Push ECR & Depoloy ECS by @takehiro1111 #1
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Push ECR & Depoloy ECS | |
| run-name: ${{ github.workflow }} by @${{ github.actor }} | |
| on: | |
| push: | |
| branches: | |
| - 'main' | |
| paths: | |
| - 'nginx/**' | |
| workflow_dispatch: | |
| env: | |
| AWS_REGION: ap-northeast-1 | |
| permissions: | |
| id-token: write | |
| contents: read | |
| jobs: | |
| set-matrix: | |
| runs-on: ubuntu-latest | |
| outputs: | |
| matrix_config: ${{ toJson(matrix.config) }} | |
| strategy: | |
| matrix: | |
| config: | |
| - working_directory: nginx/ | |
| ecr_repository: nginx | |
| ecs_cluster: cluster-web | |
| ecs_service: nginx-service-stg | |
| ecs_task_difinition_api: nginx/.aws/nginx-task-define.json | |
| container_name: nginx-container # タスク定義内の"name"と合わせる必要がある。 | |
| steps: | |
| - name: Set matrix output | |
| run: echo "Matrix configuration is ready!" | |
| ecr-push: | |
| needs: [set-matrix] | |
| runs-on: ubuntu-latest | |
| strategy: | |
| matrix: | |
| config: ${{ fromJson(needs.set-matrix.outputs.matrix_config) }} | |
| env: | |
| ECR_REPOSITORY: ${{ matrix.config.ecr_repository }} | |
| defaults: | |
| run: | |
| working-directory: ${{ matrix.config.working_directory }} | |
| steps: | |
| - name: Checkout Code | |
| uses: actions/checkout@v4 | |
| # https://github.com/aws-actions/configure-aws-credentials | |
| - name: Configure AWS Credentials OIDC | |
| uses: aws-actions/configure-aws-credentials@v4 | |
| with: | |
| aws-region: ${{ env.AWS_REGION }} | |
| role-to-assume: ${{ secrets.DEPLOY_ROLE_GITHUB_ACTIONS }} | |
| # https://github.com/aws-actions/amazon-ecr-login | |
| - name: Login to Amazon ECR | |
| id: login-ecr | |
| uses: aws-actions/amazon-ecr-login@v2 | |
| - name: Push the image to Amazon ECR | |
| env: | |
| ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }} # 'Login to Amazon ECR'の結果の中の'repository'の値を参照する | |
| # docker image tag temp_api_image:latest {アカウントID}.dkr.ecr.ap-northeast-1.amazonaws.com/nginx:sha | |
| run: | | |
| set -eux | |
| docker image build -t temp_api_image:latest . | |
| docker image tag temp_api_image:latest $ECR_REGISTRY/$ECR_REPOSITORY:${{ github.sha }} | |
| docker image push $ECR_REGISTRY/$ECR_REPOSITORY:${{ github.sha }} | |
| echo $ECR_REGISTRY/$ECR_REPOSITORY:${{ github.sha }} > image-uri.txt | |
| # https://github.com/actions/upload-artifact | |
| - name: upload the Artifact | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: image-uri | |
| path: ${{ matrix.config.working_directory }}/image-uri.txt | |
| # Deploy | |
| ecr-deploy: | |
| runs-on: ubuntu-latest | |
| needs: [ecr-push,set-matrix] | |
| strategy: | |
| matrix: | |
| config: ${{ fromJson(needs.set-matrix.outputs.matrix_config) }} | |
| env: | |
| ECS_CLUSTER: ${{ matrix.config.ecs_cluster }} | |
| ECS_SERVICE: ${{ matrix.config.ecs_service }} | |
| ECS_TASK_DEFINITION_API: ${{ matrix.config.ecs_task_difinition_api }} | |
| CONTAINER_NAME: ${{ matrix.config.container_name }} | |
| steps: | |
| - name: checkout | |
| uses: actions/checkout@v4 | |
| - name: Configure AWS Credentials OIDC | |
| uses: aws-actions/configure-aws-credentials@v4 | |
| with: | |
| aws-region: ${{ env.AWS_REGION }} | |
| role-to-assume: ${{ secrets.DEPLOY_ROLE_GITHUB_ACTIONS }} | |
| # https://github.com/actions/download-artifact | |
| - name: Download the Artifact | |
| uses: actions/download-artifact@v4 # uploadと同じバージョン(v4),nameを指定しないとエラーになるので注意。 | |
| with: | |
| name: image-uri | |
| path: download/artifacts #ランナーの中でダウンロード先のディレクトリが動的に作成されるのでこちらは任意のパスを記載。 | |
| - name: Define the image URI | |
| run: | | |
| echo "IMAGE_URI=$(cat download/artifacts/image-uri.txt)" >> $GITHUB_ENV | |
| # https://github.com/aws-actions/amazon-ecs-render-task-definition | |
| - name: Fill in the new image URI in the amazon ECS task definition | |
| id: render-task-def | |
| uses: aws-actions/amazon-ecs-render-task-definition@v1 | |
| with: | |
| task-definition: ${{ env.ECS_TASK_DEFINITION_API }} | |
| container-name: ${{ env.CONTAINER_NAME}} | |
| image: ${{ env.IMAGE_URI }} | |
| # https://github.com/aws-actions/amazon-ecs-deploy-task-definition | |
| - name: Deploy ECS task | |
| uses: aws-actions/amazon-ecs-deploy-task-definition@v2 | |
| with: | |
| task-definition: ${{ steps.render-task-def.outputs.task-definition }} | |
| service: ${{ env.ECS_SERVICE }} | |
| cluster: ${{ env.ECS_CLUSTER }} | |
| wait-for-service-stability: true |