1313jobs :
1414 build-and-deploy :
1515 runs-on : ubuntu-latest
16+ environment : staging
17+ permissions :
18+ contents : read
19+ id-token : write
20+ env :
21+ AWS_REGION : ${{ vars.AWS_REGION }}
22+ ECR_REGISTRY : ${{ vars.ECR_REGISTRY }}
23+ ECR_REPOSITORY_API : ${{ vars.ECR_REPOSITORY_API }}
24+ ECR_REPOSITORY_WEBAPP : ${{ vars.ECR_REPOSITORY_WEBAPP }}
25+ ECS_CLUSTER : gauzy-pr-test
26+ ECS_SERVICE_API_PR : gauzy-api-pr
27+ ECS_SERVICE_WEBAPP_PR : gauzy-webapp-pr
1628
1729 steps :
1830 - name : Checkout code
2133 - name : Configure AWS credentials
2234 uses : aws-actions/configure-aws-credentials@v1
2335 with :
24- aws-access-key-id : ${{ secrets.AWS_ACCESS_KEY_ID }}
25- aws-secret-access-key : ${{ secrets.AWS_SECRET_ACCESS_KEY }}
26- aws-region : ${{ secrets.AWS_REGION }}
36+ role-to-assume : ${{ secrets.AWS_ROLE_ARN }}
37+ aws-region : ${{ env.AWS_REGION }}
2738
2839 - name : Login to Amazon ECR
2940 id : login-ecr
@@ -32,37 +43,33 @@ jobs:
3243 # Build and deploy API
3344 - name : Build and Push API Image
3445 env :
35- ECR_REGISTRY : ${{ steps.login-ecr.outputs.registry }}
36- ECR_REPOSITORY : gauzy-api
3746 IMAGE_TAG : pr-${{ github.event.pull_request.number }}
3847 run : |
39- docker build -t $ECR_REGISTRY/$ECR_REPOSITORY :$IMAGE_TAG -f .deploy/api/Dockerfile .
40- docker push $ECR_REGISTRY/$ECR_REPOSITORY :$IMAGE_TAG
48+ docker build -t ${{ env. ECR_REGISTRY }}/${{ env.ECR_REPOSITORY_API }} :$IMAGE_TAG -f .deploy/api/Dockerfile .
49+ docker push ${{ env. ECR_REGISTRY }}/${{ env.ECR_REPOSITORY_API }} :$IMAGE_TAG
4150
4251# Build and deploy Frontend
4352 - name : Build and Push Frontend Image
4453 env :
45- ECR_REGISTRY : ${{ steps.login-ecr.outputs.registry }}
46- ECR_REPOSITORY : gauzy-webapp
4754 IMAGE_TAG : pr-${{ github.event.pull_request.number }}
4855 run : |
49- docker build -t $ECR_REGISTRY/$ECR_REPOSITORY :$IMAGE_TAG -f .deploy/webapp/Dockerfile .
50- docker push $ECR_REGISTRY/$ECR_REPOSITORY :$IMAGE_TAG
56+ docker build -t ${{ env. ECR_REGISTRY }}/${{ env.ECR_REPOSITORY_WEBAPP }} :$IMAGE_TAG -f .deploy/webapp/Dockerfile .
57+ docker push ${{ env. ECR_REGISTRY }}/${{ env.ECR_REPOSITORY_WEBAPP }} :$IMAGE_TAG
5158
5259name : Deploy to AWS ECS for Testing
5360 run : |
54- aws ecs update-service --cluster gauzy-pr-test --service gauzy-api-pr --force-new-deployment
55- aws ecs update-service --cluster gauzy-pr-test --service gauzy-webapp-pr --force-new-deployment
61+ aws ecs update-service --cluster ${{ env.ECS_CLUSTER }} --service ${{ env.ECS_SERVICE_API_PR }} --force-new-deployment
62+ aws ecs update-service --cluster ${{ env.ECS_CLUSTER }} --service ${{ env.ECS_SERVICE_WEBAPP_PR }} --force-new-deployment
5663
5764name : Wait for Services
5865 id : get-alb-dns
5966 run : |
6067 # Wait for ECS services to be stable
61- aws ecs wait services-stable --cluster gauzy-pr-test --services gauzy-api-pr gauzy-webapp-pr
68+ aws ecs wait services-stable --cluster ${{ env.ECS_CLUSTER }} --services ${{ env.ECS_SERVICE_API_PR }} ${{ env.ECS_SERVICE_WEBAPP_PR }}
6269
6370 # Get the ALB DNS and wait for endpoints
64- API_URL=$(aws ecs describe-services --cluster gauzy-pr-test --services gauzy-api-pr --query 'services[0].loadBalancers[0].targetGroupArn' --output text | xargs -I {} aws elbv2 describe-target-groups --target-group-arns {} --query 'TargetGroups[0].LoadBalancerArns[0]' --output text | xargs -I {} aws elbv2 describe-load-balancers --load-balancer-arns {} --query 'LoadBalancers[0].DNSName' --output text)
65- WEBAPP_URL=$(aws ecs describe-services --cluster gauzy-pr-test --services gauzy-webapp-pr --query 'services[0].loadBalancers[0].targetGroupArn' --output text | xargs -I {} aws elbv2 describe-target-groups --target-group-arns {} --query 'TargetGroups[0].LoadBalancerArns[0]' --output text | xargs -I {} aws elbv2 describe-load-balancers --load-balancer-arns {} --query 'LoadBalancers[0].DNSName' --output text)
71+ API_URL=$(aws ecs describe-services --cluster ${{ env.ECS_CLUSTER }} --services ${{ env.ECS_SERVICE_API_PR }} --query 'services[0].loadBalancers[0].targetGroupArn' --output text | xargs -I {} aws elbv2 describe-target-groups --target-group-arns {} --query 'TargetGroups[0].LoadBalancerArns[0]' --output text | xargs -I {} aws elbv2 describe-load-balancers --load-balancer-arns {} --query 'LoadBalancers[0].DNSName' --output text)
72+ WEBAPP_URL=$(aws ecs describe-services --cluster ${{ env.ECS_CLUSTER }} --services ${{ env.ECS_SERVICE_WEBAPP_PR }} --query 'services[0].loadBalancers[0].targetGroupArn' --output text | xargs -I {} aws elbv2 describe-target-groups --target-group-arns {} --query 'TargetGroups[0].LoadBalancerArns[0]' --output text | xargs -I {} aws elbv2 describe-load-balancers --load-balancer-arns {} --query 'LoadBalancers[0].DNSName' --output text)
6673
6774 echo "api_url=$API_URL" >> $GITHUB_OUTPUT
6875 echo "webapp_url=$WEBAPP_URL" >> $GITHUB_OUTPUT
@@ -102,9 +109,9 @@ jobs:
102109 if : always()
103110 run : |
104111 # Stop ECS services
105- aws ecs update-service --cluster gauzy-pr-test --service gauzy-api-pr --desired-count 0
106- aws ecs update-service --cluster gauzy-pr-test --service gauzy-webapp-pr --desired-count 0
112+ aws ecs update-service --cluster ${{ env.ECS_CLUSTER }} --service ${{ env.ECS_SERVICE_API_PR }} --desired-count 0
113+ aws ecs update-service --cluster ${{ env.ECS_CLUSTER }} --service ${{ env.ECS_SERVICE_WEBAPP_PR }} --desired-count 0
107114
108115 # Delete ECR images
109- aws ecr batch-delete-image --repository-name gauzy-api --image-ids imageTag=pr-${{ github.event.pull_request.number }}
110- aws ecr batch-delete-image --repository-name gauzy-webapp --image-ids imageTag=pr-${{ github.event.pull_request.number }}
116+ aws ecr batch-delete-image --repository-name ${{ env.ECR_REPOSITORY_API }} --image-ids imageTag=pr-${{ github.event.pull_request.number }}
117+ aws ecr batch-delete-image --repository-name ${{ env.ECR_REPOSITORY_WEBAPP }} --image-ids imageTag=pr-${{ github.event.pull_request.number }}
0 commit comments