This repository has been archived by the owner on Feb 22, 2023. It is now read-only.
Staging and production deployment workflows #563
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,12 +1,22 @@ | ||
| # this is a reusable workflow that will be called by the | ||
| # push_staging and push_production workflows | ||
| # more info: https://docs.github.com/en/actions/learn-github-actions/reusing-workflows | ||
|
|
||
| name: build | ||
|
|
||
| on: | ||
| workflow_call: | ||
| inputs: | ||
| is_production: | ||
| required: true | ||
| type: boolean | ||
| description: Determine whether the current workflow is executed against production or not | ||
|
|
||
| release: | ||
| types: | ||
| - "released" | ||
|
|
||
| # TODO: get the secrets via inputs, so we let the staging/production workflows retrieve their corresponding credentials | ||
| env: | ||
| AWS_REGION: ${{ secrets.AWS_REGION }} | ||
| AWS_ACCOUNT_ID: ${{ secrets.AWS_ACCOUNT_ID }} | ||
|
|
@@ -19,17 +29,6 @@ jobs: | |
| runs-on: ubuntu-latest | ||
|
|
||
| steps: | ||
| # setup docker buildx | ||
| - name: setup docker buildx | ||
| uses: docker/setup-buildx-action@v1 | ||
|
|
@@ -40,11 +39,48 @@ jobs: | |
| - name: docker login | ||
| uses: aws-actions/amazon-ecr-login@v1 | ||
|
|
||
| # for staging | ||
| # gather metadata from git & github actions to reference in docker | ||
| - name: git & github metadata staging | ||
| id: metadata_staging | ||
| uses: docker/metadata-action@v3 | ||
| if: ${{ github.event.inputs.is_production == false }} | ||
| with: | ||
| images: ${{ env.AWS_ACCOUNT_ID }}.dkr.ecr.${{ env.AWS_REGION }}.amazonaws.com/openverse/frontend | ||
| tags: | | ||
| latest=auto | ||
| type=edge,branch=main | ||
|
|
||
| # build a docker image | ||
| - name: build docker image | ||
| uses: docker/build-push-action@v2 | ||
| if: ${{ github.event.inputs.is_production == false }} | ||
| with: | ||
| context: . | ||
| tags: ${{ steps.metadata_staging.outputs.tags }} | ||
| labels: ${{ steps.metadata_staging.outputs.labels }} | ||
| push: true | ||
|
|
||
| # for production | ||
| # gather metadata from git & github actions to reference in docker | ||
| - name: git & github metadata production | ||
| id: metadata_production | ||
| uses: docker/metadata-action@v3 | ||
| if: ${{ github.event.inputs.is_production == true }} | ||
| with: | ||
| images: ${{ env.AWS_ACCOUNT_ID }}.dkr.ecr.${{ env.AWS_REGION }}.amazonaws.com/openverse/frontend | ||
| tags: | | ||
| latest=false | ||
| type=raw,value=stable | ||
| type=semver,pattern={{version}} | ||
|
|
||
| # build a docker image | ||
| - name: build docker image | ||
| uses: docker/build-push-action@v2 | ||
| if: ${{ github.event.inputs.is_production == true }} | ||
| with: | ||
| context: . | ||
| tags: ${{ steps.metadata_production.outputs.tags }} | ||
| labels: ${{ steps.metadata_production.outputs.labels }} | ||
| push: true | ||
|
There was a problem hiding this comment. Does this push trigger a deployment of our AWS infrastructure? Is that encapsulated in this workflow or will that be future work? There was a problem hiding this comment. The deployment is made by CodePipeline in our AWS. I just push the image to ECR and the event will automatically be triggered internally. That's why I opened a discussion a few days ago, because I would need to change this part and build some communication between CodePipeline and ghcr.io events. |
||
|
|
||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,31 @@ | ||
| # this build is triggered when a new pre-release has been created | ||
| # it creates a new docker build image based on the tag associated | ||
|
|
||
| name: push_production | ||
|
|
||
| on: | ||
| release: | ||
| types: | ||
| - 'prereleased' | ||
zackkrida marked this conversation as resolved.
Show resolved
Hide resolved
|
||
|
|
||
| jobs: | ||
| push: | ||
| name: push | ||
| runs-on: ubuntu-latest | ||
| environment: | ||
| name: production | ||
| url: https://search.openverse.engineering | ||
zackkrida marked this conversation as resolved.
Show resolved
Hide resolved
|
||
|
|
||
| steps: | ||
| # download the source code into the runner | ||
| - name: checkout | ||
| uses: actions/checkout@v2 | ||
|
|
||
| # build a new docker image and push it into the repository | ||
| - name: docker build | ||
| uses: ./.github/workflows/build.yaml@v1 | ||
| with: | ||
| is_production: true | ||
|
|
||
|
|
||
|
|
||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,30 @@ | ||
| # this build is triggered when a new pull request has been merged | ||
| # into the main branch | ||
|
|
||
| name: push_staging | ||
|
|
||
| on: | ||
| push: | ||
| branches: | ||
| - main | ||
|
|
||
| jobs: | ||
| push: | ||
| name: push | ||
| runs-on: ubuntu-latest | ||
| environment: | ||
| name: staging | ||
| url: https://search-staging.openverse.engineering | ||
zackkrida marked this conversation as resolved.
Show resolved
Hide resolved
|
||
|
|
||
| steps: | ||
| # download the source code into the runner | ||
| - name: checkout | ||
| uses: actions/checkout@v2 | ||
|
|
||
| # build a new docker image and push it into the repository | ||
| - name: docker build | ||
| uses: ./.github/workflows/build.yaml@v1 | ||
| with: | ||
| is_production: false | ||
|
|
||
|
|
||
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There are a lot of similarities between this and the staging step. I wonder if we might be able to combine the logic and add conditions in certain places for each deployment case.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
That's a good point, and that's what I mentioned when I officially announced this PR.
This is something that will be improved in the future based on what we are going to see when deploying this on the real infrastructure.
By now, I'm separating the logic between staging and production, but I'm planning to send a PR to the official action project (owned by Docker) that allows me to manipulate the tags without the need to duplicate the whole step.
cc @zackkrida