Skip to content

Commit 9ddbb55

Browse files
nolan1999nolan1999
authored
Refactor deployment + change AWS account (#29)
1 parent 9d96a96 commit 9ddbb55

8 files changed

Lines changed: 231 additions & 164 deletions

File tree

.github/workflows/publish-version-ecr.yaml

Lines changed: 117 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,117 @@
1+
name: Publish version to AWS ECR
2+
3+
on:
4+
workflow_dispatch: # manual trigger to publish prod/dev version
5+
workflow_run: # trigger on GH version to publish prod version
6+
workflows: ["Publish version to GitHub"]
7+
types:
8+
- completed
9+
branches:
10+
- main
11+
12+
jobs:
13+
build-and-push:
14+
name: Build and push Docker image
15+
runs-on: ubuntu-latest
16+
17+
steps:
18+
- name: Checkout code
19+
uses: actions/checkout@v3
20+
with:
21+
fetch-depth: 0
22+
23+
- name: Set version
24+
id: set-version
25+
run: |
26+
if [ "${{ github.event_name }}" == "workflow_run" ]; then
27+
POETRY_VERSION=$(grep -E '^requires-poetry = ' pyproject.toml | sed -E 's/requires-poetry = "(.*)"/\1/')
28+
pip install poetry==$POETRY_VERSION
29+
PROD=true
30+
VERSION=$(poetry version -s)
31+
REF=refs/tags/$VERSION
32+
else
33+
REF=$GITHUB_REF
34+
if [[ "$GITHUB_REF" == refs/tags/* ]]; then
35+
PROD=true
36+
VERSION=${GITHUB_REF#refs/tags/}
37+
else
38+
PROD=false
39+
VERSION=dev-${GITHUB_REF#refs/heads/}-${GITHUB_SHA::7}
40+
fi
41+
fi
42+
echo "PROD=$PROD" >> $GITHUB_OUTPUT
43+
echo "VERSION=$VERSION" >> $GITHUB_OUTPUT
44+
echo "REF=$REF" >> $GITHUB_OUTPUT
45+
46+
# on main, we do not want necessarily the latest commit, but the one that was tagged
47+
- name: Checkout code
48+
uses: actions/checkout@v3
49+
with:
50+
ref: ${{ steps.set-version.outputs.REF }}
51+
fetch-depth: 0
52+
53+
- name: Get Python version
54+
id: get-python-version
55+
run: |
56+
pip install toml
57+
PYTHON_VERSION=$(python -c 'import scripts.vars; scripts.vars.get_python_version()')
58+
echo "PYTHON_VERSION=$PYTHON_VERSION" >> $GITHUB_OUTPUT
59+
60+
- name: Configure AWS credentials
61+
uses: aws-actions/configure-aws-credentials@v2
62+
with:
63+
aws-access-key-id: ${{ secrets.ECR_AWS_ACCESS_KEY_ID }}
64+
aws-secret-access-key: ${{ secrets.ECR_AWS_SECRET_ACCESS_KEY }}
65+
aws-region: us-east-1 # required for Public ECR
66+
67+
- name: Login to AWS Public ECR
68+
uses: aws-actions/amazon-ecr-login@v1
69+
with:
70+
registry-type: public
71+
72+
- name: Build and push Docker image
73+
id: build-and-push
74+
env:
75+
VERSION: ${{ steps.set-version.outputs.VERSION }}
76+
PROD: ${{ steps.set-version.outputs.PROD }}
77+
ECR_REGISTRY: public.ecr.aws/w2b7b8c0
78+
ECR_REPOSITORY: decode-cloud/user-api
79+
PYTHON_VERSION: ${{ steps.get-python-version.outputs.PYTHON_VERSION }}
80+
run: |
81+
IMAGE_REF=$ECR_REGISTRY/$ECR_REPOSITORY:$VERSION
82+
echo "IMAGE_REF=$IMAGE_REF" >> $GITHUB_OUTPUT
83+
if docker manifest inspect $IMAGE_REF > /dev/null 2>&1; then
84+
NEW_IMAGE=false
85+
echo "Image $IMAGE_REF already exists, nothing pushed" >> $GITHUB_STEP_SUMMARY
86+
else
87+
NEW_IMAGE=true
88+
docker build --build-arg PYTHON_VERSION=$PYTHON_VERSION -t $IMAGE_REF .
89+
docker push $IMAGE_REF
90+
echo "## 🚀 Published Docker Image: $IMAGE_REF" >> $GITHUB_STEP_SUMMARY
91+
if [[ $PROD == "true" ]]; then
92+
SET_LATEST=true
93+
LATEST_EXISTS=$(docker manifest inspect $ECR_REGISTRY/$ECR_REPOSITORY:latest > /dev/null 2>&1 && echo "true" || echo "false")
94+
if [[ $LATEST_EXISTS == "true" ]]; then
95+
LATEST_LABELS=$(docker manifest inspect $ECR_REGISTRY/$ECR_REPOSITORY:latest | grep -o '"org.opencontainers.image.version":"[^"]*"' | cut -d'"' -f4 || echo "")
96+
if printf '%s\n%s\n' "$LATEST_LABELS" "$VERSION" | sort -V | head -n1 | grep -q "^$VERSION$"; then
97+
SET_LATEST=false
98+
fi
99+
fi
100+
if [[ $SET_LATEST == "true" ]]; then
101+
docker tag $IMAGE_REF $ECR_REGISTRY/$ECR_REPOSITORY:latest
102+
docker push $ECR_REGISTRY/$ECR_REPOSITORY:latest
103+
echo "Also tagged as: \`$ECR_REGISTRY/$ECR_REPOSITORY:latest\`" >> $GITHUB_STEP_SUMMARY
104+
fi
105+
fi
106+
fi
107+
echo "NEW_IMAGE=$NEW_IMAGE" >> $GITHUB_OUTPUT
108+
109+
- name: Add to GH release
110+
if: steps.build-and-push.outputs.NEW_IMAGE == 'true' && steps.set-version.outputs.PROD == 'true'
111+
uses: tubone24/update_release@v1.0
112+
env:
113+
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
114+
TAG_NAME: ${{ steps.set-version.outputs.VERSION }}
115+
with:
116+
body: "**Published image (AWS ECR Public):** `${{ steps.build-and-push.outputs.IMAGE_REF }}`"
117+
is_append_body: true

.github/workflows/publish-version-gh.yaml

Lines changed: 56 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,56 @@
1+
name: Publish version to GitHub
2+
3+
on:
4+
push:
5+
branches:
6+
- main
7+
8+
jobs:
9+
create-version:
10+
name: Create GH version and tag
11+
runs-on: ubuntu-latest
12+
13+
steps:
14+
- name: Checkout code
15+
uses: actions/checkout@v3
16+
with:
17+
fetch-depth: 0
18+
19+
- name: Set version
20+
id: set-version
21+
run: |
22+
POETRY_VERSION=$(grep -E '^requires-poetry = ' pyproject.toml | sed -E 's/requires-poetry = "(.*)"/\1/')
23+
pip install poetry==$POETRY_VERSION
24+
VERSION=$(poetry version -s)
25+
echo "VERSION=$VERSION" >> $GITHUB_OUTPUT
26+
27+
- name: Check if release exists
28+
id: check-release
29+
env:
30+
VERSION: ${{ steps.set-version.outputs.VERSION }}
31+
run: |
32+
git fetch --tags
33+
if [ -n "$(git tag -l "$VERSION")" ]; then
34+
echo "## ⚠️ Tag $VERSION already exists in git. Skipping publish." >> $GITHUB_STEP_SUMMARY
35+
echo "skip_publish=true" >> $GITHUB_OUTPUT
36+
else
37+
echo "skip_publish=false" >> $GITHUB_OUTPUT
38+
fi
39+
40+
- name: Create and push annotated git tag
41+
if: steps.check-release.outputs.skip_publish != 'true'
42+
env:
43+
VERSION: ${{ steps.set-version.outputs.VERSION }}
44+
run: |
45+
git config user.name "github-actions"
46+
git config user.email "github-actions@github.com"
47+
git tag -a "$VERSION" -m "Release $VERSION"
48+
git push origin "$VERSION"
49+
50+
- name: Create GitHub release
51+
if: steps.check-release.outputs.skip_publish != 'true'
52+
uses: softprops/action-gh-release@v1
53+
with:
54+
tag_name: ${{ steps.set-version.outputs.VERSION }}
55+
name: Release ${{ steps.set-version.outputs.VERSION }}
56+
generate_release_notes: true

.github/workflows/publish-version.yaml

Lines changed: 0 additions & 137 deletions
This file was deleted.

README.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -135,7 +135,7 @@ decode:
135135
- "--log_path=/files/log"
136136
env: []
137137
handler:
138-
image_url: "public.ecr.aws/g0e9g3b1/decode:v0_10_1"
138+
image_url: "public.ecr.aws/w2b7b8c0/decode:v0_10_1"
139139
files_down:
140140
config_id: config
141141
data_ids: data

application_config.yaml

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -11,7 +11,7 @@ decode:
1111
- "--log_path=/files/log"
1212
env: []
1313
handler:
14-
image_url: "public.ecr.aws/g0e9g3b1/decode:v0_10_1"
14+
image_url: "public.ecr.aws/w2b7b8c0/decode:v0_10_1"
1515
files_down:
1616
config_id: config
1717
data_ids: data
@@ -37,7 +37,7 @@ decode:
3737
- "--emitter_path=/files/output/emitter.h5"
3838
env: []
3939
handler:
40-
image_url: "public.ecr.aws/g0e9g3b1/decode:v0_10_1"
40+
image_url: "public.ecr.aws/w2b7b8c0/decode:v0_10_1"
4141
files_down:
4242
config_id: config
4343
data_ids: data
@@ -66,7 +66,7 @@ decode:
6666
- "Paths.trafo=$(find /files/data -name '*_trafo.mat' | head -n 1 | grep . || echo null)"
6767
env: []
6868
handler:
69-
image_url: "public.ecr.aws/g0e9g3b1/decode:latest"
69+
image_url: "public.ecr.aws/w2b7b8c0/decode:latest"
7070
files_down:
7171
config_id: config_tmp
7272
data_ids: data
@@ -94,7 +94,7 @@ comet:
9494
- " > /files/log/log.log"
9595
env: []
9696
handler:
97-
image_url: "public.ecr.aws/g0e9g3b1/comet:latest"
97+
image_url: "public.ecr.aws/w2b7b8c0/comet:latest"
9898
files_down:
9999
config_id: config
100100
data_ids: data

0 commit comments

Comments
 (0)