diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml index 5fb652f80..fe4e30d56 100644 --- a/.github/workflows/build.yaml +++ b/.github/workflows/build.yaml @@ -162,4 +162,4 @@ jobs: path: "**/surefire-reports/**/*.xml" reporter: java-junit fail-on-error: true - only-summary: 'true' + only-summary: 'true' \ No newline at end of file diff --git a/.github/workflows/deploy-managed-ema-image.yaml b/.github/workflows/deploy-managed-ema-image.yaml new file mode 100644 index 000000000..cd242bb43 --- /dev/null +++ b/.github/workflows/deploy-managed-ema-image.yaml @@ -0,0 +1,112 @@ +name: Deploy Managed EMA +on: + workflow_dispatch: + inputs: + releaseVersion: + description: "The image tag in ECR to push to a new environment." + required: true + default: "A.B.C" + deployEnvironment: + description: "Environment to deploy to (development/staging/production)." + required: true + type: choice + options: + - development + - staging + - production +jobs: + deploy: + runs-on: ubuntu-latest + environment: prod + + steps: + - name: Configure AWS credentials + uses: aws-actions/configure-aws-credentials@v2 + with: + aws-access-key-id: ${{ secrets.EMA_AWS_ACCESS_KEY_ID }} + aws-secret-access-key: ${{ secrets.EMA_AWS_SECRET_ACCESS_KEY }} + aws-region: ${{ secrets.EMA_AWS_DEFAULT_REGION }} + - name: Login to Amazon ECR + id: login-ecr + uses: aws-actions/amazon-ecr-login@v1.6.0 + - name: ECR (Dev) - Pull Image + run: | + ECR_DEV_IMAGE="${{ steps.login-ecr.outputs.registry }}/${{ github.event.repository.name }}:main" + docker pull $ECR_DEV_IMAGE + echo "ECR_DEV_IMAGE=$ECR_DEV_IMAGE" >> $GITHUB_ENV + - name: GCR (Dev) - Login + if: ${{ github.event.inputs.deployEnvironment == 'development' }} + uses: docker/login-action@v3 + with: + registry: gcr.io + username: _json_key + password: ${{ secrets.DEV_GCP_SERVICE_ACCOUNT }} + - name: GCR (Dev) - Tag and Push + if: ${{ github.event.inputs.deployEnvironment == 'development' }} + run: | + GCR_IMAGE_TAGS_TO_PUSH=( + "${{ github.event.inputs.releaseVersion }}" "latest" + ) + GCR_DEV_IMAGE_REPO="gcr.io/${{ secrets.DEV_GCP_PROJECT_ID }}/${{ github.event.repository.name }}" + for current_tag in ${GCR_IMAGE_TAGS_TO_PUSH[@]} + do + docker tag $ECR_DEV_IMAGE $GCR_DEV_IMAGE_REPO:$current_tag + docker push $GCR_DEV_IMAGE_REPO:$current_tag + done2 + - name: GCR (Staging) - Login + if: ${{ github.event.inputs.deployEnvironment == 'staging' }} + uses: docker/login-action@v3 + with: + registry: gcr.io + username: _json_key + password: ${{ secrets.STAGING_GCP_SERVICE_ACCOUNT }} + - name: GCR (Staging) - Tag and Push + if: ${{ github.event.inputs.deployEnvironment == 'staging' }} + run: | + GCR_IMAGE_TAGS_TO_PUSH=( + "${{ github.event.inputs.releaseVersion }}" "latest" + ) + GCR_STAGING_IMAGE_REPO="gcr.io/${{ secrets.STAGING_GCP_PROJECT_ID }}/${{ github.event.repository.name }}" + for current_tag in ${GCR_IMAGE_TAGS_TO_PUSH[@]} + do + docker tag $ECR_DEV_IMAGE $GCR_STAGING_IMAGE_REPO:$current_tag + docker push $GCR_STAGING_IMAGE_REPO:$current_tag + done + - name: GCR (Production) - Login + if: ${{ github.event.inputs.deployEnvironment == 'production' }} + uses: docker/login-action@v3 + with: + registry: gcr.io + username: _json_key + password: ${{ secrets.PROD_GCP_SERVICE_ACCOUNT }} + - name: GCR (Prod) - Tag and Push + if: ${{ github.event.inputs.deployEnvironment == 'production' }} + run: | + GCR_IMAGE_TAGS_TO_PUSH=( + "${{ github.event.inputs.releaseVersion }}" "latest" + ) + GCR_PROD_IMAGE_REPO="gcr.io/${{ secrets.PROD_GCP_PROJECT_ID }}/${{ github.event.repository.name }}" + for current_tag in ${GCR_IMAGE_TAGS_TO_PUSH[@]} + do + docker tag $ECR_DEV_IMAGE $GCR_PROD_IMAGE_REPO:$current_tag + docker push $GCR_PROD_IMAGE_REPO:$current_tag + done + - name: Log in to Azure China prod docker registry + if: ${{ github.event.inputs.deployEnvironment == 'production' }} + uses: docker/login-action@v3 + with: + registry: ${{ secrets.AZURE_CHINA_PROD_HOSTNAME }} + username: ${{ secrets.AZURE_CHINA_PROD_USERNAME }} + password: ${{ secrets.AZURE_CHINA_PROD_PASSWORD }} + - name: Azure China (Prod) - Tag and Push + if: ${{ github.event.inputs.deployEnvironment == 'production' }} + run: | + IMAGE_TAGS_TO_PUSH=( + "${{ github.event.inputs.releaseVersion }}" "latest" + ) + PROD_IMAGE_REPO="${{ secrets.AZURE_CHINA_PROD_HOSTNAME }}/${{ github.event.repository.name }}" + for current_tag in ${IMAGE_TAGS_TO_PUSH[@]} + do + docker tag $ECR_DEV_IMAGE $PROD_IMAGE_REPO:$current_tag + docker push $PROD_IMAGE_REPO:$current_tag + done \ No newline at end of file diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 3aaf72832..33a78e654 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -3,11 +3,11 @@ on: workflow_dispatch: inputs: releaseVersion: - description: "Default version to use when preparing a release." + description: "Default version to use when preparing a release (the current version with '-SNAPSHOT' removed)." required: true - default: "X.Y.Z" + default: "A.B.C" developmentVersion: - description: "Default version to use for new local working copy." + description: "Default version to use for new local working copy (the next version after version A.B.C)." required: true default: "X.Y.Z-SNAPSHOT" jobs: @@ -132,4 +132,4 @@ jobs: export image_tag=${{ github.event.inputs.releaseVersion }} export chart_version="n/a" export sha=${{ github.sha }} - ./.github/workflows/release_scripts/update_release_manifest.sh + ./.github/workflows/release_scripts/update_release_manifest.sh \ No newline at end of file