Created
May 1, 2023 12:23
-
-
Save sostenesapollo/32851c850247f25918832183f7edaa5c to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Deploy | |
on: | |
push: | |
branches: [main] | |
env: | |
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
TF_STATE_BUCKET_NAME: ${{ secrets.AWS_TF_STATE_BUCKET_NAME }} | |
PRIVATE_SSH_KEY: ${{ secrets.AWS_SSH_KEY_PRIVATE }} | |
PUBLIC_SSH_KEY: ${{ secrets.AWS_SSH_KEY_PUBLIC }} | |
AWS_REGION: us-east-2 | |
jobs: | |
deploy-infra: | |
runs-on: ubuntu-latest | |
outputs: | |
SERVER_PUBLIC_IP: ${{ steps.set-ip.outputs.instance_public_ip }} | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v2 | |
- name: setup Terraform | |
uses: hashicorp/setup-terraform@v1 | |
with: | |
terraform_wrapper: false | |
- name: Terraform init | |
id: init | |
run: terraform init -backend-config="bucket=$TF_STATE_BUCKET_NAME" -backend-config="region=us-east-2" | |
working-directory: ./terraform | |
- name: Terraform Plan | |
id: plan | |
run: |- | |
terraform plan \ | |
-var="region=us-east-2" \ | |
-var="public_key=$PUBLIC_SSH_KEY" \ | |
-var="private_key=$PRIVATE_SSH_KEY" \ | |
-var="key_name=deployer-key" \ | |
-out=PLAN | |
working-directory: ./terraform | |
- name: Terraform Apply | |
id: apply | |
run: terraform apply PLAN | |
working-directory: ./terraform | |
- name: Set output | |
id: set-ip | |
run: |- | |
echo "::set-output name=instance_public_ip::$(terraform output instance_public_ip)" | |
sudo docker stop myappcontainer || true | |
sudo docker rm myappcontainer || true | |
deploy-app: | |
runs-on: ubuntu-latest | |
needs: deploy-infra | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v2 | |
- name: Set IP env variable | |
run: echo SERVER_PUBLIC_IP=${{ needs.deploy-infra.outputs.SERVER_PUBLIC_IP }} >> $GITHUB_ENV | |
- name: Login to AWS ECR | |
id: login-ecr | |
uses: aws-actions/amazon-ecr-login@v1 | |
- name: Build, push docker image | |
env: | |
REGISTRY: ${{ steps.login-ecr.outputs.registry }} | |
REPOSITORY: example-node-app | |
IMAGE_TAG: ${{ github.sha }} | |
run: |- | |
echo "🔵 Before build" | |
docker image ls | |
docker build -t $REGISTRY/$REPOSITORY:$IMAGE_TAG . | |
echo "🔵 After build" | |
docker image ls | |
echo "🔵 Pushing" | |
echo $REGISTRY/$REPOSITORY:$IMAGE_TAG | |
docker push $REGISTRY/$REPOSITORY:$IMAGE_TAG | |
# working-directory: ./nodeapp | |
- name: Deploy docker image to EC2 | |
uses: appleboy/ssh-action@master | |
env: | |
REGISTRY: ${{ steps.login-ecr.outputs.registry }} | |
REPOSITORY: example-node-app | |
IMAGE_TAG: ${{ github.sha }} | |
AWS_DEFAULT_REGION: us-east-2 | |
with: | |
host: ${{ env.SERVER_PUBLIC_IP }} | |
username: ec2-user | |
key: ${{ env.PRIVATE_SSH_KEY }} | |
envs: PRIVATE_SSH_KEY, REGISTRY, IMAGE_TAG, AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, AWS_DEFAULT_REGION, AWS_REGION | |
script: |- | |
sudo apt update | |
sudo apt install docker.io -y | |
sudo apt install awscli -y | |
sudo $(aws ecr get-login --no-include-email --region us-east-2) | |
sudo docker stop myappcontainer || true | |
sudo docker rm myappcontainer || true | |
sudo docker pull $REGISTRY/$REPOSITORY:$IMAGE_TAG | |
sudo docker run -d --name myappcontainer -p 80:8080 $REGISTRY/$REPOSITORY:$IMAGE_TAG |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment