feat(workflows): Implemented workflow to push images to ECR from GitH…

…ub Actions (#1392) * Push image to ECR from GitHub Actions * Update environment * Update .github/workflows/release-ecr.yml * Include other apps to push image to ECR * Update .github/scripts/release-ecr-tags.js Co-authored-by: jingyi2811 <[email protected]> * Fix release tag for ecr * Fix existing release tag version check * Remove character v from semver string before return Co-authored-by: Joel-David Wong <[email protected]> Co-authored-by: jingyi2811 <[email protected]>
DeFiCh · May 17, 2022 · bb99161 · bb99161
1 parent b06cd31
commit bb99161
Show file tree

Hide file tree

Showing 3 changed files with 79 additions and 5 deletions.
diff --git a/.github/scripts/release-ecr-tags.js b/.github/scripts/release-ecr-tags.js
@@ -0,0 +1,21 @@
+/**
+ * Release Tags
+ *
+ * Creating release tag based on each release version for AWS ECR Public
+ *
+ */
+
+module.exports = ({ context }) => {
+  if (context.eventName === 'release') {
+    return getReleaseTag(context)
+  }
+  throw new Error('Release Violation: Could not determine the required release tags.')
+}
+
+function getReleaseTag(context) {
+  const semver = context.payload.release.tag_name
+  if (semver.match(/^v[0-9]+\.[0-9]+\.[0-9]+$/) === null) {
+    throw new Error(`Release Violation: Provided version '${semver}' is not valid semver.`)
+  }
+  return semver.replace('v','')
+}
diff --git a/.github/scripts/release-tags.js b/.github/scripts/release-tags.js
@@ -1,6 +1,6 @@
 /**
  * Release Tags
- * 
+ *
  * Extracts tags which we can attach to our docker build processes for
  * container versioning. Looking at the context we determine what the
  * tag needs to look like in the scenarios of 'release', 'staging',
@@ -14,7 +14,7 @@
  *             step before a full release. The version is tagged with
  *             'main-${hash}'
  *
- * 'dev'     - relates to PRs which are submitted against the main 
+ * 'dev'     - relates to PRs which are submitted against the main
  *             branch. The version is tagged with 'pr-${hash}'.
  *
  * This script is tied to actions/github-script jobs in our workflows.
@@ -55,11 +55,11 @@ function getDomain(context) {
 }
 
 function getReleaseTag(domain, app, context) {
-  const semver = context.payload.release.tag_name.replace('v', '')
-  if (semver.match(/^[0-9]+\.[0-9]+\.[0-9]+$/) === false) {
+  const semver = context.payload.release.tag_name
+  if (semver.match(/^v[0-9]+\.[0-9]+\.[0-9]+$/) === null) {
     throw new Error(`Release Violation: Provided version '${semver}' is not valid semver.`)
   }
-  return `ghcr.io/${domain}/${app}:latest,ghcr.io/${domain}/${app}:${semver}`
+  return `ghcr.io/${domain}/${app}:latest,ghcr.io/${domain}/${app}:${semver.replace('v','')}`
 }
 
 function getMainTag(domain, app, { sha }) {

diff --git a/.github/workflows/release-ecr.yml b/.github/workflows/release-ecr.yml
@@ -0,0 +1,53 @@
+name: Release Apps for ECR
+
+on:
+  release:
+    types: [ published ]
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.event_name }}-${{ github.ref }}
+  cancel-in-progress: true
+
+env:
+  APPS: 'legacy-api,ocean-api,playground-api,status-api'
+
+jobs:
+  build:
+    if: github.actor != 'dependabot[bot]'
+    name: Publish
+    runs-on: ubuntu-latest
+    environment: ECR Release Publishing
+    strategy:
+      matrix:
+        app: [ legacy-api, ocean-api, playground-api, status-api ]
+    steps:
+      - uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b
+
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@27d0a4f181a40b142cce983c5393082c365d1480
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@94ab11c41e45d028884a99163086648e898eed25
+
+      - name: Login to Public ECR
+        uses: docker/login-action@dd4fa0671be5250ee6f50aedf4cb05514abda2c7
+        with:
+          registry: public.ecr.aws
+          username: ${{ secrets.AWS_ACCESS_KEY_ID }}
+          password: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+
+      - name: Resolve ECR Tags
+        uses: actions/github-script@9ac08808f993958e9de277fe43a64532a609130e
+        id: ecr-tags
+        with:
+          script: return require('./.github/scripts/release-ecr-tags.js')({ context })
+          result-encoding: string
+
+      - name: Build, tag, and push image to Amazon ECR
+        env:
+          ECR_REGISTRY: public.ecr.aws/x0i4b0k2
+          ECR_REPOSITORY: ${{ matrix.app }}
+          IMAGE_TAG: ${{ steps.ecr-tags.outputs.result }}
+        run: |
+          docker build -t $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG .
+          docker push $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG