Deploy Conductor UI #67
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Deploy Conductor UI | |
| on: | |
| workflow_dispatch: | |
| inputs: | |
| Environment: | |
| required: true | |
| type: choice | |
| description: Choose aws env | |
| options: | |
| - dev | |
| - stg | |
| - prd | |
| Tag: | |
| required: true | |
| type: string | |
| description: Provide tag (Eg:v3.14.0) | |
| permissions: | |
| id-token: write | |
| contents: write | |
| packages: read | |
| actions: read | |
| env: | |
| SERVICE_NAME: conductor-ui | |
| AWS_REGION: "ap-south-1" | |
| HELM_CHART_NAME: "application-helm-chart" | |
| jobs: | |
| prepare-env: | |
| name: Prepare Env | |
| runs-on: 'ubuntu-latest' | |
| timeout-minutes: 2 | |
| outputs: | |
| AWS_ROLE: ${{ steps.vars.outputs.AWS_ROLE }} | |
| ENV: ${{ steps.vars.outputs.ENV }} | |
| PROJECT_PREFIX: ${{ steps.vars.outputs.PROJECT_PREFIX }} | |
| K8S_CLUSTER: ${{ steps.vars.outputs.K8S_CLUSTER }} | |
| ECR_REPOSITORY: ${{ steps.set_env.outputs.ECR_REPOSITORY }} | |
| ENVIRONMENT_BUCKET: ${{ steps.set_env.outputs.ENVIRONMENT_BUCKET }} | |
| SLACK_WEBHOOK_URL: ${{ steps.vars.outputs.SLACK_WEBHOOK_URL }} | |
| AWS_ACCOUNT_ID: ${{ steps.vars.outputs.AWS_ACCOUNT_ID}} | |
| steps: | |
| - id: vars | |
| shell: bash | |
| run: | | |
| BRANCH="${GITHUB_REF#refs/heads/}" | |
| ENV=${{ github.event.inputs.environment }} | |
| IMAGE_TAG=${{ github.event.inputs.tag }} | |
| echo $BRANCH | |
| if [ -z "$ENV" ] | |
| then | |
| case $BRANCH in | |
| "dev") | |
| ENV="dev" | |
| ;; | |
| "stg") | |
| ENV="stg" | |
| ;; | |
| "main") | |
| ENV="prd" | |
| ;; | |
| *) | |
| echo "ENV not configured" && exit 1 | |
| ;; | |
| esac | |
| fi | |
| if [[ $ENV == 'prd' && $BRANCH == 'production' ]] | |
| then | |
| echo "AWS_ROLE=PRD_AWS_ROLE" >> $GITHUB_OUTPUT | |
| echo "PROJECT_PREFIX=sirn-prd-mb" >> $GITHUB_OUTPUT | |
| echo "SLACK_WEBHOOK_URL=PRD_SLACK_WEBHOOK_URL" >> $GITHUB_OUTPUT | |
| echo "AWS_ACCOUNT_ID=PRD_AWS_ACCOUNT_ID" >> $GITHUB_OUTPUT | |
| echo "K8S_CLUSTER=sirn-prd-mb-prime" >> $GITHUB_OUTPUT | |
| elif [ $ENV == 'stg' ] | |
| then | |
| echo "AWS_ROLE=STG_AWS_ROLE" >> $GITHUB_OUTPUT | |
| echo "PROJECT_PREFIX=sirn-stg-mb" >> $GITHUB_OUTPUT | |
| echo "SLACK_WEBHOOK_URL=DEV_SLACK_WEBHOOK_URL" >> $GITHUB_OUTPUT | |
| echo "AWS_ACCOUNT_ID=NON_PRD_AWS_ACCOUNT_ID" >> $GITHUB_OUTPUT | |
| echo "K8S_CLUSTER=sirn-dev-mb-prime" >> $GITHUB_OUTPUT | |
| elif [ $ENV == 'dev' ] | |
| then | |
| echo "AWS_ROLE=DEV_AWS_ROLE" >> $GITHUB_OUTPUT | |
| echo "PROJECT_PREFIX=sirn-dev-mb" >> $GITHUB_OUTPUT | |
| echo "SLACK_WEBHOOK_URL=DEV_SLACK_WEBHOOK_URL" >> $GITHUB_OUTPUT | |
| echo "AWS_ACCOUNT_ID=NON_PRD_AWS_ACCOUNT_ID" >> $GITHUB_OUTPUT | |
| echo "K8S_CLUSTER=sirn-dev-mb-prime" >> $GITHUB_OUTPUT | |
| else | |
| echo "Branch not configured!" | |
| exit 1 | |
| fi | |
| echo "ENV=$ENV" >> $GITHUB_OUTPUT | |
| echo ":rocket: Environment - $ENV " >> $GITHUB_STEP_SUMMARY | |
| echo ":label: Image Tag - $IMAGE_TAG " >> $GITHUB_STEP_SUMMARY | |
| - name: set variables | |
| id: set_env | |
| run: | | |
| PROJECT_PREFIX=${{ steps.vars.outputs.PROJECT_PREFIX }} | |
| echo "ENVIRONMENT_BUCKET=$PROJECT_PREFIX-s3-environment" >> $GITHUB_OUTPUT | |
| echo ":seedling: Branch:${GITHUB_REF#refs/heads/}" >> $GITHUB_STEP_SUMMARY | |
| echo "ECR_REPOSITORY=$PROJECT_PREFIX-ecr-conductor-ui" >> $GITHUB_OUTPUT | |
| # Deploy Conductor UI Image to ECS | |
| deploy-to-k8s: | |
| name: Deploy to k8s | |
| runs-on: ubuntu-latest | |
| container: | |
| image: public.ecr.aws/kvsiren-dev/pipeline/helm-deploy:latest | |
| timeout-minutes: 15 | |
| permissions: | |
| id-token: write | |
| pull-requests: write | |
| contents: read | |
| needs: | |
| - prepare-env | |
| env: | |
| AWS_ACCOUNT_ID: ${{ needs.prepare-env.outputs.AWS_ACCOUNT_ID }} | |
| ECR_REPOSITORY: ${{ needs.prepare-env.outputs.ECR_REPOSITORY }} | |
| steps: | |
| - name: Checkout code from action | |
| uses: actions/checkout@v2 | |
| - name: Configure AWS credentials | |
| uses: aws-actions/configure-aws-credentials@v4 | |
| with: | |
| role-to-assume: arn:aws:iam::${{ vars[env.AWS_ACCOUNT_ID] }}:role/github-actions | |
| aws-region: ${{ env.AWS_REGION }} | |
| - name: Deploy to Kubernetes | |
| shell: bash | |
| run: | | |
| aws eks update-kubeconfig --name ${{ needs.prepare-env.outputs.K8S_CLUSTER }} | |
| aws s3 cp s3://${{ needs.prepare-env.outputs.ENVIRONMENT_BUCKET }}/helm/${{ env.SERVICE_NAME }}/values.yaml ./values.yaml | |
| cat ./values.yaml | |
| aws ecr get-login-password --region ${{ env.AWS_REGION }} | helm registry login --username AWS --password-stdin ${{ vars[env.AWS_ACCOUNT_ID] }}.dkr.ecr.${{ env.AWS_REGION }}.amazonaws.com | |
| # Construct base Helm command | |
| HELM_CMD="helm upgrade --install ${{ env.SERVICE_NAME }} oci://${{ vars[env.AWS_ACCOUNT_ID] }}.dkr.ecr.${{ env.AWS_REGION }}.amazonaws.com/${{ env.HELM_CHART_NAME }} \ | |
| --namespace ${{ needs.prepare-env.outputs.ENV }} \ | |
| --values values.yaml \ | |
| --set default.image.repository='${{ vars[env.AWS_ACCOUNT_ID] }}.dkr.ecr.${{ env.AWS_REGION }}.amazonaws.com/${{ env.ECR_REPOSITORY }}' \ | |
| --set default.image.tag='${{ github.event.inputs.tag }}'" | |
| # Run the Helm command | |
| echo "Running: $HELM_CMD" | |
| eval $HELM_CMD |