retry echo #606
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Push Remote Dev | |
on: | |
push: | |
branches: | |
- "rdev-*" | |
env: | |
# Force using BuildKit instead of normal Docker, required so that metadata | |
# is written/read to allow us to use layers of previous builds as cache. | |
DOCKER_BUILDKIT: 1 | |
COMPOSE_DOCKER_CLI_BUILD: 1 | |
DOCKER_REPO: ${{ secrets.ECR_REPO }}/ | |
# https://docs.github.com/en/actions/deployment/security-hardening-your-deployments/configuring-openid-connect-in-amazon-web-services | |
permissions: | |
id-token: write | |
contents: write | |
jobs: | |
build-push-images: | |
runs-on: ubuntu-20.04 | |
strategy: | |
matrix: | |
image: | |
- dockerfile: src/backend/Dockerfile.gisaid | |
context: ./src/backend/ | |
name: genepi-gisaid | |
- dockerfile: src/backend/Dockerfile.nextstrain | |
context: ./src/backend/ | |
name: genepi-nextstrain | |
- dockerfile: src/backend/Dockerfile.pangolin | |
context: ./src/backend/ | |
name: genepi-pangolin | |
- dockerfile: src/backend/Dockerfile.lineage_qc | |
context: ./src/backend/ | |
name: genepi-lineage-qc | |
- dockerfile: src/backend/Dockerfile | |
context: ./src/backend/ | |
name: genepi-backend | |
- dockerfile: src/frontend/Dockerfile | |
context: ./src/frontend/ | |
name: genepi-frontend | |
steps: | |
- name: Configure AWS Credentials | |
uses: aws-actions/configure-aws-credentials@v4 | |
with: | |
aws-region: us-west-2 | |
aws-access-key-id: ${{ secrets.THEIAGEN_AWS_ACCESS_KEY_ID }} | |
aws-secret-access-key: ${{ secrets.THEIAGEN_AWS_SECRET_ACCESS_KEY }} | |
- name: Build And Push | |
id: build_outputs | |
uses: chanzuckerberg/github-actions/.github/actions/docker-build-push@docker-build-push-v1.3.1 | |
with: | |
dockerfile: ${{ matrix.image.dockerfile }} | |
context: ${{ matrix.image.context }} | |
name: ${{ matrix.image.name }} | |
registry: 654654542669.dkr.ecr.us-west-2.amazonaws.com | |
- name: echo the tags to github output | |
run: | | |
echo 'IMAGE_SHA<<EOF' >> $GITHUB_ENV | |
echo '${{ steps.build_outputs.outputs.tags }}' >> $GITHUB_ENV | |
echo 'EOF' >> $GITHUB_ENV | |
- name: print the tag | |
shell: bash | |
run: echo ${{ env.IMAGE_SHA }} | |
# TODO: figure out whether {{ secrets.GITHUB_TOKEN }} is enough for this step: | |
# - name: Update the file | |
# uses: EndBug/add-and-commit@v9 | |
# with: | |
# add: -A | |
# message: 'chore: Updated locals.tf.json file with new image tag' | |
create-update-rdev: | |
runs-on: ubuntu-20.04 | |
needs: | |
- build-push-images | |
steps: | |
- name: Configure AWS Credentials | |
uses: aws-actions/configure-aws-credentials@v2 | |
with: | |
role-session-name: CreateUpdateRdev | |
aws-region: us-west-2 | |
role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }} | |
role-duration-seconds: 900 | |
- name: Calculate Branch and Base Names | |
id: refs | |
uses: chanzuckerberg/github-actions/.github/actions/get-github-ref-names@get-github-ref-names-v1.4.0 | |
- name: Get Stack Name | |
id: stack-name | |
uses: actions/github-script@v6 | |
with: | |
script: | | |
const prefix = "rdev-"; | |
const ref = "${{ steps.refs.outputs.headRef }}"; | |
if (!ref.startsWith(prefix)) { | |
core.setFailed(`ref ${ref} did not start with ${prefix}`) | |
return | |
} | |
// Must be compatible with DNS charset, replace chars not allowed with '-' | |
const stackName = ref.slice(prefix.length).replaceAll(/[^a-zA-Z0-9/-]+/g, "-") | |
console.log(`stackName: ${stackName}`) | |
core.setOutput('stack-name', stackName) | |
- name: Create or update rdev | |
uses: chanzuckerberg/github-actions/.github/actions/deploy-happy-stack@deploy-happy-stack-v1.7.0 | |
with: | |
tfe-token: ${{ secrets.TFE_TOKEN }} | |
stack-name: ${{ steps.stack-name.outputs.stack-name }} | |
happy_version: "0.41.3" |