Update deployment workflow to run debug environment command instead o… #27
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Deploy to AWS | |
| on: | |
| push: | |
| branches: [main] | |
| workflow_dispatch: # Allow manual trigger | |
| # Prevent multiple deployments from running simultaneously | |
| concurrency: | |
| group: deploy-${{ github.ref }} | |
| cancel-in-progress: false # Don't cancel running deployments, just queue them | |
| env: | |
| AWS_REGION: us-east-1 | |
| PULUMI_ACCESS_TOKEN: ${{ secrets.PULUMI_ACCESS_TOKEN }} | |
| jobs: | |
| deploy: | |
| name: Deploy Infrastructure | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Setup Bun | |
| uses: oven-sh/setup-bun@v2 | |
| with: | |
| bun-version: latest | |
| - name: Configure AWS credentials | |
| uses: aws-actions/configure-aws-credentials@v4 | |
| with: | |
| aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| aws-region: ${{ env.AWS_REGION }} | |
| # Login to ECR (needed for Docker push) | |
| - name: Login to Amazon ECR | |
| id: login-ecr | |
| uses: aws-actions/amazon-ecr-login@v2 | |
| # Deploy everything through Pulumi (handles Docker building and infrastructure) | |
| - name: Deploy with Pulumi | |
| run: | | |
| cd apps/infra | |
| bun install | |
| pulumi stack select compai/placeholder-dev --create | |
| pulumi up --yes | |
| # Cleanup on Pulumi failure only | |
| - name: Cleanup failed Pulumi deployment | |
| if: failure() | |
| run: | | |
| echo "🧹 Cleaning up failed Pulumi deployment..." | |
| cd apps/infra | |
| pulumi cancel --yes || true | |
| echo "Pulumi cleanup completed" | |
| - name: Infrastructure deployment complete | |
| run: | | |
| echo "✅ Infrastructure deployment completed successfully!" | |
| echo "🎯 Pulumi handled Docker building and infrastructure deployment" | |
| migrate: | |
| name: Run Database Migrations | |
| runs-on: ubuntu-latest | |
| needs: deploy | |
| steps: | |
| - name: Configure AWS credentials | |
| uses: aws-actions/configure-aws-credentials@v4 | |
| with: | |
| aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| aws-region: ${{ env.AWS_REGION }} | |
| - name: Run database migrations | |
| run: | | |
| echo "🚀 Running database migrations..." | |
| # Discover the actual cluster and service names | |
| echo "Discovering ECS cluster and service names..." | |
| CLUSTER_NAME=$(aws ecs list-clusters --query 'clusterArns[?contains(@, `pathfinder-cluster`)]' --output text | head -1 | awk -F'/' '{print $NF}') | |
| SERVICE_NAME=$(aws ecs list-services --cluster $CLUSTER_NAME --query 'serviceArns[?contains(@, `pathfinder-service`)]' --output text | head -1 | awk -F'/' '{print $NF}') | |
| echo "Using cluster: $CLUSTER_NAME" | |
| echo "Using service: $SERVICE_NAME" | |
| # Wait for service to be stable after deployment | |
| echo "Waiting for ECS service to be stable..." | |
| aws ecs wait services-stable --cluster $CLUSTER_NAME --services $SERVICE_NAME | |
| # Get the latest task definition ARN | |
| TASK_DEF_ARN=$(aws ecs describe-services \ | |
| --cluster $CLUSTER_NAME \ | |
| --services $SERVICE_NAME \ | |
| --query 'services[0].taskDefinition' \ | |
| --output text) | |
| echo "Using task definition: $TASK_DEF_ARN" | |
| # Run the migration task | |
| TASK_ARN=$(aws ecs run-task \ | |
| --cluster $CLUSTER_NAME \ | |
| --task-definition $TASK_DEF_ARN \ | |
| --launch-type FARGATE \ | |
| --network-configuration "awsvpcConfiguration={subnets=[$(aws ec2 describe-subnets --filters "Name=tag:Name,Values=*pathfinder-vpc-private*" --query 'Subnets[*].SubnetId' --output text | tr '\t' ',')],securityGroups=[$(aws ec2 describe-security-groups --filters "Name=tag:Name,Values=*pathfinder-service-sg*" --query 'SecurityGroups[0].GroupId' --output text)],assignPublicIp=ENABLED}" \ | |
| --overrides '{"containerOverrides":[{"name":"pathfinder-app","command":["bun","run","debug:env"]}]}' \ | |
| --query 'tasks[0].taskArn' \ | |
| --output text) | |
| echo "Migration task started: $TASK_ARN" | |
| # Wait for migration to complete | |
| aws ecs wait tasks-stopped --cluster $CLUSTER_NAME --tasks $TASK_ARN | |
| # Check if migration succeeded | |
| EXIT_CODE=$(aws ecs describe-tasks \ | |
| --cluster $CLUSTER_NAME \ | |
| --tasks $TASK_ARN \ | |
| --query 'tasks[0].containers[0].exitCode' \ | |
| --output text) | |
| if [ "$EXIT_CODE" != "0" ]; then | |
| echo "❌ Migration failed with exit code: $EXIT_CODE" | |
| exit 1 | |
| fi | |
| echo "✅ Migrations completed successfully!" | |
| - name: Migration complete | |
| run: | | |
| echo "✅ Database migrations completed successfully!" | |
| complete: | |
| name: Deployment Complete | |
| runs-on: ubuntu-latest | |
| needs: [deploy, migrate] | |
| if: always() | |
| steps: | |
| - name: Deployment status | |
| run: | | |
| if [ "${{ needs.deploy.result }}" = "success" ] && [ "${{ needs.migrate.result }}" = "success" ]; then | |
| echo "🎉 Full deployment completed successfully!" | |
| elif [ "${{ needs.deploy.result }}" = "success" ] && [ "${{ needs.migrate.result }}" = "failure" ]; then | |
| echo "⚠️ Infrastructure deployed but migrations failed" | |
| echo "🔧 You can retry migrations or fix them manually" | |
| else | |
| echo "❌ Deployment failed" | |
| exit 1 | |
| fi |