update gha for when we deploy and merge qa and production

Author: Brett Richter

.github/workflows/github-actions-production.yml

@@ -0,0 +1,54 @@
+# On merge into the development` branch, build the image and deploy to ECR.
+# This is on `nypl` account.
+name: Publish production
+on:
+  push:
+    branches: 
+        - production
+env:
+  AWS_REGION: us-east-1
+  ECR_REPOSITORY: iiif
+  ECS_SERVICE: 	iiif-production
+  ECS_CLUSTER: 	iiif-production
+  IMAGE_TAG: production-latest
+  ENVIRONMENT: production
+permissions:
+  id-token: write
+  contents: read
+
+jobs:
+  publish_production:
+    name: Publish image to ECR and update ECS stack
+    runs-on: ubuntu-latest
+    steps:
+      - name: checkout
+        uses: actions/checkout@v3
+
+      - name: Configure AWS credentials
+        uses: aws-actions/configure-aws-credentials@v2
+        with:
+          role-to-assume: arn:aws:iam::463786892988:role/GithubActionsDeployerRole
+          aws-region: ${{ env.AWS_REGION }}
+
+      - name: Login to Amazon ECR
+        id: login-ecr
+        uses: aws-actions/amazon-ecr-login@v1
+
+      - name: Build, tag, and push image to Amazon ECR
+        env:
+          ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }}
+        run: |
+          # Build a docker container and
+          # push it to ECR so that it can
+          # be deployed to ECS.
+           docker build -t $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG .
+           docker push $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG
+           echo "image=$ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG" >> $GITHUB_OUTPUT
+
+      - name: Force ECS Update
+          # In addition to the current live version, the Global Header also
+          # deploys to a "previous" cluster. This is just in case the new
+          # version fails and teams require a working URL of the previous
+          # working version.
+        run: |
+          aws ecs update-service --cluster $ECS_CLUSTER --service $ECS_SERVICE --force-new-deployment

.github/workflows/github-actions-qa.yml

@@ -0,0 +1,54 @@
+# On merge into the development` branch, build the image and deploy to ECR.
+# This is on `nypl-dev` account.
+name: Publish qa
+on:
+  push:
+    branches: 
+        - qa
+env:
+  AWS_REGION: us-east-1
+  ECR_REPOSITORY: iiif
+  ECS_SERVICE: 	iiif-qa
+  ECS_CLUSTER: 	iiif-qa
+  IMAGE_TAG: qa-latest
+  ENVIRONMENT: qa
+permissions:
+  id-token: write
+  contents: read
+
+jobs:
+  publish_qa:
+    name: Publish image to ECR and update ECS stack
+    runs-on: ubuntu-latest
+    steps:
+      - name: checkout
+        uses: actions/checkout@v3
+
+      - name: Configure AWS credentials
+        uses: aws-actions/configure-aws-credentials@v2
+        with:
+          role-to-assume: arn:aws:iam::491147561046:role/GithubActionsDeployerRole
+          aws-region: ${{ env.AWS_REGION }}
+
+      - name: Login to Amazon ECR
+        id: login-ecr
+        uses: aws-actions/amazon-ecr-login@v1
+
+      - name: Build, tag, and push image to Amazon ECR
+        env:
+          ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }}
+        run: |
+          # Build a docker container and
+          # push it to ECR so that it can
+          # be deployed to ECS.
+           docker build -t $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG .
+           docker push $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG
+           echo "image=$ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG" >> $GITHUB_OUTPUT
+
+      - name: Force ECS Update
+          # In addition to the current live version, the Global Header also
+          # deploys to a "previous" cluster. This is just in case the new
+          # version fails and teams require a working URL of the previous
+          # working version.
+        run: |
+          aws ecs update-service --cluster $ECS_CLUSTER --service $ECS_SERVICE --force-new-deployment