botpress · allardy · Apr 25, 2025 · Apr 24, 2025 · Apr 24, 2025 · Apr 24, 2025
diff --git a/build/depot/action.yml b/build/depot/action.yml
@@ -0,0 +1,108 @@
+name: Docker Build using Depot
+
+inputs:
+  # Build
+  context:
+    description: 'Docker context for the build'
+    required: false
+    default: '.'
+  dockerfile:
+    description: 'Path to Dockerfile'
+    required: false
+    default: 'Dockerfile'
+  push:
+    description: 'Whether to push the image to the registry'
+    required: true
+    default: 'true'
+  tag:
+    description: 'Optional Docker tag'
+    required: false
+    default: ''
+
+  # Custom variables
+  sentry-auth-token:
+    description: 'Auth token for sentry (optional)'
+    required: false
+  minify:
+    description: 'Whether to minify the build'
+    required: false
+    default: true
+
+  # Deploy
+  repository:
+    description: 'Name of the ECR repository'
+    required: true
+  aws-role:
+    description: 'AWS Role to assume'
+    required: true
+    default: arn:aws:iam::986677156374:role/actions/build/container_pusher
+  aws-region:
+    description: 'AWS Region'
+    required: true
+    default: us-east-1
+  depot-project:
+    description: 'Depot project name'
+    required: true
+    default: ''
+
+runs:
+  using: 'composite'
+  steps:
+    - uses: aws-actions/configure-aws-credentials@v3
+      with:
+        role-session-name: container_pusher
+        role-to-assume: ${{ inputs.aws-role }}
+        aws-region: ${{ inputs.aws-region }}
+
+    - uses: aws-actions/amazon-ecr-login@v1
+      id: ecr
+      with:
+        mask-password: true
+
+    - uses: docker/metadata-action@v4
+      id: meta
+      with:
+        images: ${{ steps.ecr.outputs.registry }}/${{ inputs.repository }}
+        flavor: |
+          latest=false
+        tags: |
+          type=raw,enable=${{ inputs.tag != '' }},value=${{ inputs.tag }}
+          type=semver,pattern={{version}}
+          type=sha,enable=${{ !startsWith(github.ref, 'refs/tags') }},prefix=,format=long
+
+    - name: Set BUILD_DATE
+      id: meta_date
+      shell: bash
+      run: |
+        export TZ=America/Toronto
+        echo "timestamp=$(date +"%Y-%m-%d %H:%M:%S")" >> "$GITHUB_OUTPUT"
+
+    - name: Create ECR Registry
+      shell: bash
+      env:
+        ECR_REPOSITORY: ${{ inputs.repository }}
+        ECR_REGISTRY: ${{ steps.ecr.outputs.registry }}
+      run: |
+        aws --version
+        aws ecr create-repository --repository-name $ECR_REPOSITORY || true
+        aws ssm get-parameter --name '/cloud/container-registry/ecr-policy-document' --query 'Parameter.Value' | jq -r > repository-policy.json
+        aws ecr set-repository-policy --repository-name $ECR_REPOSITORY --policy-text file://repository-policy.json &> /dev/null
+
+    - name: Set up Depot CLI
+      uses: depot/setup-action@v1
+
+    - uses: depot/build-push-action@v1
+      with:
+        build-args: |
+          SENTRY_AUTH_TOKEN=${{ inputs.sentry-auth-token }}
+          SENTRY_ORGANIZATION_SLUG=botpress-rm
+          SENTRY_RELEASE=${{ github.sha }}
+          MINIFY=${{ inputs.minify }}
+          DOCKER_TAG=${{ inputs.tag }}
+          BUILD_DATE=${{ steps.meta_date.outputs.timestamp }}
+        file: ${{ inputs.dockerfile }}
+        context: ${{ inputs.context }}
+        push: ${{ inputs.push }}
+        tags: ${{ steps.meta.outputs.tags }}
+        labels: ${{ steps.meta.outputs.labels }}
+        project: ${{ inputs.depot-project }}
diff --git a/build/docker/action.yml b/build/docker/action.yml
@@ -1,21 +1,37 @@
 name: Docker to ECR
 description: Push Docker image to ECR
 inputs:
-  push:
-    description: 'Push to registry'
-    required: true
-    default: 'true'
-  repository:
-    description: 'Repository name'
-    required: true
+  # Build
   context:
     description: 'Docker context for the build'
-    required: true
+    required: false
     default: '.'
   dockerfile:
     description: 'Path to Dockerfile'
+    required: false
+    default: 'Dockerfile'
+  push:
+    description: 'Whether to push the image to the registry'
     required: true
+    default: 'true'
+  tag:
+    description: 'Optional Docker tag'
+    required: false
     default: ''
+
+  # Custom variables
+  sentry-auth-token:
+    description: 'Auth token for sentry (optional)'
+    required: false
+  minify:
+    description: 'Whether to minify the build'
+    required: false
+    default: true
+
+  # Deploy
+  repository:
+    description: 'Name of the ECR repository'
+    required: true
   aws-role:
     description: 'AWS Role to assume'
     required: true
@@ -24,10 +40,6 @@ inputs:
     description: 'AWS Region'
     required: true
     default: us-east-1
-  tag:
-    description: 'Optional Docker tag'
-    required: false
-    default: ''
 
 runs:
   using: 'composite'
@@ -42,6 +54,8 @@ runs:
 
     - uses: aws-actions/amazon-ecr-login@v1
       id: ecr
+      with:
+        mask-password: true
 
     - uses: docker/metadata-action@v4
       id: meta
@@ -76,13 +90,17 @@ runs:
       env:
         DOCKER_BUILDKIT: '1'
       with:
-        context: ${{ inputs.context }}
+        build-args: |
+          SENTRY_AUTH_TOKEN=${{ inputs.sentry-auth-token }}
+          SENTRY_ORGANIZATION_SLUG=botpress-rm
+          SENTRY_RELEASE=${{ github.sha }}
+          MINIFY=${{ inputs.minify }}
+          DOCKER_TAG=${{ inputs.tag }}
+          BUILD_DATE=${{ steps.meta_date.outputs.timestamp }}
         file: ${{ inputs.dockerfile }}
+        context: ${{ inputs.context }}
         push: ${{ inputs.push }}
         cache-from: type=gha
         cache-to: type=gha,mode=max
         tags: ${{ steps.meta.outputs.tags }}
         labels: ${{ steps.meta.outputs.labels }}
-        build-args: |
-          DOCKER_TAG=${{ inputs.tag }}
-          BUILD_DATE=${{ steps.meta_date.outputs.timestamp }}
diff --git a/full-service-deploy/action.yml b/full-service-deploy/action.yml
@@ -0,0 +1,89 @@
+name: 'Full Service Deploy'
+description: 'Checks out code, gets commit SHA, optionally tags, builds image and deploys to ECS'
+
+inputs:
+  # Checkout
+  ref:
+    required: false
+    default: ''
+    description: 'Git ref to checkout (branch, commit, tag). default is the current SHA'
+
+  # Build
+  dockerfile:
+    description: 'Path to Dockerfile'
+    required: true
+  context:
+    description: 'Docker context for the build'
+    required: true
+    default: '.'
+  repository:
+    description: 'ECR repository name'
+    required: true
+  environment:
+    description: 'Environment to deploy (staging or production)'
+    required: true
+  create-tag:
+    description: 'Create a tag for the service with the date/time (ex: when deploying to prod)'
+    required: false
+    default: 'false'
+  sentry-auth-token:
+    description: 'Sentry auth token (optional)'
+    required: false
+
+  # Deploy
+  service:
+    description: 'Name of the ECS service to deploy (must be in services.json in the repository)'
+    required: true
+  role-ecs-update:
+    description: 'Role for the ECS update (skynet_infra_update, sauron_infra_update, realtime_infra_update)'
+    required: true
+  skip-ecs-update:
+    description: 'Build, tag and push the image, but skip updating the ECS services'
+    required: false
+    default: 'false'
+
+outputs:
+  sha:
+    description: 'Checked out commit SHA'
+    value: ${{ steps.commit.outputs.sha }}
+
+runs:
+  using: 'composite'
+  steps:
+    - uses: actions/checkout@v4
+      with:
+        ref: ${{ inputs.ref != '' && inputs.ref || github.sha }}
+
+    - name: Get checked out commit SHA
+      id: commit
+      run: echo "sha=$(git rev-parse HEAD)" >> "$GITHUB_OUTPUT"
+      shell: bash
+
+    - name: Create and push service tag
+      if: ${{ inputs.create-tag == 'true' }}
+      run: |
+        export TZ="America/New_York"
+        tag_name="${{ inputs.service }}-$(date +"%Y-%m-%d_%H-%M-%S")"
+        git config user.name "github-actions"
+        git config user.email "[email protected]"
+        git tag "$tag_name" ${{ steps.commit.outputs.sha }}
+        git push origin "$tag_name"
+      shell: bash
+
+    - name: Build and Push Docker Image
+      uses: botpress/gh-actions/build/docker@v3
+      with:
+        dockerfile: ${{ inputs.dockerfile }}
+        repository: ${{ inputs.repository }}
+        tag: ${{ steps.commit.outputs.sha }}
+        push: true
+        sentry-auth-token: ${{ inputs.sentry-auth-token }}
+
+    - name: Deploy to ECS
+      uses: botpress/gh-actions/tag-and-deploy@v3
+      with:
+        service: ${{ inputs.service }}
+        role-ecs-update: ${{ inputs.role-ecs-update }}
+        image-tag: ${{ steps.commit.outputs.sha }}
+        environment: ${{ inputs.environment }}
+        skip-ecs-update: ${{ inputs.skip-ecs-update }}