diff --git a/content/11-Your-First-CI-Workflow-Executions/2-Get-The-Prepared-Source-Code/_index.md b/content/11-Your-First-CI-Workflow-Executions/2-Get-The-Prepared-Source-Code/_index.md
index 366341f..7cf27ac 100644
--- a/content/11-Your-First-CI-Workflow-Executions/2-Get-The-Prepared-Source-Code/_index.md
+++ b/content/11-Your-First-CI-Workflow-Executions/2-Get-The-Prepared-Source-Code/_index.md
@@ -30,4 +30,4 @@ rm -rf ./workshop-2-awsome-books/.git && cp -r ./workshop-2-awsome-books/. . &&
code .
```
-Next, let's go through parts that need to review or change for our CI/CD pipeline.
\ No newline at end of file
+Next, let's go through parts that need to review or change for your CI/CD pipeline.
\ No newline at end of file
diff --git a/content/11-Your-First-CI-Workflow-Executions/3-Review-CI-Workflow/_index.md b/content/11-Your-First-CI-Workflow-Executions/3-Review-CI-Workflow/_index.md
index 4368efd..b296c1e 100644
--- a/content/11-Your-First-CI-Workflow-Executions/3-Review-CI-Workflow/_index.md
+++ b/content/11-Your-First-CI-Workflow-Executions/3-Review-CI-Workflow/_index.md
@@ -220,13 +220,13 @@ This GitHub Actions workflow is designed to perform CI jobs when specific events
**pull_request:** triggers the workflow for pull requests targeting the *main* branch, specifically when they are *opened*, *synchronized*, or *reopened*. It ignores changes to documentation and certain configuration files.
-**merge_group:** triggers the workflow when merge groups are created on the main branch.
+**merge_group:** triggers the workflow when *merge group*s are created on the *main* branch (explore more about *merge group* in [13. Experiments With GitHub Actions Merge Group](13-experiments-with-gitHub-actions-merge-group)).
**workflow_dispatch:** allows the workflow to be manually started for debugging without inputs.
#### Concurrency
-Ensures that only one instance of the workflow runs for a specific pull request at a time, canceling any in-progress runs if a new one starts for that pull request.
+Ensures that only one instance of the workflow runs for a specific pull request at a time, canceling any in-progress runs if a new one starts for that pull request (explore more about *concurrency group* in [14. Experiments With GitHub Actions Concurrency Group](14-experiments-with-gitHub-actions-concurrency-group)).
#### Jobs
diff --git a/content/11-Your-First-CI-Workflow-Executions/4-Review-Update-Dependency-Cache-Workflow/_index.md b/content/11-Your-First-CI-Workflow-Executions/4-Review-Update-Dependency-Cache-Workflow/_index.md
index f4be4c3..3a315e8 100644
--- a/content/11-Your-First-CI-Workflow-Executions/4-Review-Update-Dependency-Cache-Workflow/_index.md
+++ b/content/11-Your-First-CI-Workflow-Executions/4-Review-Update-Dependency-Cache-Workflow/_index.md
@@ -61,13 +61,14 @@ jobs:
This GitHub Actions workflow is designed to update the dependency cache for a project, specifically for Java Gradle-based projects. Let's take a high-level look at key components of the workflow.
#### Events
-**push**: triggers the workflow when the merge group for a given pull request is successful and the PR is actually merged into the *main* branch.
+**push**: triggers the workflow when the *merge group* for a given pull request is successful and the PR is actually merged into the *main* branch.
**workflow_dispatch:** allows the workflow to be manually started for debugging without inputs.
#### Concurrency
-Ensures that only one instance of the workflow runs for a specific branch at a time, canceling any in-progress runs if a new one starts.
+Ensures that only one instance of the workflow runs for a specific branch at a time, canceling any in-progress runs if a new one starts (explore more about *concurrency group* in [14. Experiments With GitHub Actions Concurrency Group](14-experiments-with-gitHub-actions-concurrency-group)).
+
#### Job
diff --git a/content/11-Your-First-CI-Workflow-Executions/5-Review-Reusable-Workflows/_index.md b/content/11-Your-First-CI-Workflow-Executions/5-Review-Reusable-Workflows/_index.md
index 078bacc..724d952 100644
--- a/content/11-Your-First-CI-Workflow-Executions/5-Review-Reusable-Workflows/_index.md
+++ b/content/11-Your-First-CI-Workflow-Executions/5-Review-Reusable-Workflows/_index.md
@@ -6,17 +6,17 @@ chapter : false
pre : " 11.5 "
---
-As mentioned in the High-Level Design section, there are several reusable jobs in the Release and Rollback workflows.
+Both the Release and Rollback workflows leverage reusable jobs for efficiency:
+
+- The *Validate version format* job is ideal for reuse in both workflows to ensure consistency when handling version inputs.
+- The *Release* and *Rollback* jobs, which interact with AWS ECS and AWS CodeDeploy for deploying and rolling back project versions, can be streamlined into a reusable component through the Deploy workflow.
+
![0001](/images/11/5/0001.svg?featherlight=false&width=100pc)
![0002](/images/11/5/0002.svg?featherlight=false&width=100pc)
-- **Validate version format** job can be reused in both workflows to check [semantic versioning](https://semver.org/) of the project.
-- A **Release** job (in the Release workflow) and a **Rollback** job (in the Rollback process) can be combined to create a reusable job.
-
-
-You now explore the reusable workflows.
+
\ No newline at end of file
diff --git a/content/11-Your-First-CI-Workflow-Executions/6-Review-Release-Workflow/_index.md b/content/11-Your-First-CI-Workflow-Executions/6-Review-Release-Workflow/_index.md
index b1755cd..da493df 100644
--- a/content/11-Your-First-CI-Workflow-Executions/6-Review-Release-Workflow/_index.md
+++ b/content/11-Your-First-CI-Workflow-Executions/6-Review-Release-Workflow/_index.md
@@ -117,15 +117,16 @@ jobs:
This GitHub Actions workflow is designed to perform release tasks when specific events occur on the repository. Let's take a high-level look at key components of the workflow.
#### Events
-- **push**: triggered when a push event happens on any tag matching the pattern v*.*.* (typically indicating semantic versioning tags like v1.0.0)
+- **push**: triggered when a push event happens on any tag matching the specific pattern (typically indicating semantic versioning tags like v1.0.0)
#### Concurrency
-Ensures that only one instance of this workflow runs for a given tag at a time, identified by the workflow name and reference. You might not want to run multiple releases in at the same time.
+Ensures that only one instance of this workflow runs for a given tag at a time, identified by the workflow name and reference. You might not want to run multiple releases in at the same time (explore more about *concurrency group* in [14. Experiments With GitHub Actions Concurrency Group](14-experiments-with-gitHub-actions-concurrency-group)).
+
#### Jobs
**validate-version-format**:
-- This job reuses jobs or steps defined in the workflow **.github/workflows/wc-validate-version-format.yml**
+- This job reuses jobs or steps defined in the workflow **.github/workflows/wc-validate-version-format.yml**.
- Validates the format of the version tag to ensure it follows semantic versioning.
**build-image**
@@ -143,4 +144,8 @@ Ensures that only one instance of this workflow runs for a given tag at a time,
- Download the image artifact built in job **build-image**.
- Load the Docker image to Docker engine.
- Perform image vulnerability scanning.
- - Upload the vulnerability report for review later if the scanning are not canceled.
\ No newline at end of file
+ - Upload the vulnerability report for review later if the scanning are not canceled.
+
+**release**
+- This job reuses jobs or steps defined in the workflow **./.github/workflows/wc-deploy.yml**.
+- It essentially automates the release of an ECS service using AWS resources defined in the workflow.
\ No newline at end of file
diff --git a/content/11-Your-First-CI-Workflow-Executions/7-Review-Rollback-Workflow/_index.md b/content/11-Your-First-CI-Workflow-Executions/7-Review-Rollback-Workflow/_index.md
index 5714c79..37e8f7e 100644
--- a/content/11-Your-First-CI-Workflow-Executions/7-Review-Rollback-Workflow/_index.md
+++ b/content/11-Your-First-CI-Workflow-Executions/7-Review-Rollback-Workflow/_index.md
@@ -4,4 +4,111 @@ date : "`r Sys.Date()`"
weight : 7
chapter : false
pre : " 11.7 "
----
\ No newline at end of file
+---
+
+You now explore the Rollback workflow.
+
+![0001](/images/11/7/0001.svg?featherlight=false&width=100pc)
+
+Check out *.github/workflows/rollback.yml* file.
+
+```yml
+name: Rollback
+
+on:
+ # Allow manual rollback
+ workflow_dispatch:
+ inputs:
+ version:
+ description: Specify the semantic version to rollback to, in the format "v*.*.*" (e.g., "v0.0.1")
+ type: string
+ required: true
+
+concurrency:
+ group: ${{ github.workflow }}-${{ github.ref }}
+
+permissions:
+ id-token: write
+ contents: read
+
+jobs:
+ validate-version-format:
+ name: Validate semantic version format
+ uses: ./.github/workflows/wc-validate-version-format.yml
+ with:
+ version: ${{ inputs.version }}
+
+ check-version-exists:
+ name: Check semantic version exists on AWS ECR repository
+ needs: [validate-version-format]
+ runs-on: ubuntu-latest
+ env:
+ ECR_REPOSITORY: ${{ vars.PROJECT }}
+ steps:
+ - name: Checkout
+ uses: actions/checkout@v4
+ with:
+ sparse-checkout: |
+ .github
+ sparse-checkout-cone-mode: false
+
+ - name: Set permissions to run scripts
+ run: chmod +x -R ./.github/scripts
+
+ - name: Configure AWS Credentials
+ uses: aws-actions/configure-aws-credentials@v4
+ with:
+ aws-region: ${{ vars.AWS_REGION }}
+ role-to-assume: ${{ vars.ROLE_TO_ASSUME }}
+
+ - name: Login to Amazon ECR
+ id: login-ecr
+ uses: aws-actions/amazon-ecr-login@v2
+
+ - name: Check version ${{ inputs.version }} existed in AWS ECR repository ${{ env.ECR_REPOSITORY }}
+ run: ./.github/scripts/check-version-exists.sh ${{ env.ECR_REPOSITORY }} ${{ inputs.version }}
+
+ rollback:
+ name: Rollback
+ needs: [check-version-exists]
+ uses: ./.github/workflows/wc-deploy.yml
+ with:
+ rollback: true
+ aws-region: ${{ vars.AWS_REGION }}
+ role-to-assume: ${{ vars.ROLE_TO_ASSUME }}
+ ecr-repository: ${{ vars.PROJECT }}
+ image-tag: ${{ inputs.version }}
+ task-definition: ${{ vars.PROJECT }}
+ container-name: ${{ vars.PROJECT }}
+ ecs-cluster: ${{ vars.ECS_CLUSTER }}
+ ecs-service: ${{ vars.PROJECT }}
+ codedeploy-application: ${{ vars.CODEDEPLOY_APPLICATION }}
+ codedeploy-application-group: ${{ vars.CODEDEPLOY_APPLICATION_GROUP }}
+```
+
+This GitHub Actions workflow automates the rollback of an ECS deployment to a specified version using AWS services. Let's take a high-level look at key components of the workflow.
+
+#### Events
+- **workflow_dispatch**: this enables manual triggering of the workflow through the GitHub UI. It accepts an input parameter *version*. The user might provide the semantic version (e.g., v1.0.0) they want to rollback to. This is required for the Rollback workflow.
+
+#### Concurrency
+
+Ensures that only one instance of this workflow runs for a given branch at a time, identified by the workflow name and reference. You might not want to run multiple rollbacks in at the same time (explore more about *concurrency group* in [14. Experiments With GitHub Actions Concurrency Group](14-experiments-with-gitHub-actions-concurrency-group)).
+
+#### Jobs
+**validate-version-format**:
+- This job reuses jobs or steps defined in the workflow **.github/workflows/wc-validate-version-format.yml**
+- Validates the format of the version tag to ensure it follows semantic versioning.
+
+**check-version-exists**
+- Check semantic version exists on AWS ECR repository.
+- Steps:
+ - Checkout the code.
+ - Configure AWS Credentials
+ - Login to Amazon ECR
+ - Use the AWS CLI to verify if the specified version exists.
+
+**rollback**
+
+- This job reuses jobs or steps defined in the workflow **./.github/workflows/wc-deploy.yml**.
+- It essentially automates the rollback of an ECS service using AWS resources defined in the workflow.
\ No newline at end of file
diff --git a/static/images/11/3/0001.svg b/static/images/11/3/0001.svg
index d5bd603..2221dbe 100644
--- a/static/images/11/3/0001.svg
+++ b/static/images/11/3/0001.svg
@@ -1,4 +1,4 @@
-
\ No newline at end of file
+
\ No newline at end of file
diff --git a/static/images/11/4/0001.svg b/static/images/11/4/0001.svg
index 3768290..c36affb 100644
--- a/static/images/11/4/0001.svg
+++ b/static/images/11/4/0001.svg
@@ -1,4 +1,4 @@
-
\ No newline at end of file
+
\ No newline at end of file
diff --git a/static/images/11/4/0001.svg.crswap b/static/images/11/4/0001.svg.crswap
new file mode 100644
index 0000000..c36affb
--- /dev/null
+++ b/static/images/11/4/0001.svg.crswap
@@ -0,0 +1,4 @@
+
+
+
+
\ No newline at end of file
diff --git a/static/images/11/6/0001.svg b/static/images/11/6/0001.svg
new file mode 100644
index 0000000..8183008
--- /dev/null
+++ b/static/images/11/6/0001.svg
@@ -0,0 +1,4 @@
+
+
+
+
\ No newline at end of file
diff --git a/static/images/11/7/0001.svg b/static/images/11/7/0001.svg
new file mode 100644
index 0000000..3c22bbc
--- /dev/null
+++ b/static/images/11/7/0001.svg
@@ -0,0 +1,4 @@
+
+
+
+
\ No newline at end of file