-
Notifications
You must be signed in to change notification settings - Fork 2
134 lines (118 loc) · 4.26 KB
/
build.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
name: Build & Push Image to ECR
on:
push:
branches:
- main
env:
ECR_REPOSITORY: swa-ecr
EKS_CLUSTER: SHCW-AN2-RND-EKS-1
CONTAINER_NAME: backstage
AWS_REGION : ap-northeast-2
CACHED_DEPENDENCY_PATHS: |
${{ github.workspace }}/node_modules
${{ github.workspace }}/packages/app/node_modules
${{ github.workspace }}/packages/backend/node_modules
permissions:
id-token: write
contents: read
jobs:
load_config:
runs-on: ubuntu-latest
steps:
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v2
with:
role-to-assume: ${{ secrets.AWS_ROLE_ARN }}
role-session-name: SANDBOX-PUB-IAMR-GITHUB
aws-region: ${{ env.AWS_REGION }}
- run: aws sts get-caller-identity
- name: Login to Amazon ECR
id: login-ecr
uses: aws-actions/amazon-ecr-login@v1
job_install_dependencies:
name: Install Dependencies
needs: [load_config]
runs-on: ubuntu-latest
timeout-minutes: 15
steps:
- name: Check out current commit (${{ github.sha }})
uses: actions/checkout@v3
- name: Set up Node
uses: actions/setup-node@v3
- name: Compute dependency cache key
id: compute_lockfile_hash
run: echo "cache-name=hash::${{ hashFiles('**/yarn.lock') }}" >> $GITHUB_OUTPUT
- name: Check dependency cache
uses: actions/cache@v3
id: cache_dependencies
with:
path: ${{ env.CACHED_DEPENDENCY_PATHS }}
key: ${{ steps.compute_lockfile_hash.outputs.cache-name }}
- name: Install dependencies
# use '.', not '[]' with hyphenated variables
# https://github.com/nektos/act/issues/104#issuecomment-592892249
if: steps.cache_dependencies.outputs.cache-hit != 'true'
run: yarn install
outputs:
dependency_cache_key: ${{ steps.compute_lockfile_hash.outputs.cache-name }}
build_push:
if: ${{ always() }}
needs: [job_install_dependencies]
name: build and push image to ecr
runs-on: ubuntu-latest
steps:
- name: Check out current commit (${{ github.sha }})
uses: actions/checkout@v3
- name: Set up Node
uses: actions/setup-node@v3
- uses: docker/setup-buildx-action@v2
- name: set current date as env variable
run: echo "NOW=$(date +%s)" >> $GITHUB_ENV
- name: Check dependency cache
uses: actions/cache@v3
with:
path: ${{ env.CACHED_DEPENDENCY_PATHS }}
key: ${{ needs.job_install_dependencies.outputs.dependency_cache_key }}
- name: Test unit
run: yarn test
- name: load dist before build
run: yarn tsc
- name: Build yarn dependencies
run: yarn build:all
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
# - name: Copy & Build to docker
# env:
# IMAGE_TAG: ${{ github.sha }}
# run: DOCKER_BUILDKIT=1 yarn build-image --tag $IMAGE_TAG
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v2
with:
role-to-assume: ${{ secrets.AWS_ROLE_ARN }}
role-session-name: SANDBOX-PUB-IAMR-GITHUB
aws-region: ${{ env.AWS_REGION }}
- name: Login to Amazon ECR
id: login-ecr
uses: aws-actions/amazon-ecr-login@main
# - name: push to ecr repo
# env:
# GITHUB_SHA: ${{github.sha}}
# REGISTRY: ${{ steps.login-ecr.outputs.registry }}
# IMAGE_TAG: main-${{ github.sha }}-${{ env.NOW }}
# run: |
# echo $REGISTRY
# docker tag docker.io/library/$GITHUB_SHA $REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG
# docker push $REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG
- name: push to ecr repo
uses: docker/build-push-action@v4
env:
GITHUB_SHA: ${{github.sha}}
REGISTRY: ${{ steps.login-ecr.outputs.registry }}
IMAGE_TAG: main-${{ github.sha }}-${{ env.NOW }}
with:
context: .
file: ./packages/backend/Dockerfile
push: true
tags: ${{ env.REGISTRY }}/${{ env.ECR_REPOSITORY }}:${{ env.IMAGE_TAG }}
cache-from: type=gha
cache-to: type=gha,mode=max