Update .gitignore to include generated production API keys file and e… #15
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Deploy to AWS App Runner | |
| on: | |
| workflow_dispatch: # Enable manual trigger | |
| inputs: | |
| environment: | |
| description: 'Deployment environment' | |
| required: false | |
| default: 'production' | |
| type: choice | |
| options: | |
| - production | |
| - staging | |
| push: | |
| branches: [ main ] | |
| paths-ignore: | |
| - 'README.md' | |
| - 'docs/**' | |
| - '*.md' | |
| env: | |
| AWS_REGION: ap-southeast-2 | |
| ECR_REPOSITORY: permit-api | |
| IMAGE_TAG: ${{ github.sha }} | |
| jobs: | |
| deploy: | |
| name: Build and Deploy to App Runner | |
| runs-on: ubuntu-latest | |
| environment: Production | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Configure AWS credentials | |
| uses: aws-actions/configure-aws-credentials@v4 | |
| with: | |
| aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| aws-region: ${{ env.AWS_REGION }} | |
| - name: Login to Amazon ECR | |
| id: login-ecr | |
| uses: aws-actions/amazon-ecr-login@v2 | |
| - name: Create ECR repository if not exists | |
| run: | | |
| aws ecr describe-repositories --repository-names $ECR_REPOSITORY --region $AWS_REGION || \ | |
| aws ecr create-repository --repository-name $ECR_REPOSITORY --region $AWS_REGION | |
| - name: Build, tag, and push image to Amazon ECR | |
| env: | |
| ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }} | |
| run: | | |
| # Build Docker image | |
| docker build -f Dockerfile.apprunner -t $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG . | |
| docker build -f Dockerfile.apprunner -t $ECR_REGISTRY/$ECR_REPOSITORY:latest . | |
| # Push to ECR | |
| docker push $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG | |
| docker push $ECR_REGISTRY/$ECR_REPOSITORY:latest | |
| # Output image URI | |
| echo "image-uri=$ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG" >> $GITHUB_OUTPUT | |
| - name: Deploy to App Runner (if service exists) | |
| env: | |
| ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }} | |
| run: | | |
| # Check if App Runner service exists | |
| SERVICE_ARN=$(aws apprunner list-services --query "ServiceSummaryList[?ServiceName=='permit-api-service'].ServiceArn | [0]" --output text --region $AWS_REGION 2>/dev/null || echo "None") | |
| if [ "$SERVICE_ARN" != "None" ] && [ "$SERVICE_ARN" != "" ] && [ "$SERVICE_ARN" != "null" ]; then | |
| echo "Updating existing App Runner service..." | |
| aws apprunner start-deployment --service-arn $SERVICE_ARN --region $AWS_REGION | |
| echo "Deployment started for service: $SERVICE_ARN" | |
| else | |
| echo "No existing App Runner service found." | |
| echo "Create service manually using image URI: $ECR_REGISTRY/$ECR_REPOSITORY:latest" | |
| fi | |
| - name: Output deployment info | |
| env: | |
| ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }} | |
| run: | | |
| echo "🚀 Deployment completed!" | |
| echo "📦 Docker Image: $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG" | |
| echo "🔗 Use this image URI in App Runner console:" | |
| echo " $ECR_REGISTRY/$ECR_REPOSITORY:latest" | |
| echo "" | |
| echo "📋 Next steps:" | |
| echo "1. Go to AWS App Runner console" | |
| echo "2. Create service with Container Registry source" | |
| echo "3. Use image URI: $ECR_REGISTRY/$ECR_REPOSITORY:latest" |