAME # set this to the name of the container in the - # containerDefinitions section of your task definition + AWS_REGION: us-west-2 # set this to your preferred AWS region, e.g. us-west-1 permissions: contents: read @@ -61,41 +59,38 @@ jobs: uses: actions/checkout@v3 - name: Configure AWS credentials - uses: aws-actions/configure-aws-credentials@v1 + uses: aws-actions/configure-aws-credentials@v4.0.1 with: aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} - aws-region: ${{ env.AWS_REGION }} + aws-region: ${{ env.AWS_REGION }} - - name: Login to Amazon ECR - id: login-ecr - uses: aws-actions/amazon-ecr-login@v1 + # - name: Configure kubectl using Action + # uses: actions-hub/kubectl@master + # env: + # KUBE_CONFIG: ${{ secrets.KUBECONFIG }} - - name: Build, tag, and push image to Amazon ECR - id: build-image - env: - ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }} - IMAGE_TAG: ${{ github.sha }} + - name: Configure kubectl via Secret Env + env: + KUBE_CONFIG: ${{ secrets.KUBECONFIG }} + run: | + echo $KUBE_CONFIG > ${{ github.workspace }}/kubeconfig + export KUBECONFIG=${{ github.workspace }}/kubeconfig + kubectl config get-contexts + kubectl config use-context eks-uswest2-cluster + kubectl version + + - name: Install AWS CLI run: | - # Build a docker container and - # push it to ECR so that it can - # be deployed to ECS. - docker build -t $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG . - docker push $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG - echo "image=$ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG" >> $GITHUB_OUTPUT + curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip" + unzip awscliv2.zip + sudo ./aws/install + aws --version + + - name: Deploy to EKS + shell: pwsh + run: ${{ github.workspace }}/scripts/deploy.ps1 + + - - name: Fill in the new image ID in the Amazon ECS task definition - id: task-def - uses: aws-actions/amazon-ecs-render-task-definition@v1 - with: - task-definition: ${{ env.ECS_TASK_DEFINITION }} - container-name: ${{ env.CONTAINER_NAME }} - image: ${{ steps.build-image.outputs.image }} - - name: Deploy Amazon ECS task definition - uses: aws-actions/amazon-ecs-deploy-task-definition@v1 - with: - task-definition: ${{ steps.task-def.outputs.task-definition }} - service: ${{ env.ECS_SERVICE }} - cluster: ${{ env.ECS_CLUSTER }} - wait-for-service-stability: true diff --git a/.github/workflows/docker-publish.yml b/.github/workflows/docker-publish.yml index 60d482ba..b1be7868 100644 --- a/.github/workflows/docker-publish.yml +++ b/.github/workflows/docker-publish.yml @@ -27,8 +27,10 @@ jobs: runs-on: ubuntu-latest permissions: - contents: read - packages: write + # write required for sending repository dispatch event + contents: write + # write required for uploading docker image to packages + packages: write # This is used to complete the identity challenge # with sigstore/fulcio when running outside of PRs. id-token: write