Merge pull request #8 from MickeyJ/dev #14
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Deploy Food Data API (OIDC) | |
| on: | |
| push: | |
| branches: [ main ] | |
| permissions: | |
| id-token: write # Required for OIDC | |
| contents: read | |
| env: | |
| AWS_REGION: us-west-2 | |
| ECR_REPOSITORY: fao-api | |
| APP_RUNNER_SERVICE: fao-api | |
| jobs: | |
| deploy: | |
| name: Deploy to AWS App Runner | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Configure AWS credentials (OIDC) | |
| uses: aws-actions/configure-aws-credentials@v4 | |
| with: | |
| role-to-assume: arn:aws:iam::814437249083:role/GitHubActionsRole | |
| aws-region: ${{ env.AWS_REGION }} | |
| - name: Login to Amazon ECR | |
| id: login-ecr | |
| uses: aws-actions/amazon-ecr-login@v2 | |
| - name: Build, tag, and push Docker image to ECR | |
| id: build-image | |
| env: | |
| ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }} | |
| IMAGE_TAG: ${{ github.sha }} | |
| run: | | |
| # Build Docker image | |
| docker build -t $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG . | |
| docker build -t $ECR_REGISTRY/$ECR_REPOSITORY:latest . | |
| # Push both tagged and latest images | |
| docker push $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG | |
| docker push $ECR_REGISTRY/$ECR_REPOSITORY:latest | |
| # Output image URI for next step | |
| echo "image=$ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG" >> $GITHUB_OUTPUT | |
| - name: Update App Runner service | |
| run: | | |
| # Trigger App Runner deployment with new image | |
| aws apprunner start-deployment \ | |
| --service-arn $(aws apprunner list-services --query "ServiceSummaryList[?ServiceName=='$APP_RUNNER_SERVICE'].ServiceArn" --output text) | |
| - name: Wait for deployment to complete | |
| run: | | |
| SERVICE_ARN=$(aws apprunner list-services --query "ServiceSummaryList[?ServiceName=='$APP_RUNNER_SERVICE'].ServiceArn" --output text) | |
| echo "Waiting for App Runner service to update..." | |
| # Poll service status until it's RUNNING | |
| for i in {1..30}; do | |
| STATUS=$(aws apprunner describe-service --service-arn $SERVICE_ARN --query 'Service.Status' --output text) | |
| echo "Attempt $i: Service status is $STATUS" | |
| if [ "$STATUS" = "RUNNING" ]; then | |
| echo "✅ Service is running!" | |
| # Add extra wait for container to fully start | |
| echo "⏳ Waiting 60 seconds for container health checks..." | |
| sleep 60 | |
| break | |
| elif [ "$STATUS" = "CREATE_FAILED" ] || [ "$STATUS" = "UPDATE_FAILED" ]; then | |
| echo "❌ Service deployment failed with status: $STATUS" | |
| exit 1 | |
| fi | |
| echo "Still updating... waiting 30 seconds" | |
| sleep 30 | |
| done | |
| # Check if we exhausted all attempts | |
| if [ "$STATUS" != "RUNNING" ]; then | |
| echo "❌ Deployment timed out. Final status: $STATUS" | |
| exit 1 | |
| fi | |
| # Get the service URL | |
| SERVICE_URL=$(aws apprunner describe-service --service-arn $SERVICE_ARN --query "Service.ServiceUrl" --output text) | |
| echo "🚀 Deployment complete! API available at: https://$SERVICE_URL" | |
| - name: Test deployment | |
| run: | | |
| SERVICE_ARN=$(aws apprunner list-services --query "ServiceSummaryList[?ServiceName=='$APP_RUNNER_SERVICE'].ServiceArn" --output text) | |
| SERVICE_URL=$(aws apprunner describe-service --service-arn $SERVICE_ARN --query "Service.ServiceUrl" --output text) | |
| # Test root endpoint (your API returns the api_map here) | |
| echo "Testing API root..." | |
| curl -f --retry 5 --retry-delay 10 https://$SERVICE_URL/ || exit 1 | |
| # Test a real endpoint that exists in your new code | |
| echo "Testing areas endpoint..." | |
| curl -f --retry 5 --retry-delay 10 https://$SERVICE_URL/v1/other/area_codes || exit 1 | |
| echo "✅ All tests passed!" |