ci(aws): add aws deployment workflow

Signed-off-by: Jayne Doe <[email protected]>

Author: J4Numbers

.github/workflows/aws.yml

@@ -0,0 +1,78 @@
+on:
+  workflow_call:
+    inputs:
+      env:
+        required: true
+        type: string
+    secrets:
+      AWS_ACCESS_KEY_ID:
+        required: true
+      AWS_SECRET_ACCESS_KEY:
+        required: true
+
+name: Deploy to Amazon ECS
+
+jobs:
+  deploy:
+    name: Deploy
+    runs-on: ubuntu-latest
+    environment: production
+
+    steps:
+    - name: Checkout
+      uses: actions/checkout@v2
+
+    - name: Configure AWS credentials
+      uses: aws-actions/configure-aws-credentials@v1
+      with:
+        aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
+        aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+        aws-region: eu-west-2
+
+    - name: Login to Amazon ECR
+      id: login-ecr
+      uses: aws-actions/amazon-ecr-login@v1
+
+    - name: Build, tag, and push image to Amazon ECR
+      id: build-image
+      env:
+        ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }}
+        ECR_REPOSITORY: j4numbers/personal-website
+        IMAGE_TAG: ${{ github.sha }}
+      run: |
+        # Build a docker container and
+        # push it to ECR so that it can
+        # be deployed to ECS.
+        docker build -t $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG .
+        docker push $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG
+        echo "::set-output name=image::$ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG"
+
+    - name: HashiCorp - Setup Terraform
+      uses: hashicorp/[email protected]
+      with:
+        # The version of Terraform CLI to install. Defaults to `latest`.
+        terraform_version: "> 0.15.5"
+
+    - name: Validate and plan deployment Terraform
+      id: terraform-plan-validate
+      env:
+        AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
+        AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+
+        TF_VAR_deploy_version: ${{ github.sha }}
+        TF_VAR_vpc_id: ${{ secrets.DEPLOY_VPC_ID }}
+        TF_VAR_application_debug_mode: "false"
+
+        TF_VAR_logger_level: "info"
+      run: |
+        cd tf/site/
+        terraform init -backend-config backend_config/dev.conf
+        terraform validate
+        terraform plan -no-color -out plan.tfplan
+
+    - name: Deploy Terraform
+      id: terraform-apply
+      env:
+        AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
+        AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+      run: cd tf/site/ && terraform apply plan.tfplan

.github/workflows/npm-build-and-test.yml

@@ -2,21 +2,20 @@ name: NodeJS build and test
 
 on: push
 
+env:
+  default_node_version: 14.x
+
 jobs:
   build:
     runs-on: ubuntu-latest
 
-    strategy:
-      matrix:
-        node-version: [12.x, 14.x, 16.x]
-
     steps:
     - uses: actions/checkout@v2
 
     - name: Use Node.js ${{ matrix.node-version }}
       uses: actions/setup-node@v1
       with:
-        node-version: ${{ matrix.node-version }}
+        node-version: ${{ env.default_node_version }}
 
     - name: Build
       run: |
@@ -50,10 +49,6 @@ jobs:
     needs: build
     continue-on-error: true
 
-    strategy:
-      matrix:
-        node-version: [12.x, 14.x, 16.x]
-
     steps:
     - uses: actions/checkout@v2
 
@@ -75,7 +70,7 @@ jobs:
     - name: Use Node.js ${{ matrix.node-version }}
       uses: actions/setup-node@v1
       with:
-        node-version: ${{ matrix.node-version }}
+        node-version: ${{ env.default_node_version }}
 
     - name: Perform lint checks
       run: |
@@ -119,3 +114,15 @@ jobs:
         npm i
         npm run generate-certs
         npm run test:unit
+
+  deploy:
+    if: github.ref_name == 'main'
+    needs:
+    - test
+    uses: j4numbers/common-workflows/.github/workflows/build-ecr-aws.yml@main
+    with:
+      env: production
+      repo_name: j4numbers/personal-website
+    secrets:
+      AWS_ACCESS_KEY_ID: ${{ secrets.aws_access_key_id }}
+      AWS_SECRET_ACCESS_KEY: ${{ secrets.aws_secret_access_key }}