Rworded CTA #386
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ###################################################################################################################### | |
| # APP Docker builder and Deployer | |
| # For pushes to main branch | |
| # * Builds and pushes docker image on given "infrastructure" ECR repository | |
| # * If successfull adds a commit to infrastructure git repository changing tag name (or given IMAGE_TAG_VARNAME value) | |
| # * that triggers a new deployment of the service with newly build docker image | |
| # Currently container tag is set to env.RELEASE_VERSION , TBD if it will be Commit hash or any other means | |
| ###################################################################################################################### | |
| name: Deploy frontend to dev | |
| on: | |
| push: | |
| branches: ['development'] | |
| pull_request: | |
| env: | |
| GRUNTWORK_INSTALLER_VERSION: v0.0.38 | |
| MODULE_CI_VERSION: v0.50.4-coqui | |
| MODULE_SECURITY_VERSION: v0.65.8-coqui | |
| # Disables the use of the Amazon EC2 instance metadata service (IMDS). | |
| # Forces the AWS CLI to use the env vars defined above for credentials. | |
| AWS_EC2_METADATA_DISABLED: true | |
| AWS_ENVIRONMENT: us-east-1 | |
| # AWS Account ID of the account that owns the ECR repo (infra shared account). | |
| SHARED_SERVICES_ACCOUNT_ID: '646105116760' | |
| # Following Used by deploying to infrastructure | |
| # The branch to use when committing to infrastructure-live. | |
| DEFAULT_INFRA_LIVE_BRANCH: 'main' | |
| INFRASTRUCTURE_REPO: 'https://coqui-machine-user:${{ secrets.INFRA_DEPLOYER_GITHUB_TOKEN }}@github.com/coqui-ai/MLOpsInfrastructure.git' | |
| # On infrastructure live specific location of service (it must exist as deployment simply changes tag name) | |
| APP_DEPLOY_PATH: 'dev/us-east-1/dev/services/website-frontend' | |
| # value of this variable will be changed with TAG of this docker image built (usually git branch name) | |
| IMAGE_TAG_VARNAME: 'tag' | |
| # ECR repository must exist | |
| ECR_REPO_URL: '646105116760.dkr.ecr.us-east-1.amazonaws.com/website-frontend-images' | |
| # GHCR repository to mirror to | |
| GHCR_REPO_URL: 'ghcr.io/coqui-ai/website-frontend' | |
| # Public URL this container will be hosted under | |
| FRONTEND_URL: 'https://www.dev-coqui.com' | |
| jobs: | |
| build_and_deploy: | |
| runs-on: ubuntu-20.04 | |
| steps: | |
| - uses: actions/checkout@v2 | |
| - name: Set Release version | |
| shell: bash | |
| run: | | |
| if [[ "$GITHUB_EVENT_NAME" == "pull_request" ]]; then | |
| echo "RELEASE_VERSION=dev" >> $GITHUB_ENV | |
| else | |
| echo "RELEASE_VERSION=${GITHUB_REF#refs/*/}" >> $GITHUB_ENV | |
| fi | |
| - uses: docker/setup-buildx-action@v2 | |
| - shell: bash | |
| env: | |
| AWS_ACCESS_KEY_ID: ${{ secrets.INFRA_SHARED_AWS_ACCESS_KEY_ID }} | |
| AWS_SECRET_ACCESS_KEY: ${{ secrets.INFRA_SHARED_AWS_SECRET_ACCESS_KEY }} | |
| run: | | |
| set -xe | |
| aws ecr get-login-password --region "${AWS_ENVIRONMENT}" | docker login --username AWS --password-stdin "${ECR_REPO_URL}" | |
| docker login --username ${{ github.actor }} --password ${{ secrets.GITHUB_TOKEN }} ghcr.io | |
| - name: Build and push | |
| uses: docker/build-push-action@v3 | |
| with: | |
| file: docker/static-serve.dockerfile | |
| push: true | |
| cache-from: type=registry,ref=ghcr.io/coqui-ai/landing-page-build-cache:latest | |
| cache-to: type=registry,ref=ghcr.io/coqui-ai/landing-page-build-cache:latest | |
| tags: ${{ env.ECR_REPO_URL }}:${{ env.RELEASE_VERSION }}-${{ github.sha }} | |
| build-args: | | |
| CONFIG_APP_RELEASE=dev | |
| GATSBY_FRONTEND_URL=${{ env.FRONTEND_URL }} | |
| GATSBY_AMPLITUDE_PROJECT_KEY=${{ secrets.AMPLITUDE_DEV_KEY }} | |
| - name: Deploy pushed docker tag to infrastructure | |
| if: github.event_name != 'pull_request' | |
| shell: bash | |
| run: | | |
| set -xe | |
| infra_repo_path=$(mktemp -d) | |
| # Clone infra repo, update version | |
| _ci/scripts/terraform-update-variable \ | |
| --git-url $INFRASTRUCTURE_REPO \ | |
| --git-checkout-path $infra_repo_path \ | |
| --git-branch-name $DEFAULT_INFRA_LIVE_BRANCH \ | |
| --vars-path dev/us-east-1/dev/services/website-frontend/terragrunt.hcl \ | |
| --name tag \ | |
| --value '"${{ env.RELEASE_VERSION }}-${{ github.sha }}"' | |
| pushd $infra_repo_path | |
| git diff | |
| git config --global user.email "reference-architecture-machine-user@coqui.ai" | |
| git config --global user.name "coqui-machine-user" | |
| git commit -a \ | |
| -m "Update landing page to ${{ env.RELEASE_VERSION }}-${{ github.sha }}" | |
| if [[ "$GITHUB_EVENT_NAME" == "push" ]]; then | |
| git push origin $DEFAULT_INFRA_LIVE_BRANCH | |
| fi |