Relocate empty env vars #337
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: BuildEngine v2 Test and Deploy | |
| on: | |
| push: | |
| workflow_dispatch: | |
| inputs: | |
| tags: | |
| description: "Tags" | |
| env: | |
| BUILD_ENGINE_BUILD_TAG: "build-engine-api:${{ github.run_number }}" | |
| OTEL_BUILD_TAG: "scriptoria-otel:${{ github.run_number }}" | |
| BUILD_NUMBER: ${{ github.run_number }} | |
| jobs: | |
| check: | |
| uses: "./.github/workflows/setup.yml" | |
| secrets: | |
| AUTH0_SECRET: ${{ secrets.AUTH0_SECRET }} | |
| deploy-to-ecr: | |
| runs-on: ubuntu-latest | |
| needs: check | |
| if: ${{ success() && (github.ref == 'refs/heads/develop' || github.ref == 'refs/heads/master') }} | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v5 | |
| - name: Setup node | |
| uses: actions/setup-node@v5 | |
| with: | |
| node-version: 24 | |
| - name: Build docker images | |
| uses: docker/build-push-action@v4 | |
| with: | |
| push: false | |
| tags: ${{ env.BUILD_ENGINE_BUILD_TAG }} | |
| context: . | |
| load: true | |
| - name: Determine branch tag | |
| id: branch | |
| run: | | |
| if [[ "${GITHUB_HEAD_REF}" != "" ]]; then BRANCH="${GITHUB_HEAD_REF}"; else BRANCH="${GITHUB_REF_NAME}"; fi | |
| case $BRANCH in develop) DOCKER_TAG="staging" ;; master) DOCKER_TAG="production" ;; *) DOCKER_TAG="${BRANCH//\//-}" ;; esac | |
| case $BRANCH in develop) ECS_CLUSTER="scriptoria-stg";; master) ECS_CLUSTER="scriptoria-prd" ;; *) ECS_CLUSTER="none" ;; esac | |
| echo "DockerTag=${DOCKER_TAG}" >> $GITHUB_OUTPUT | |
| echo "EcsCluster=${ECS_CLUSTER}" >> $GITHUB_OUTPUT | |
| - name: Login to GitHub Container Registry | |
| uses: docker/login-action@v2 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.repository_owner }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Push to GHCR | |
| run: | | |
| docker tag ${{ env.BUILD_ENGINE_BUILD_TAG }} ghcr.io/sillsdev/appbuilder-buildengine-api:${{ steps.branch.outputs.DockerTag }} | |
| docker push ghcr.io/sillsdev/appbuilder-buildengine-api:${{ steps.branch.outputs.DockerTag }} | |
| - name: Configure AWS credentials (SIL) | |
| id: aws_sil | |
| uses: aws-actions/configure-aws-credentials@v4 | |
| with: | |
| aws-access-key-id: ${{ secrets.SIL__AWS_ACCESS_KEY_ID }} | |
| aws-secret-access-key: ${{ secrets.SIL__AWS_SECRET_ACCESS_KEY }} | |
| aws-region: ${{ secrets.SIL__AWS_DEFAULT_REGION }} | |
| - name: Login to AWS ECR (SIL) | |
| id: ecr_sil | |
| uses: aws-actions/amazon-ecr-login@v2 | |
| with: | |
| registries: ${{ secrets.SIL__AWS_ECR_ACCOUNT }} | |
| - name: Push to AWS ECR (SIL) | |
| run: | | |
| docker tag ${{ env.BUILD_ENGINE_BUILD_TAG }} "${{ steps.ecr_sil.outputs.registry }}/appbuilder-buildengine-api:${{ steps.branch.outputs.DockerTag }}" | |
| docker tag ${{ env.BUILD_ENGINE_BUILD_TAG }} "${{ steps.ecr_sil.outputs.registry }}/appbuilder-buildengine-api:${{ env.BUILD_NUMBER }}" | |
| docker push "${{ steps.ecr_sil.outputs.registry }}/appbuilder-buildengine-api:${{ steps.branch.outputs.DockerTag }}" | |
| docker push "${{ steps.ecr_sil.outputs.registry }}/appbuilder-buildengine-api:${{ env.BUILD_NUMBER }}" | |
| - name: Deploy to ECS (SIL) | |
| if: ${{ steps.branch.outputs.EcsCluster != 'none' }} | |
| run: | | |
| echo "Deploying ${{ env.BUILD_NUMBER }} to ${{ steps.branch.outputs.EcsCluster }}" | |
| # Deploy to ECS cluster with service name 'build-engine', setting all images to the latest tag | |
| ecs-deploy -c ${{ steps.branch.outputs.EcsCluster }} -n buildengine -i ignore -to ${{ env.BUILD_NUMBER }} --max-definitions 20 --timeout 600 | |
| echo "Deployment initiated successfully." | |
| - name: Configure AWS credentials (FCBH) | |
| if: false # Temporarily disabled - remove this line to re-enable | |
| # if: ${{ steps.branch.outputs.EcsCluster == 'scriptoria-prd' }} # Restore this when re-enabling | |
| id: aws_fcbh | |
| uses: aws-actions/configure-aws-credentials@v4 | |
| with: | |
| aws-access-key-id: ${{ secrets.FCBH__AWS_ACCESS_KEY_ID }} | |
| aws-secret-access-key: ${{ secrets.FCBH__AWS_SECRET_ACCESS_KEY }} | |
| aws-region: ${{ secrets.FCBH__AWS_DEFAULT_REGION }} | |
| - name: Login to AWS ECR (FCBH) | |
| if: false # Temporarily disabled - remove this line to re-enable | |
| # if: ${{ steps.branch.outputs.EcsCluster == 'scriptoria-prd' }} # Restore this when re-enabling | |
| id: ecr_fcbh | |
| uses: aws-actions/amazon-ecr-login@v2 | |
| with: | |
| registries: ${{ secrets.FCBH__AWS_ECR_ACCOUNT }} | |
| - name: Push to AWS ECR (FCBH) | |
| if: false # Temporarily disabled - remove this line to re-enable | |
| # if: ${{ steps.branch.outputs.EcsCluster == 'scriptoria-prd' }} # Restore this when re-enabling | |
| run: | | |
| docker tag ${{ env.BUILD_ENGINE_BUILD_TAG }} "${{ steps.ecr_fcbh.outputs.registry }}/appbuilder-buildengine-api:${{ steps.branch.outputs.DockerTag }}" | |
| docker tag ${{ env.BUILD_ENGINE_BUILD_TAG }} "${{ steps.ecr_fcbh.outputs.registry }}/appbuilder-buildengine-api:${{ env.BUILD_NUMBER }}" | |
| docker push "${{ steps.ecr_fcbh.outputs.registry }}/appbuilder-buildengine-api:${{ steps.branch.outputs.DockerTag }}" | |
| docker push "${{ steps.ecr_fcbh.outputs.registry }}/appbuilder-buildengine-api:${{ env.BUILD_NUMBER }}" | |
| - name: Deploy to ECS (FCBH) | |
| if: false # Temporarily disabled - remove this line to re-enable | |
| # if: ${{ steps.branch.outputs.EcsCluster == 'scriptoria-prd' }} # Restore this when re-enabling | |
| run: | | |
| echo "Deploying ${{ env.BUILD_NUMBER }} to ${{ steps.branch.outputs.EcsCluster }}" | |
| # Deploy to ECS cluster with service name 'build-engine', setting all images to the latest tag | |
| ecs-deploy -c ${{ steps.branch.outputs.EcsCluster }} -n buildengine -i ignore -to ${{ env.BUILD_NUMBER }} --max-definitions 20 --timeout 600 | |
| echo "Deployment initiated successfully." | |
| - name: Configure AWS credentials (LU) | |
| if: ${{ steps.branch.outputs.EcsCluster == 'scriptoria-stg' }} | |
| id: aws_lu | |
| uses: aws-actions/configure-aws-credentials@v4 | |
| with: | |
| aws-access-key-id: ${{ secrets.LU__AWS_ACCESS_KEY_ID }} | |
| aws-secret-access-key: ${{ secrets.LU__AWS_SECRET_ACCESS_KEY }} | |
| aws-region: ${{ secrets.LU__AWS_DEFAULT_REGION }} | |
| - name: Login to AWS ECR (LU) | |
| if: ${{ steps.branch.outputs.EcsCluster == 'scriptoria-stg' }} | |
| id: ecr_lu | |
| uses: aws-actions/amazon-ecr-login@v2 | |
| with: | |
| registries: ${{ secrets.LU__AWS_ECR_ACCOUNT }} | |
| - name: Push to AWS ECR (LU) | |
| if: ${{ steps.branch.outputs.EcsCluster == 'scriptoria-stg' }} | |
| run: | | |
| docker tag ${{ env.BUILD_ENGINE_BUILD_TAG }} "${{ steps.ecr_lu.outputs.registry }}/appbuilder-buildengine-api:${{ steps.branch.outputs.DockerTag }}" | |
| docker tag ${{ env.BUILD_ENGINE_BUILD_TAG }} "${{ steps.ecr_lu.outputs.registry }}/appbuilder-buildengine-api:${{ env.BUILD_NUMBER }}" | |
| docker push "${{ steps.ecr_lu.outputs.registry }}/appbuilder-buildengine-api:${{ steps.branch.outputs.DockerTag }}" | |
| docker push "${{ steps.ecr_lu.outputs.registry }}/appbuilder-buildengine-api:${{ env.BUILD_NUMBER }}" | |
| - name: Deploy to ECS (LU) | |
| if: ${{ steps.branch.outputs.EcsCluster == 'scriptoria-stg' }} | |
| run: | | |
| echo "Deploying ${{ env.BUILD_NUMBER }} to ${{ steps.branch.outputs.EcsCluster }}" | |
| # Deploy to ECS cluster with service name 'build-engine', setting all images to the latest tag | |
| ecs-deploy -c ${{ steps.branch.outputs.EcsCluster }} -n buildengine -i ignore -to ${{ env.BUILD_NUMBER }} --max-definitions 20 --timeout 600 | |
| echo "Deployment initiated successfully." | |
| - name: Clean up older packages | |
| uses: actions/delete-package-versions@v4 | |
| with: | |
| package-name: "appbuilder-buildengine-api" | |
| package-type: "container" | |
| min-versions-to-keep: 6 | |
| delete-only-untagged-versions: "true" |