Trigger workflow after adding ECR_REPO secret now #8
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI-CD to EKS | |
| on: | |
| push: | |
| branches: | |
| - main | |
| workflow_dispatch: | |
| jobs: | |
| deploy: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout source code | |
| uses: actions/checkout@v4 | |
| - name: Configure AWS credentials | |
| uses: aws-actions/configure-aws-credentials@v4 | |
| with: | |
| aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| aws-region: ${{ secrets.AWS_REGION }} | |
| - name: Login to Amazon ECR | |
| id: login-ecr | |
| uses: aws-actions/amazon-ecr-login@v2 | |
| - name: Debug ECR variables | |
| run: | | |
| echo "Registry: ${{ steps.login-ecr.outputs.registry }}" | |
| echo "Repo: ${{ secrets.ECR_REPO }}" | |
| echo "Full image tag will be: ${{ steps.login-ecr.outputs.registry }}/${{ secrets.ECR_REPO }}:latest" | |
| - name: Validate ECR variables | |
| run: | | |
| echo "Registry: '${{ steps.login-ecr.outputs.registry }}'" | |
| echo "ECR Repository: '${{ secrets.ECR_REPO }}'" | |
| if [ -z "${{ steps.login-ecr.outputs.registry }}" ]; then | |
| echo "ERROR: login-ecr did not return a registry. Check AWS credentials." | |
| exit 1 | |
| fi | |
| if [ -z "${{ secrets.ECR_REPO }}" ]; then | |
| echo "ERROR: secrets.ECR_REPO is not defined. Add it under repository secrets." | |
| exit 1 | |
| fi | |
| - name: Ensure ECR repository exists | |
| run: | | |
| aws ecr describe-repositories --repository-names "${{ secrets.ECR_REPO }}" --region "${{ secrets.AWS_REGION }}" >/dev/null 2>&1 || \ | |
| aws ecr create-repository --repository-name "${{ secrets.ECR_REPO }}" --region "${{ secrets.AWS_REGION }}" | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Build and push Docker image | |
| uses: docker/build-push-action@v5 | |
| with: | |
| context: . | |
| platforms: linux/amd64 | |
| push: true | |
| tags: | | |
| ${{ steps.login-ecr.outputs.registry }}/${{ secrets.ECR_REPO }}:latest | |
| ${{ steps.login-ecr.outputs.registry }}/${{ secrets.ECR_REPO }}:${{ github.sha }} | |
| - name: Update kubeconfig for EKS | |
| shell: bash | |
| run: | | |
| set -e | |
| aws eks update-kubeconfig \ | |
| --name "${{ secrets.EKS_CLUSTER }}" \ | |
| --region "${{ secrets.AWS_REGION }}" | |
| - name: Update deployment with new image | |
| run: kubectl set image deployment/fastapi fastapi=${{ steps.login-ecr.outputs.registry }}/${{ secrets.ECR_REPO }}:${{ github.sha }} -n fastapi | |
| - name: Restart deployment | |
| run: kubectl rollout restart deployment/fastapi -n fastapi | |
| - name: Wait for deployment to complete | |
| run: kubectl rollout status deployment/fastapi -n fastapi --timeout=5m | |
| - name: Verify deployment | |
| run: kubectl get pods -n fastapi -l app=fastapi |