Skip to content

Merge pull request #5 from hotosm/feat-authentication #2

Merge pull request #5 from hotosm/feat-authentication

Merge pull request #5 from hotosm/feat-authentication #2

name: Build and Deploy Drone Tasking Manager
on:
push:
branches:
- main
workflow_dispatch:
permissions:
id-token: write
contents: read
env:
AWS_REGION: ap-south-1
ECR_REGISTRY: 685797548389.dkr.ecr.ap-south-1.amazonaws.com
ECR_REPOSITORY: dtmweb
jobs:
build:
name: Build Docker image
runs-on: ubuntu-latest
environment:
name: ${{ github.ref_name }}
steps:
- name: Clone repository
uses: actions/checkout@v3
with:
ref: ${{ github.ref_name }}
- name: Setup AWS Credentials
uses: aws-actions/configure-aws-credentials@v4
with:
audience: sts.amazonaws.com
aws-region: ${{ env.AWS_REGION }}
role-session-name: GH-Actions-${{ github.run_id }}-${{ github.run_attempt }}
role-to-assume: ${{ secrets.AWS_OIDC_ROLE_ARN }}
- name: Login to Amazon ECR
id: login-ecr
uses: aws-actions/amazon-ecr-login@v1
- name: Build and Push Docker Image
id: build-image
run: |
docker build -f ./src/backend/Dockerfile -t ${{ env.ECR_REGISTRY }}/${{ env.ECR_REPOSITORY }}:${{ github.ref_name }} .
docker push ${{ env.ECR_REGISTRY }}/${{ env.ECR_REPOSITORY }}:${{ github.ref_name }}
- name: Image Digest
run: echo ImageDigest:${{ steps.build-image.outputs.imageDigest }}
deploy_to_ecs:
name: Deploy to ECS
needs:
- build
runs-on: ubuntu-latest
environment:
name: ${{ github.ref_name }}
steps:
- name: Checkout repository
uses: actions/checkout@v3
- name: Setup AWS Credentials
uses: aws-actions/configure-aws-credentials@v4
with:
audience: sts.amazonaws.com
aws-region: ${{ env.AWS_REGION }}
role-session-name: GH-Actions-${{ github.run_id }}-${{ github.run_attempt }}
role-to-assume: ${{ secrets.AWS_OIDC_ROLE_ARN }}
- name: Get Web App task definition
id: get-web-app-task-definition
shell: bash
run: |
TASK_DEFINITION_ARN=$(aws ecs describe-task-definition --task-definition fastapi-tdf --region ${{ env.AWS_REGION }} --query 'taskDefinition.taskDefinitionArn')
echo "TASK_DEFINITION_ARN=${TASK_DEFINITION_ARN}" >> $GITHUB_OUTPUT
- name: ECS Service
uses: scribd/amazon-ecs-service-action@v1
with:
force-new-deployment: true
spec: |
{
"taskDefinition": ${{ steps.get-web-app-task-definition.outputs.TASK_DEFINITION_ARN }},
"cluster": "${{ secrets.ECS_CLUSTER_NAME }}",
"serviceName": "${{ secrets.ECS_SERVICE_NAME }}"
}
wait-until-deployment-complete: true