Skip to content

Commit c71c178

Browse files
marcoaciernomarcoacierno
authored
Cleanup deployment workflow (#4280)
1 parent 64cc470 commit c71c178

File tree

1 file changed

+40
-19
lines changed

1 file changed

+40
-19
lines changed

.github/workflows/deploy.yml

Lines changed: 40 additions & 19 deletions
Original file line numberDiff line numberDiff line change
@@ -123,17 +123,11 @@ jobs:
123123
build-args: |
124124
PRETIX_IMAGE=${{ secrets.AWS_ACCOUNT_ID }}.dkr.ecr.eu-central-1.amazonaws.com/pythonit/pretix:pretix-base-${{ steps.git.outputs.githash }}
125125
126-
build-and-push-arm-service:
126+
build-be:
127127
runs-on: [self-hosted]
128128
permissions:
129129
packages: write
130130
contents: read
131-
strategy:
132-
fail-fast: false
133-
matrix:
134-
service:
135-
- name: pycon-backend
136-
dir: backend
137131

138132
steps:
139133
- uses: actions/checkout@v4
@@ -149,13 +143,13 @@ jobs:
149143
- name: Get service githash
150144
id: git
151145
run: |
152-
hash=$(git rev-list -1 HEAD -- ${{ matrix.service.dir }})
146+
hash=$(git rev-list -1 HEAD -- backend)
153147
echo "githash=$hash" >> $GITHUB_OUTPUT
154148
- name: Check if commit is already on ECR
155149
id: image
156150
run: |
157151
set +e
158-
aws ecr describe-images --repository-name=pythonit/${{ matrix.service.name }} --image-ids=imageTag=arm-${{ steps.git.outputs.githash }}
152+
aws ecr describe-images --repository-name=pythonit/pycon-backend --image-ids=imageTag=arm-${{ steps.git.outputs.githash }}
159153
if [[ $? == 0 ]]; then
160154
echo "image_exists=1" >> $GITHUB_OUTPUT
161155
else
@@ -182,21 +176,21 @@ jobs:
182176
if: ${{ steps.image.outputs.image_exists == 0 }}
183177
uses: docker/build-push-action@v6
184178
with:
185-
context: ./${{ matrix.service.dir }}
186-
file: ./${{ matrix.service.dir }}/Dockerfile
179+
context: ./backend
180+
file: ./backend/Dockerfile
187181
builder: ${{ steps.buildx.outputs.name }}
188182
provenance: false
189183
push: true
190184
tags: |
191-
${{ secrets.AWS_ACCOUNT_ID }}.dkr.ecr.eu-central-1.amazonaws.com/pythonit/${{ matrix.service.name }}:arm-${{ steps.git.outputs.githash }}
192-
ghcr.io/pythonitalia/pycon/${{ matrix.service.name }}:arm-${{ steps.git.outputs.githash }}
185+
${{ secrets.AWS_ACCOUNT_ID }}.dkr.ecr.eu-central-1.amazonaws.com/pythonit/pycon-backend:arm-${{ steps.git.outputs.githash }}
186+
ghcr.io/pythonitalia/pycon/pycon-backend:arm-${{ steps.git.outputs.githash }}
193187
cache-from: type=local,src=/tmp/.buildx-cache
194188
cache-to: type=local,dest=/tmp/.buildx-cache
195189
platforms: linux/arm64
196190

197-
terraform:
191+
deploy-be:
198192
runs-on: ubuntu-24.04
199-
needs: [build-and-push-arm-service, build-pretix, create-db]
193+
needs: [build-be, build-pretix, create-db]
200194
environment:
201195
name: ${{ fromJSON('["pastaporto", "production"]')[github.ref == 'refs/heads/main'] }}
202196
defaults:
@@ -228,11 +222,11 @@ jobs:
228222
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
229223
AWS_DEFAULT_REGION: eu-central-1
230224

231-
wait-aws-update:
225+
wait-be-update:
232226
runs-on: ubuntu-24.04
233-
needs: [terraform]
227+
needs: [deploy-be]
234228
steps:
235-
- name: Check health status
229+
- name: Wait stable deployment
236230
run: |
237231
while true; do
238232
response=$(curl -s "https://${{ fromJSON('["pastaporto-", ""]')[github.ref == 'refs/heads/main'] }}admin.pycon.it/health")
@@ -246,9 +240,13 @@ jobs:
246240
fi
247241
done
248242
shell: bash
243+
env:
244+
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
245+
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
246+
AWS_DEFAULT_REGION: eu-central-1
249247

250248
build-fe:
251-
needs: [wait-aws-update]
249+
needs: [wait-be-update]
252250
runs-on: [self-hosted]
253251
permissions:
254252
packages: write
@@ -366,3 +364,26 @@ jobs:
366364
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
367365
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
368366
AWS_DEFAULT_REGION: eu-central-1
367+
368+
wait-fe-update:
369+
runs-on: ubuntu-24.04
370+
needs: [deploy-fe]
371+
steps:
372+
- name: Wait stable deployment
373+
run: |
374+
while true; do
375+
response=$(curl -s "https://${{ fromJSON('["pastaporto-frontend", "frontend"]')[github.ref == 'refs/heads/main'] }}.pycon.it/api/health")
376+
commit=$(echo $response | jq -r '.commit')
377+
if [ "$commit" == "${{ steps.git.outputs.githash }}" ]; then
378+
echo "New version live"
379+
break
380+
else
381+
echo "Commit hash does not match. Retrying..."
382+
sleep 3
383+
fi
384+
done
385+
shell: bash
386+
env:
387+
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
388+
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
389+
AWS_DEFAULT_REGION: eu-central-1

0 commit comments

Comments
 (0)