Merge pull request #30 from haochenpan/ap-dev #32
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: deployment | |
on: | |
push: | |
branches: | |
- main | |
workflow_dispatch: | |
inputs: | |
service_names: | |
description: "Comma-separated names of Lightsail services" | |
required: true | |
default: "diaspora-web-service,diaspora-action-provider" | |
container_names: | |
description: "Comma-separated names of Docker containers" | |
required: true | |
default: "docker,docker" | |
dockerfile_paths: | |
description: "Comma-separated paths to Dockerfiles" | |
required: true | |
default: "web_service/Dockerfile,action_provider/Dockerfile" | |
jobs: | |
deploy-lightsail-containers: | |
runs-on: ubuntu-latest | |
strategy: | |
matrix: | |
include: | |
- service_name: diaspora-web-service | |
container_name: docker | |
dockerfile_path: web_service/Dockerfile | |
- service_name: diaspora-action-provider | |
container_name: docker | |
dockerfile_path: action_provider/Dockerfile | |
steps: | |
- name: Configure AWS credentials | |
uses: aws-actions/configure-aws-credentials@v4 | |
with: | |
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
aws-region: us-east-1 | |
- name: Verify AWS credential | |
run: | | |
aws sts get-caller-identity | |
- name: Install AWS Lightsail plugin | |
run: | | |
sudo curl "https://s3.us-west-2.amazonaws.com/lightsailctl/latest/linux-amd64/lightsailctl" -o "/usr/local/bin/lightsailctl" | |
sudo chmod +x /usr/local/bin/lightsailctl | |
- name: Checkout code | |
uses: actions/checkout@v4 | |
- name: Build Docker container for AWS Lightsail | |
env: | |
SERVICE_NAME: ${{ matrix.service_name }} | |
CONTAINER_NAME: ${{ matrix.container_name }} | |
DOCKERFILE_PATH: ${{ matrix.dockerfile_path }} | |
run: | | |
echo "SERVICE NAME" | |
echo $SERVICE_NAME | |
echo "CONTAINER NAME" | |
echo $CONTAINER_NAME | |
echo "DOCKERFILE PATH" | |
echo $DOCKERFILE_PATH | |
docker build -t $CONTAINER_NAME -f $DOCKERFILE_PATH . | |
docker images | |
- name: Delete old container images | |
env: | |
SERVICE_NAME: ${{ matrix.service_name }} | |
run: | | |
output=$(aws lightsail get-container-images --service-name $SERVICE_NAME --no-paginate --output text) | |
container_names=($(echo "$output" | awk '{print $NF}')) | |
for name in "${container_names[@]:1}"; do | |
echo "IMAGE TO DELETE" | |
echo "$name" | |
aws lightsail delete-container-image --region us-east-1 --service-name $SERVICE_NAME --image "$name" || true | |
done | |
- name: Idempotently create Lightsail container service | |
env: | |
SERVICE_NAME: ${{ matrix.service_name }} | |
continue-on-error: true | |
run: | | |
aws lightsail create-container-service --region us-east-1 --service-name $SERVICE_NAME --power small --scale 1 | |
- name: Push Docker image to Lightsail and deploy | |
env: | |
SERVICE_NAME: ${{ matrix.service_name }} | |
CONTAINER_NAME: ${{ matrix.container_name }} | |
run: | | |
output=$(aws lightsail push-container-image --region us-east-1 --service-name $SERVICE_NAME --label $CONTAINER_NAME --image $CONTAINER_NAME) | |
image_name=$(echo "$output" | sed -n 's/.*Refer to this image as "\(.*\)" in deployments.*/\1/p') | |
echo "IMAGE NAME" | |
echo "$image_name" | |
containers=$(jq -n --arg image_name "$image_name" \ | |
--arg aws_access_key_id "${{ secrets.DOCKER_AWS_ACCESS_KEY_ID }}" \ | |
--arg aws_secret_access_key "${{ secrets.DOCKER_AWS_SECRET_ACCESS_KEY }}" \ | |
--arg client_id "${{ secrets.DOCKER_CLIENT_ID }}" \ | |
--arg client_secret "${{ secrets.DOCKER_CLIENT_SECRET }}" \ | |
--arg client_scope "${{ secrets.DOCKER_CLIENT_SCOPE }}" \ | |
--arg default_servers "${{ secrets.DOCKER_DEFAULT_SERVERS }}" \ | |
--arg server_client_id "${{ secrets.DOCKER_SERVER_CLIENT_ID }}" \ | |
--arg server_secret "${{ secrets.DOCKER_SERVER_SECRET }}" '{ | |
"flask": { | |
"image": $image_name, | |
"ports": { | |
"8000": "HTTP" | |
}, | |
"environment": { | |
"AWS_ACCESS_KEY_ID": $aws_access_key_id, | |
"AWS_SECRET_ACCESS_KEY": $aws_secret_access_key, | |
"CLIENT_ID": $client_id, | |
"CLIENT_SECRET": $client_secret, | |
"CLIENT_SCOPE": $client_scope, | |
"DEFAULT_SERVERS": $default_servers, | |
"SERVER_CLIENT_ID": $server_client_id, | |
"SERVER_SECRET": $server_secret | |
} | |
} | |
}') | |
public_endpoint=$(jq -n '{ | |
"containerName": "flask", | |
"containerPort": 8000 | |
}') | |
aws lightsail create-container-service-deployment --region us-east-1 \ | |
--service-name $SERVICE_NAME \ | |
--containers "$containers" \ | |
--public-endpoint "$public_endpoint" |