update

content/11-Your-First-CI-Workflow-Executions/2-Get-The-Prepared-Source-Code/_index.md

@@ -30,4 +30,4 @@ rm -rf ./workshop-2-awsome-books/.git && cp -r ./workshop-2-awsome-books/. . &&
 code .
 ```
 
-Next, let's go through parts that need to review or change for our CI/CD pipeline.
+Next, let's go through parts that need to review or change for your CI/CD pipeline.

content/11-Your-First-CI-Workflow-Executions/3-Review-CI-Workflow/_index.md

@@ -220,13 +220,13 @@ This GitHub Actions workflow is designed to perform CI jobs when specific events
 
 **pull_request:** triggers the workflow for pull requests targeting the *main* branch, specifically when they are *opened*, *synchronized*, or *reopened*. It ignores changes to documentation and certain configuration files.
 
-**merge_group:** triggers the workflow when merge groups are created on the main branch.
+**merge_group:** triggers the workflow when *merge group*s are created on the *main* branch (explore more about *merge group* in [13. Experiments With GitHub Actions Merge Group](13-experiments-with-gitHub-actions-merge-group)).
 
 **workflow_dispatch:** allows the workflow to be manually started for debugging without inputs.
   
 #### Concurrency
 
-Ensures that only one instance of the workflow runs for a specific pull request at a time, canceling any in-progress runs if a new one starts for that pull request.
+Ensures that only one instance of the workflow runs for a specific pull request at a time, canceling any in-progress runs if a new one starts for that pull request (explore more about *concurrency group* in [14. Experiments With GitHub Actions Concurrency Group](14-experiments-with-gitHub-actions-concurrency-group)).
   
 #### Jobs
 

content/11-Your-First-CI-Workflow-Executions/4-Review-Update-Dependency-Cache-Workflow/_index.md

@@ -61,13 +61,14 @@ jobs:
 This GitHub Actions workflow is designed to update the dependency cache for a project, specifically for Java Gradle-based projects. Let's take a high-level look at key components of the workflow.
 
 #### Events
-**push**: triggers the workflow when the merge group for a given pull request is successful and the PR is actually merged into the *main* branch.
+**push**: triggers the workflow when the *merge group* for a given pull request is successful and the PR is actually merged into the *main* branch.
 
 **workflow_dispatch:** allows the workflow to be manually started for debugging without inputs.
 
 #### Concurrency
 
-Ensures that only one instance of the workflow runs for a specific branch at a time, canceling any in-progress runs if a new one starts.
+Ensures that only one instance of the workflow runs for a specific branch at a time, canceling any in-progress runs if a new one starts (explore more about *concurrency group* in [14. Experiments With GitHub Actions Concurrency Group](14-experiments-with-gitHub-actions-concurrency-group)).
+  
 
 #### Job
 

content/11-Your-First-CI-Workflow-Executions/5-Review-Reusable-Workflows/_index.md

@@ -6,17 +6,17 @@ chapter : false
 pre : " <b> 11.5 </b> "
 ---
 
-As mentioned in the High-Level Design section, there are several reusable jobs in the Release and Rollback workflows.
+Both the Release and Rollback workflows leverage reusable jobs for efficiency:
+
+- The *Validate version format* job is ideal for reuse in both workflows to ensure consistency when handling version inputs.
+- The *Release* and *Rollback* jobs, which interact with AWS ECS and AWS CodeDeploy for deploying and rolling back project versions, can be streamlined into a reusable component through the Deploy workflow.
+
 
 ![0001](/images/11/5/0001.svg?featherlight=false&width=100pc)
 
 ![0002](/images/11/5/0002.svg?featherlight=false&width=100pc)
 
-- **Validate version format** job can be reused in both workflows to check [semantic versioning](https://semver.org/) of the project.
-- A **Release** job (in the Release workflow) and a **Rollback** job (in the Rollback process) can be combined to create a reusable job.
-
-
-You now explore the reusable workflows.
+<!-- You now explore the reusable workflows.
 
 #### "Validate format of semantic version" Workflow
 
@@ -57,4 +57,4 @@ jobs:
           ${{ steps.scripts.outputs.path }}/validate-version-format.sh ${{ inputs.version }}
 ```
 
-#### "Deploy" Workflow
+#### "Deploy" Workflow -->

content/11-Your-First-CI-Workflow-Executions/6-Review-Release-Workflow/_index.md

@@ -117,15 +117,16 @@ jobs:
 This GitHub Actions workflow is designed to perform release tasks when specific events occur on the repository. Let's take a high-level look at key components of the workflow.
 
 #### Events
-- **push**: triggered when a push event happens on any tag matching the pattern v*.*.* (typically indicating semantic versioning tags like v1.0.0)
+- **push**: triggered when a push event happens on any tag matching the specific pattern (typically indicating semantic versioning tags like v1.0.0)
 
 #### Concurrency
 
-Ensures that only one instance of this workflow runs for a given tag at a time, identified by the workflow name and reference. You might not want to run multiple releases in at the same time.
+Ensures that only one instance of this workflow runs for a given tag at a time, identified by the workflow name and reference. You might not want to run multiple releases in at the same time (explore more about *concurrency group* in [14. Experiments With GitHub Actions Concurrency Group](14-experiments-with-gitHub-actions-concurrency-group)).
+  
 
 #### Jobs
 **validate-version-format**:
-- This job reuses jobs or steps defined in the workflow **.github/workflows/wc-validate-version-format.yml**
+- This job reuses jobs or steps defined in the workflow **.github/workflows/wc-validate-version-format.yml**.
 - Validates the format of the version tag to ensure it follows semantic versioning.
 
 **build-image**
@@ -143,4 +144,8 @@ Ensures that only one instance of this workflow runs for a given tag at a time,
   - Download the image artifact built in job **build-image**.
   - Load the Docker image to Docker engine.
   - Perform image vulnerability scanning.
-  - Upload the vulnerability report for review later if the scanning are not canceled.
+  - Upload the vulnerability report for review later if the scanning are not canceled.
+
+**release**
+- This job reuses jobs or steps defined in the workflow **./.github/workflows/wc-deploy.yml**.
+- It essentially automates the release of an ECS service using AWS resources defined in the workflow.

content/11-Your-First-CI-Workflow-Executions/7-Review-Rollback-Workflow/_index.md

@@ -4,4 +4,111 @@ date : "`r Sys.Date()`"
 weight : 7
 chapter : false
 pre : " <b> 11.7 </b> "
----
+---
+
+You now explore the Rollback workflow.
+
+![0001](/images/11/7/0001.svg?featherlight=false&width=100pc)
+
+Check out *.github/workflows/rollback.yml* file.
+
+```yml
+name: Rollback
+
+on:
+  # Allow manual rollback
+  workflow_dispatch:
+    inputs:
+      version:
+        description: Specify the semantic version to rollback to, in the format "v*.*.*" (e.g., "v0.0.1")
+        type: string
+        required: true
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+
+permissions:
+  id-token: write
+  contents: read
+
+jobs:
+  validate-version-format:
+    name: Validate semantic version format
+    uses: ./.github/workflows/wc-validate-version-format.yml
+    with:
+      version: ${{ inputs.version }}
+
+  check-version-exists:
+    name: Check semantic version exists on AWS ECR repository
+    needs: [validate-version-format]
+    runs-on: ubuntu-latest
+    env:
+      ECR_REPOSITORY: ${{ vars.PROJECT }}
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+        with:
+          sparse-checkout: |
+            .github
+          sparse-checkout-cone-mode: false
+
+      - name: Set permissions to run scripts
+        run: chmod +x -R ./.github/scripts
+
+      - name: Configure AWS Credentials
+        uses: aws-actions/configure-aws-credentials@v4
+        with:
+          aws-region: ${{ vars.AWS_REGION }}
+          role-to-assume: ${{ vars.ROLE_TO_ASSUME }}
+
+      - name: Login to Amazon ECR
+        id: login-ecr
+        uses: aws-actions/amazon-ecr-login@v2
+
+      - name: Check version ${{ inputs.version }} existed in AWS ECR repository ${{ env.ECR_REPOSITORY }}
+        run: ./.github/scripts/check-version-exists.sh ${{ env.ECR_REPOSITORY }} ${{ inputs.version }}
+
+  rollback:
+    name: Rollback
+    needs: [check-version-exists]
+    uses: ./.github/workflows/wc-deploy.yml
+    with:
+      rollback: true
+      aws-region: ${{ vars.AWS_REGION }}
+      role-to-assume: ${{ vars.ROLE_TO_ASSUME }}
+      ecr-repository: ${{ vars.PROJECT }}
+      image-tag: ${{ inputs.version }}
+      task-definition: ${{ vars.PROJECT }}
+      container-name: ${{ vars.PROJECT }}
+      ecs-cluster: ${{ vars.ECS_CLUSTER }}
+      ecs-service: ${{ vars.PROJECT }}
+      codedeploy-application: ${{ vars.CODEDEPLOY_APPLICATION }}
+      codedeploy-application-group: ${{ vars.CODEDEPLOY_APPLICATION_GROUP }}
+```
+
+This GitHub Actions workflow automates the rollback of an ECS deployment to a specified version using AWS services. Let's take a high-level look at key components of the workflow.
+
+#### Events
+- **workflow_dispatch**: this enables manual triggering of the workflow through the GitHub UI. It accepts an input parameter *version*. The user might provide the semantic version (e.g., v1.0.0) they want to rollback to. This is required for the Rollback workflow.
+
+#### Concurrency
+
+Ensures that only one instance of this workflow runs for a given branch at a time, identified by the workflow name and reference. You might not want to run multiple rollbacks in at the same time (explore more about *concurrency group* in [14. Experiments With GitHub Actions Concurrency Group](14-experiments-with-gitHub-actions-concurrency-group)).
+
+#### Jobs
+**validate-version-format**:
+- This job reuses jobs or steps defined in the workflow **.github/workflows/wc-validate-version-format.yml**
+- Validates the format of the version tag to ensure it follows semantic versioning.
+
+**check-version-exists**
+- Check semantic version exists on AWS ECR repository.
+- Steps:
+  - Checkout the code.
+  - Configure AWS Credentials
+  - Login to Amazon ECR
+  - Use the AWS CLI to verify if the specified version exists.
+
+**rollback**
+
+- This job reuses jobs or steps defined in the workflow **./.github/workflows/wc-deploy.yml**.
+- It essentially automates the rollback of an ECS service using AWS resources defined in the workflow.