Manual build and deploy #17
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Manual build and deploy | |
| on: | |
| workflow_dispatch: | |
| inputs: | |
| env: | |
| description: 'Which environment to update.' | |
| type: choice | |
| required: true | |
| default: dev | |
| options: | |
| - dev | |
| - uat | |
| - prod | |
| defaults: | |
| run: | |
| shell: bash | |
| permissions: | |
| id-token: write # This is required for requesting the JWT | |
| contents: read # This is required for actions/checkout | |
| jobs: | |
| manual-build: | |
| if: github.event_name == 'workflow_dispatch' | |
| strategy: | |
| matrix: | |
| environment: ["${{ inputs.env }}"] | |
| name: "manual-build" | |
| runs-on: ubuntu-latest | |
| environment: ${{ matrix.environment }} | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v2 | |
| - name: Configure AWS Credentials | |
| uses: aws-actions/configure-aws-credentials@67fbcbb121271f7775d2e7715933280b06314838 | |
| with: | |
| role-to-assume: ${{ secrets.IAM_ROLE }} | |
| aws-region: ${{ vars.AWS_REGION }} | |
| - name: Login to Amazon ECR | |
| id: login-ecr | |
| uses: aws-actions/amazon-ecr-login@v2 | |
| - name: Build, tag, and push docker image to Amazon ECR | |
| env: | |
| REGISTRY: ${{ steps.login-ecr.outputs.registry }} | |
| REPOSITORY: ${{ vars.DOCKER_IMAGE_NAME}} | |
| IMAGE_TAG: ${{ github.sha }} | |
| run: | | |
| docker build -f src/main/java/it/gov/pagopa/atmlayer/service/model/docker/Dockerfile.native -t $REGISTRY/$REPOSITORY:$IMAGE_TAG . \ | |
| --build-arg QUARKUS_PROFILE=prod \ | |
| --build-arg APP_NAME=atm-layer-model | |
| docker push $REGISTRY/$REPOSITORY:$IMAGE_TAG | |
| - name: Update Kubernetes Config | |
| run: | | |
| aws eks --region ${{ vars.AWS_REGION }} update-kubeconfig --name pagopa-${{ inputs.env }}-atm-layer-eks | |
| - name: Install Helm | |
| run: | | |
| curl -fsSL -o get_helm.sh https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3 | |
| chmod 700 get_helm.sh | |
| ./get_helm.sh | |
| - name: Upgrade Helm Chart | |
| run: | | |
| helm upgrade --install ${{ vars.DOCKER_IMAGE_NAME }} helm-chart/ \ | |
| --namespace pagopa \ | |
| -f helm-chart/environments/values-${{ inputs.env }}.yaml \ | |
| --set image.tag=${{ github.sha }} \ | |
| --set image.repository=${{ steps.login-ecr.outputs.registry }}/${{ vars.DOCKER_IMAGE_NAME }} \ | |
| --set serviceAccount.annotations."eks\.amazonaws\.com/role-arn"=${{ secrets.SERVICEACCOUNT_IAM_ROLE }} |