1+ name : PR Deploy to Staging (Kubernetes)
2+
3+ on :
4+ workflow_dispatch :
5+ inputs :
6+ pr_number :
7+ description : ' Number of PR to deploy (only digits, e.g., 2889)'
8+ required : true
9+ type : string
10+ # pull_request:
11+ # types: [opened, synchronize]
12+ # branches:
13+ # - master
14+
15+ permissions :
16+ id-token : write
17+ contents : read
18+ pull-requests : write
19+
20+ env :
21+ APP_NAME : registry
22+ ECR_URL : 034362061030.dkr.ecr.eu-north-1.amazonaws.com
23+ AWS_REGION : eu-north-1
24+ EKS_ASSUME_ROLE_ARN : arn:aws:iam::605134427993:role/terraform
25+
26+ jobs :
27+ build-and-deploy :
28+ runs-on : ubuntu-latest
29+ # environment: staging
30+
31+ steps :
32+ - name : ⬇️ Checkout application code
33+ uses : actions/checkout@v4
34+ with :
35+ ref : refs/pull/${{ github.event.inputs.pr_number }}/merge
36+
37+ - name : 🔑 Configure AWS Credentials (for ECR and EKS)
38+ uses : aws-actions/configure-aws-credentials@v4
39+ with :
40+ role-to-assume : ${{ secrets.GH_ACTIONS_DEPLOY_ROLE_ARN }}
41+ aws-region : ${{ env.AWS_REGION }}
42+
43+ - name : 🛠️ Build and Tag Docker image
44+ id : docker_build
45+ run : |
46+ TAG="pr-${{ github.event.inputs.pr_number }}"
47+ echo "IMAGE_TAG=$TAG" >> $GITHUB_OUTPUT
48+
49+ docker build --platform linux/amd64 -f Dockerfile.production \
50+ -t ${{ env.APP_NAME }}:${TAG} .
51+
52+ name : 🔑 ECR Login using AWS CLI
53+ run : |
54+ aws ecr get-login-password --region ${{ env.AWS_REGION }} | \
55+ docker login --username AWS --password-stdin ${{ env.ECR_URL }}
56+
57+ name : ⬆️ Push Docker image to ECR
58+ run : |
59+ TAG=${{ steps.docker_build.outputs.IMAGE_TAG }}
60+ ECR_IMAGE="${{ env.ECR_URL }}/${{ env.APP_NAME }}:${TAG}"
61+ docker tag ${{ env.APP_NAME }}:${TAG} ${ECR_IMAGE}
62+ docker push ${ECR_IMAGE}
63+
64+ - name : 🔐 Mint GitHub App installation token (for IaC repo)
65+ id : app-token
66+ uses : actions/create-github-app-token@v2
67+ with :
68+ app-id : ${{ vars.GH_APP_ID }}
69+ private-key : ${{ secrets.GH_APP_PRIVATE_KEY }}
70+ owner : internetee
71+ repositories : Ry_AWS_IaC
72+
73+ - name : 🚀 Trigger IaC deploy (repository_dispatch)
74+ uses : peter-evans/repository-dispatch@v3
75+ with :
76+ token : ${{ steps.app-token.outputs.token }}
77+ repository : internetee/Ry_AWS_IaC
78+ event-type : deploy-service-staging
79+ client-payload : |
80+ {
81+ "app_name": "${{ env.APP_NAME }}",
82+ "image_tag": "${{ steps.docker_build.outputs.IMAGE_TAG }}",
83+ "namespace": "${{ env.APP_NAME }}"
84+ }
85+
86+ name : 💬 Post deploy trigger info to PR
87+ uses : actions/github-script@v7
88+ with :
89+ script : |
90+ const prNumber = context.issue.number || ${{ github.event.inputs.pr_number }};
91+
92+ if (prNumber) {
93+ github.rest.issues.createComment({
94+ issue_number: parseInt(prNumber),
95+ owner: context.repo.owner,
96+ repo: context.repo.repo,
97+ body: '🟦 **Image pushed to ECR** and **deploy triggered** in IaC repo.\n\nApp: ${{ env.APP_NAME }}\nImage Tag: ${{ steps.docker_build.outputs.IMAGE_TAG }}\nIaC workflow: internetee/Ry_AWS_IaC (event: deploy-service-staging)'
98+ })
99+ } else {
100+ core.info("No PR number found, skipping comment.");
101+ }
102+
0 commit comments