Add CAMPD integration with new endpoint and client for emissions and … #32
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Deploy to AWS App Runner | |
| on: | |
| workflow_dispatch: # Enable manual trigger | |
| inputs: | |
| environment: | |
| description: 'Deployment environment' | |
| required: true | |
| default: 'Production' | |
| type: choice | |
| options: | |
| - Production | |
| - staging | |
| push: | |
| branches: [ main ] | |
| paths-ignore: | |
| - 'README.md' | |
| - 'docs/**' | |
| - '*.md' | |
| env: | |
| AWS_REGION: ap-southeast-2 | |
| ECR_REPOSITORY: permit-api | |
| APP_RUNNER_SERVICE_NAME: permit-api-service | |
| IMAGE_TAG: ${{ github.sha }} | |
| PYTHON_VERSION: '3.11' # Menentukan versi Python | |
| jobs: | |
| build-test-deploy: # Mengubah nama job agar lebih deskriptif | |
| name: Build, Test, and Deploy to App Runner | |
| runs-on: ubuntu-latest | |
| # Menentukan environment yang akan digunakan, ini memungkinkan akses ke environment secrets | |
| environment: ${{ github.event.inputs.environment || 'Production' }} | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| # --- Testing & Caching --- | |
| - name: Set up Python ${{ env.PYTHON_VERSION }} | |
| uses: actions/setup-python@v4 | |
| with: | |
| python-version: ${{ env.PYTHON_VERSION }} | |
| - name: Cache pip dependencies | |
| uses: actions/cache@v3 | |
| with: | |
| path: ~/.cache/pip | |
| key: ${{ runner.os }}-pip-${{ hashFiles('**/requirements.txt') }} | |
| restore-keys: | | |
| ${{ runner.os }}-pip- | |
| - name: Install Python dependencies | |
| run: | | |
| python -m pip install --upgrade pip | |
| pip install -r requirements.txt | |
| pip install pytest | |
| - name: Debug API Key | |
| run: | | |
| KEY_VALUE="${{ secrets.TEST_API_KEY }}" | |
| echo "API Key Length: ${#KEY_VALUE}" | |
| echo "API Key First 5 Chars: ${KEY_VALUE:0:5}" | |
| echo "API Key Last 5 Chars: ${KEY_VALUE: -5}" | |
| - name: Run tests with pytest | |
| # PERBAIKAN: Menambahkan secret API_KEYS agar server Flask bisa memvalidasi kunci | |
| env: | |
| TEST_API_KEY: ${{ secrets.TEST_API_KEY }} # Untuk dikirim oleh skrip tes | |
| API_KEYS: ${{ secrets.API_KEYS }} # Untuk divalidasi oleh server | |
| run: pytest | |
| # --- Langkah Deployment --- | |
| - name: Configure AWS credentials | |
| uses: aws-actions/configure-aws-credentials@v4 | |
| with: | |
| aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| aws-region: ${{ env.AWS_REGION }} | |
| - name: Login to Amazon ECR | |
| id: login-ecr | |
| uses: aws-actions/amazon-ecr-login@v2 | |
| - name: Create ECR repository if not exists | |
| run: | | |
| aws ecr describe-repositories --repository-names $ECR_REPOSITORY --region $AWS_REGION || \ | |
| aws ecr create-repository --repository-name $ECR_REPOSITORY --region $AWS_REGION | |
| - name: Build, tag, and push image to Amazon ECR | |
| id: build-image | |
| env: | |
| ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }} | |
| run: | | |
| docker build -f Dockerfile.apprunner -t $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG . | |
| docker build -f Dockerfile.apprunner -t $ECR_REGISTRY/$ECR_REPOSITORY:latest . | |
| docker push $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG | |
| docker push $ECR_REGISTRY/$ECR_REPOSITORY:latest | |
| echo "image_uri=$ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG" >> $GITHUB_OUTPUT | |
| - name: Deploy to App Runner and wait | |
| run: | | |
| SERVICE_ARN=$(aws apprunner list-services --query "ServiceSummaryList[?ServiceName=='${{ env.APP_RUNNER_SERVICE_NAME }}'].ServiceArn | [0]" --output text) | |
| if [ -n "$SERVICE_ARN" ] && [ "$SERVICE_ARN" != "None" ]; then | |
| echo "Updating existing App Runner service: $SERVICE_ARN" | |
| aws apprunner start-deployment --service-arn $SERVICE_ARN | |
| echo "Waiting for deployment to complete..." | |
| while true; do | |
| STATUS=$(aws apprunner list-operations --service-arn $SERVICE_ARN --max-results 1 --query "OperationSummaryList[0].Status" --output text) | |
| if [ "$STATUS" == "SUCCEEDED" ]; then | |
| echo "✅ Deployment Succeeded!" | |
| break | |
| elif [ "$STATUS" == "FAILED" ]; then | |
| echo "❌ Deployment Failed!" | |
| exit 1 | |
| elif [ "$STATUS" == "IN_PROGRESS" ]; then | |
| echo "Deployment is in progress... waiting 30 seconds." | |
| sleep 30 | |
| else | |
| echo "Current operation status: $STATUS. Waiting..." | |
| sleep 30 | |
| fi | |
| done | |
| else | |
| echo "Service '${{ env.APP_RUNNER_SERVICE_NAME }}' not found. Please create it manually." | |
| echo "Use Image URI: ${{ steps.build-image.outputs.image_uri }}" | |
| exit 1 | |
| fi | |
| # --- Notifikasi Telegram --- | |
| notify: | |
| name: Send Telegram Notification | |
| runs-on: ubuntu-latest | |
| if: always() # Selalu berjalan, baik job sebelumnya sukses maupun gagal | |
| needs: [build-test-deploy] # Bergantung pada job sebelumnya | |
| # Menggunakan environment yang sama untuk mengakses secrets Telegram | |
| environment: ${{ github.event.inputs.environment || 'Production' }} | |
| steps: | |
| - name: Send Telegram message on success or failure | |
| uses: appleboy/telegram-action@master | |
| with: | |
| # Pastikan Anda mengatur secrets ini di Settings > Environments | |
| to: ${{ secrets.TELEGRAM_CHAT_ID }} | |
| token: ${{ secrets.TELEGRAM_TOKEN }} | |
| message: | | |
| *Deployment Status: ${{ needs.build-test-deploy.result == 'success' && '✅ Success' || '❌ Failure' }}* | |
| Repository: `${{ github.repository }}` | |
| Branch: `${{ github.ref_name }}` | |
| Commit: `${{ github.sha }}` | |
| Triggered by: `${{ github.actor }}` | |
| See details here: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} | |
| format: markdown |