feat: build and push images to ECR repo

sixfeetup · Sep 20, 2024 · a3bd77d · a3bd77d
1 parent cea1602
commit a3bd77d
Showing 1 changed file with 58 additions and 0 deletions.
diff --git a/{{cookiecutter.project_slug}}/.github/workflows/main.yaml b/{{cookiecutter.project_slug}}/.github/workflows/main.yaml
@@ -73,3 +73,61 @@ jobs:
           POSTGRES_HOST: postgres
           POSTGRES_PORT: 5432
 {% if cookiecutter.use_celery == 'y' %}          CELERY_BROKER_URL: redis://127.0.0.1:6379/0{% endif %}
+
+  build-and-push-images:
+    if: github.ref == 'refs/heads/develop' || github.ref == 'refs/heads/main'
+    runs-on: ubuntu-latest
+    needs: [check-lint-and-formatting, backend-test]
+
+    permissions:
+      id-token: write
+      contents: write
+
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v3
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+
+      - name: Configure AWS credentials from OIDC
+        uses: aws-actions/configure-aws-credentials@v2
+        with:
+          role-to-assume: arn:aws:iam::${{ env.AWS_ACCOUNT_ID }}:role/github-oidc-role
+          aws-region: ${{ env.AWS_REGION }}
+
+      - name: Log in to Amazon ECR
+        id: login-ecr
+        uses: aws-actions/amazon-ecr-login@v1
+
+      - name: Set environment variables
+        run: |
+          echo "ECR_REPO_BACKEND=${{ env.AWS_ACCOUNT_ID }}.dkr.ecr.${{ env.AWS_REGION }}.amazonaws.com/{{ cookiecutter.project_slug }}-backend" >> $GITHUB_ENV
+          echo "SHORT_SHA=$(git rev-parse --short HEAD)" >> $GITHUB_ENV
+          echo "BRANCH_NAME=$(echo ${{ github.ref }} | sed s,refs/heads/,, | sed s,/,-,g)" >> $GITHUB_ENV
+
+      - name: Set variable for target environment
+        run: |
+          echo "TARGET_ENV=$(if [ "$BRANCH_NAME" = "main" ]; then echo "prod"; else echo "sandbox"; fi)" >> $GITHUB_ENV
+
+      - name: Build and push backend image
+        uses: docker/build-push-action@v5
+        with:
+          context: ./backend
+          push: true
+          tags: ${{ env.ECR_REPO_BACKEND }}:${{ env.SHORT_SHA }},${{ env.ECR_REPO_BACKEND }}:${{ env.BRANCH_NAME }}
+
+      - name: Tag Images
+        run: |
+          cd k8s/$TARGET_ENV
+          kustomize edit set image backend=$ECR_REPO_BACKEND:$SHORT_SHA
+
+      - name: Commit & Push to GitHub
+        run: |
+          git config user.email "$GITHUB_EMAIL"
+          git config user.name "GitHub User"
+          git add k8s/$TARGET_ENV/kustomization.yaml
+          git commit -m "Update $TARGET_ENV image to $SHORT_SHA [skip ci]"
+          git push