name: Deploy to Amazon ECS on: push: tags: - 'v*' env: AWS_REGION: eu-west-3 ECR_REPOSITORY: quivr ECR_REGISTRY: 253053805092.dkr.ecr.eu-west-3.amazonaws.com ECS_CLUSTER: quivr jobs: build_and_push: name: Build and Push Docker Image runs-on: ubuntu-latest environment: production steps: - name: Checkout uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4 - name: Configure AWS credentials uses: aws-actions/configure-aws-credentials@5fd3084fc36e372ff1fff382a39b10d03659f355 # v2 with: aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} aws-region: ${{ env.AWS_REGION }} - name: Login to Amazon ECR id: login-ecr uses: aws-actions/amazon-ecr-login@2fc7aceee09e9e4a7105c0d060c656fad0b4f63d # v1 - name: Login to GitHub Container Registry uses: docker/login-action@465a07811f14bebb1938fbed4728c6a1ff8901fc # v2 with: registry: ghcr.io username: ${{ github.repository_owner }} password: ${{ secrets.GITHUB_TOKEN }} - name: Set up Docker Buildx uses: docker/setup-buildx-action@885d1462b80bc1c1c7f0b00334ad271f09369c55 # v2 - name: Create Docker Cacha Storage Backend run: | docker buildx create --use --driver=docker-container - name: See the file in the runner run: | ls -la - name: Build, tag, and push image to Amazon ECR id: build-image uses: docker/build-push-action@0a97817b6ade9f46837855d676c4cca3a2471fc9 # v4 env: ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }} IMAGE_TAG: ${{ github.sha }} with: context: ./backend/ push: true tags: ${{ env.ECR_REGISTRY }}/${{ env.ECR_REPOSITORY }}:${{ env.IMAGE_TAG }}, ${{ env.ECR_REGISTRY }}/${{ env.ECR_REPOSITORY }}:${{ github.ref_name}}, ghcr.io/stangirard/quivr:${{ github.ref_name}} cache-from: type=gha cache-to: type=gha,mode=max deploy: needs: build_and_push runs-on: ubuntu-latest environment: production strategy: fail-fast: false matrix: include: - name: "quivr" service: "quivr-backend" task_definition: ".aws/task_definition.json" container: "quivr" - name: "quivr-chat" service: "prod-worker" task_definition: ".aws/task_definition_prod_worker.json" container: "quivr-chat" steps: - name: Checkout uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4 - name: Configure AWS credentials uses: aws-actions/configure-aws-credentials@5fd3084fc36e372ff1fff382a39b10d03659f355 # v2 with: aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} aws-region: ${{ env.AWS_REGION }} - name: Fill in the new image ID in the Amazon ECS task definition for ${{ matrix.name }} id: task-def uses: aws-actions/amazon-ecs-render-task-definition@4225e0b507142a2e432b018bc3ccb728559b437a # v1 with: task-definition: ${{ matrix.task_definition }} container-name: ${{ matrix.container }} image: ${{env.ECR_REGISTRY}}/${{ env.ECR_REPOSITORY }}:${{ github.sha }} - name: Deploy Amazon ECS task definition for ${{ matrix.name }} uses: aws-actions/amazon-ecs-deploy-task-definition@df9643053eda01f169e64a0e60233aacca83799a # v1 with: task-definition: ${{ steps.task-def.outputs.task-definition }} service: ${{ matrix.service }} cluster: ${{ env.ECS_CLUSTER }} wait-for-service-stability: true