From 34c0e46f3f31f3d44edad486c63ab9c8c0ee6b67 Mon Sep 17 00:00:00 2001 From: priyaranjanpatil Date: Tue, 16 Jan 2024 12:08:38 +1100 Subject: [PATCH] build deploy and rollback changes --- .github/workflows/rollback-workflow.yml | 132 ++++++++++++++++++++++++ 1 file changed, 132 insertions(+) create mode 100644 .github/workflows/rollback-workflow.yml diff --git a/.github/workflows/rollback-workflow.yml b/.github/workflows/rollback-workflow.yml new file mode 100644 index 0000000..492f03d --- /dev/null +++ b/.github/workflows/rollback-workflow.yml @@ -0,0 +1,132 @@ +name: Rollback to particular version + +on: + push: + branches: [5195-cicd-test] +# on: +# workflow_dispatch: # Manual trigger for rollback +# inputs: +# DEPLOY_VERSION: +# description: 'Stable Version Image Id' +# required: true +env: + ECR_REPOSITORY: test # set this to your Amazon ECR repository name + ECS_SERVICE: test # set this to your Amazon ECS service name + ECS_CLUSTER: test # set this to your Amazon ECS cluster name + ECS_TASK_DEFINITION: ./geonetwork4-td.json #MY_ECS_TASK_DEFINITION # set this to the path to your Amazon ECS task definition + +permissions: + id-token: write # This is required for requesting the JWT + contents: read # This is required for actions/checkout + +jobs: + rollback: + runs-on: ubuntu-latest + environment: development + steps: + - name: Git clone the repository + uses: actions/checkout@v3 + + - name: Configure AWS credentials + uses: aws-actions/configure-aws-credentials@v4 + with: + role-to-assume: ${{ secrets.ROLE_ARN }} + role-session-name: GitHub_to_AWS_via_FederatedOIDC + aws-region: ${{ vars.AWS_REGION }} + + # Hello from AWS: WhoAmI + - name: Sts GetCallerIdentity + run: | + aws sts get-caller-identity + + - name: Install jq + run: sudo apt-get update && sudo apt-get install -y jq + + - name: Retrieve Parameters - ssm parameter store + id: getParameters + run: | + # Replace '--path' with your specific path from Parameter Store + parameters=$(aws ssm get-parameters-by-path --path "/core/geonetwork4/dev_ecr_ecs_config/" --recursive --query 'Parameters[*].[Name,Value]' --output json) + echo "$parameters" > parameters.json + echo "::set-output name=parameters_json::$parameters" + + - name: Process Parameters - ssm parameter store + id: process-parameters + run: | + parameters=$(cat parameters.json) + # Loop through the JSON array of parameters using jq + for row in $(echo "${parameters}" | jq -r '.[] | @base64'); do + _jq() { + echo "${row}" | base64 --decode | jq -r "${1}" + } + name=$(_jq '.[0]') + value=$(_jq '.[1]') + + echo "Name: $name, Value: $value" + + # Perform actions using parameter values here + # For example, set environment variables + if [ "$name" = "/core/geonetwork4/dev_ecr_ecs_config/ecs_cluster" ]; then + echo "ECS_CLUSTER=$value" >> "$GITHUB_ENV" + echo "ECS_CLUSTER=$value" >> $GITHUB_OUTPUT + fi + if [ "$name" = "/core/geonetwork4/dev_ecr_ecs_config/ecs_service" ]; then + echo "ECS_SERVICE=$value" >> "$GITHUB_ENV" + echo "ECS_SERVICE=$value" >> $GITHUB_OUTPUT + fi + if [ "$name" = "/core/geonetwork4/dev_ecr_ecs_config/container_name" ]; then + echo "CONTAINER_NAME=$value" >> "$GITHUB_ENV" + echo "CONTAINER_NAME=$value" >> $GITHUB_OUTPUT + fi + done + + - name: Fill in the new image ID in the Amazon ECS task definition + id: task-def + uses: aws-actions/amazon-ecs-render-task-definition@v1 + with: + task-definition: ${{ env.ECS_TASK_DEFINITION }} + container-name: ${{ steps.process-parameters.outputs.CONTAINER_NAME }} + image: ${{ vars.DEPLOY_VERSION }} # TODO: this var will be replaced by manaul input from user ${{ inputs.DEPLOY_VERSION }} + environment-variables: | + IMAGE=${{ vars.DEPLOY_VERSION }} + ES_HOST=${{ vars.ES_HOST }} + ES_PROTOCOL=${{ vars.ES_PROTOCOL }} + ES_PORT=${{ vars.ES_PORT }} + ES_USERNAME=${{ vars.ES_USERNAME }} + ES_PASSWORD=${{ secrets.ES_PASSWORD }} + GEONETWORK_DB_PASSWORD=${{ secrets.GEONETWORK_DB_PASSWORD }} + + GEONETWORK_DB_TYPE=${{ vars.GEONETWORK_DB_TYPE }} + GEONETWORK_DB_HOST=${{ vars.GEONETWORK_DB_HOST }} + GEONETWORK_DB_PORT=${{ vars.GEONETWORK_DB_PORT }} + GEONETWORK_DB_NAME=${{ vars.GEONETWORK_DB_NAME }} + GEONETWORK_DB_USERNAME=${{ vars.GEONETWORK_DB_USERNAME }} + + INDEXER_HOST=${{ vars.INDEXER_HOST }} + INDEXER_PORT=${{ vars.INDEXER_PORT }} + INDEXER_APIKEY=${{ secrets.INDEXER_APIKEY }} + + - name: Deploy Amazon ECS task definition + uses: aws-actions/amazon-ecs-deploy-task-definition@v1 + id: ecs-deploy + with: + task-definition: ${{ steps.task-def.outputs.task-definition }} + service: ${{ steps.process-parameters.outputs.ECS_SERVICE }} + cluster: ${{ steps.process-parameters.outputs.ECS_CLUSTER }} + wait-for-service-stability: true + + - name: Check if deployment was successful + id: check-deployment + run: | + CURRENT_TASK_DEF_ARN=$(aws ecs describe-services --cluster ${{ steps.process-parameters.outputs.ECS_CLUSTER }} --services ${{ steps.process-parameters.outputs.ECS_SERVICE }} --query services[0].deployments[0].taskDefinition | jq -r ".") + NEW_TASK_DEF_ARN=${{ steps.ecs-deploy.outputs.task-definition-arn }} + REVISION=${GITHUB_SHA::8} + echo "Current task arn: $CURRENT_TASK_DEF_ARN" + echo "New task arn: $NEW_TASK_DEF_ARN" + echo "Latest revision: $REVISION" + if [ "$CURRENT_TASK_DEF_ARN" != "$NEW_TASK_DEF_ARN" ]; then + echo "Deployment failed with latest code revision." + exit 1 + else + echo "Deployment successfull." + fi \ No newline at end of file