-
Notifications
You must be signed in to change notification settings - Fork 112
/
main.workflow
95 lines (83 loc) · 2.61 KB
/
main.workflow
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
workflow "Build and Deploy" {
on = "push"
resolves = ["List Public IP"]
}
# Build
action "Build Docker image" {
uses = "actions/docker/cli@master"
args = ["build", "-t", "aws-example", "."]
}
# Deploy Filter
action "Deploy branch filter" {
needs = ["Push image to ECR"]
uses = "actions/bin/filter@master"
args = "branch master"
}
# AWS
action "Login to ECR" {
uses = "actions/aws/cli@master"
secrets = ["AWS_ACCESS_KEY_ID", "AWS_SECRET_ACCESS_KEY"]
env = {
AWS_DEFAULT_REGION = "us-west-2"
}
args = "ecr get-login --no-include-email --region $AWS_DEFAULT_REGION | sh"
}
action "Tag image for ECR" {
needs = ["Build Docker image"]
uses = "actions/docker/tag@master"
env = {
CONTAINER_REGISTRY_PATH = "377117578606.dkr.ecr.us-west-2.amazonaws.com"
IMAGE_NAME = "aws-example"
}
args = ["$IMAGE_NAME", "$CONTAINER_REGISTRY_PATH/$IMAGE_NAME"]
}
action "Push image to ECR" {
needs = ["Login to ECR", "Tag image for ECR"]
uses = "actions/docker/cli@master"
env = {
CONTAINER_REGISTRY_PATH = "377117578606.dkr.ecr.us-west-2.amazonaws.com"
IMAGE_NAME = "aws-example"
}
args = ["push", "$CONTAINER_REGISTRY_PATH/$IMAGE_NAME"]
}
action "Store Kube Credentials" {
needs = ["Push image to ECR"]
uses = "actions/aws/kubectl@master"
secrets = ["KUBE_CONFIG_DATA"]
}
action "Configure Kube Credentials" {
needs = ["Login to ECR"]
uses = "actions/aws/cli@master"
env = {
CLUSTER_NAME = "devel2"
AWS_DEFAULT_REGION = "us-west-2"
}
secrets = ["AWS_ACCESS_KEY_ID", "AWS_SECRET_ACCESS_KEY"]
args = "eks update-kubeconfig --name $CLUSTER_NAME --region $AWS_DEFAULT_REGION"
}
# Example Local Action to use `aws-iam-authenticator`
action "Deploy to EKS" {
needs = ["Store Kube Credentials", "Deploy branch filter"]
# ["Configure Kube Credentials"]
uses = "./.github/actions/eks-kubectl"
runs = "sh -l -c"
args = ["SHORT_REF=$(echo $GITHUB_SHA | head -c7) && cat $GITHUB_WORKSPACE/config.yml | sed 's/TAG/'\"$SHORT_REF\"'/' | kubectl apply -f - "]
secrets = ["AWS_ACCESS_KEY_ID", "AWS_SECRET_ACCESS_KEY"]
}
action "Verify EKS deployment" {
needs = [
"Push image to ECR",
"Deploy to EKS",
]
# :point_down: use this for self-contained kubectl config credentials
#uses = "docker://gcr.io/cloud-builders/kubectl"
uses = "./.github/actions/eks-kubectl"
args = ["rollout status deployment/aws-example-octodex"]
secrets = ["AWS_ACCESS_KEY_ID", "AWS_SECRET_ACCESS_KEY"]
}
action "List Public IP" {
needs = "Verify EKS deployment"
uses = "./.github/actions/eks-kubectl"
args = ["get services -o wide"]
secrets = ["AWS_ACCESS_KEY_ID", "AWS_SECRET_ACCESS_KEY"]
}