Skip to content

Version Packages (#1287) #1

Version Packages (#1287)

Version Packages (#1287) #1

name: CI/CD Pipeline for Auth Backend (Production)
on:
push:
branches:
- main
paths:
- 'apps/auth-service/**'
jobs:
build_and_deploy:
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v2
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v1
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: ${{ secrets.AWS_REGION }}
- name: Read version from package.json
id: get_version
run: |
VERSION=$(cat apps/auth-service/package.json | jq -r '.version')
echo "VERSION=${VERSION}" >> $GITHUB_ENV
- name: Login to Amazon ECR
run: |
aws ecr get-login-password --region ${{ secrets.AWS_REGION }} | docker login --username AWS --password-stdin ${{ secrets.ECR_REGISTRY }}
- name: Check latest image version in ECR
id: check_version
run: |
LATEST_ECR_VERSION=$(aws ecr describe-images --repository-name ${{ secrets.ECR_REPOSITORY_AUTH_BACKEND_NAME }} --region ${{ secrets.AWS_REGION }} --query 'sort_by(imageDetails,& imagePushedAt)[-1].imageTags[0]' --output text)
if [ "$VERSION" == "$LATEST_ECR_VERSION" ]; then
echo "::set-output name=should_deploy::false"
else
echo "::set-output name=should_deploy::true"
fi
- name: Build Docker image
if: steps.check_version.outputs.should_deploy == 'true'
run: |
docker build -f apps/auth-service/Dockerfile --no-cache --progress=plain -t ${{ secrets.ECR_REGISTRY }}/${{ secrets.ECR_REPOSITORY_AUTH_BACKEND_NAME }}:$VERSION .
- name: Push Docker image to Amazon ECR
if: steps.check_version.outputs.should_deploy == 'true'
run: |
docker push ${{ secrets.ECR_REGISTRY }}/${{ secrets.ECR_REPOSITORY_AUTH_BACKEND_NAME }}:$VERSION
- name: Decode SSH Key
run: echo "${{ secrets.AWS_SSH_KEY }}" | base64 --decode > private_key.pem
- name: Set file permissions
run: chmod 600 private_key.pem
- name: Deploy to EC2
if: steps.check_version.outputs.should_deploy == 'true'
run: |
ssh -o StrictHostKeyChecking=no -i private_key.pem ${{ secrets.AWS_EC2_USER_NAME }}@${{ secrets.AWS_EC2_HOST }} '
export AWS_REGION=${{ secrets.AWS_REGION }}
export ECR_REGISTRY=${{ secrets.ECR_REGISTRY }}
export ECR_REPOSITORY_AUTH_BACKEND_NAME=${{ secrets.ECR_REPOSITORY_AUTH_BACKEND_NAME }}
aws ecr get-login-password --region $AWS_REGION | sudo docker login --username AWS --password-stdin $ECR_REGISTRY
LATEST_IMAGE_VERSION=$(aws ecr describe-images --repository-name $ECR_REPOSITORY_AUTH_BACKEND_NAME --region $AWS_REGION --query "sort_by(imageDetails,& imagePushedAt)[-1].imageTags[0]" --output text)
echo "Latest image version: $LATEST_IMAGE_VERSION"
cd nginx/
sed -i -E "s|(auth-backend:)[0-9]+\.[0-9]+\.[0-9]+|\1$LATEST_IMAGE_VERSION|g" docker-compose.yml
if [ $? -eq 0 ]; then
echo "Image version updated successfully in docker-compose.yml."
else
echo "Failed to update image version in docker-compose.yml."
exit 1
fi
sudo docker compose down auth-backend-service
sudo docker compose pull auth-backend-service
sudo docker compose up -d auth-backend-service
'