Run infra-aware restart script on deploy #79

Workflow file for this run

.github/workflows/ec2-deploy.yml at 7603813

	name: Build, Push to GHCR, Deploy via SSM

	on:
	push:
	branches: [main]

	env:
	REGISTRY: ghcr.io

	jobs:
	build-and-push:
	name: Build Docker & Push to GHCR
	runs-on: ubuntu-latest
	permissions:
	contents: read
	packages: write

	outputs:
	image: ${{ steps.meta.outputs.tags }}
	image-tag: ${{ steps.meta.outputs.version }}

	steps:
	- name: Checkout
	uses: actions/checkout@v4

	- name: Set up Docker Buildx
	uses: docker/setup-buildx-action@v3

	- name: Docker meta (tags)
	id: meta
	uses: docker/metadata-action@v5
	with:
	images: ${{ env.REGISTRY }}/${{ github.repository }}
	tags: \|
	type=raw,value=${{ github.sha }},enable=${{ github.ref == 'refs/heads/main' }}
	type=raw,value=latest,enable=${{ github.ref == 'refs/heads/main' }}

	- name: Login to GHCR
	uses: docker/login-action@v3
	with:
	registry: ${{ env.REGISTRY }}
	username: ${{ github.actor }}
	password: ${{ secrets.GITHUB_TOKEN }}

	- name: Build and push
	uses: docker/build-push-action@v5
	with:
	context: ./was
	file: ./was/Dockerfile
	push: true
	tags: ${{ steps.meta.outputs.tags }}
	labels: ${{ steps.meta.outputs.labels }}
	cache-from: type=gha
	cache-to: type=gha,mode=max

	deploy:
	name: Deploy via AWS SSM
	runs-on: ubuntu-latest
	needs: build-and-push

	steps:
	- name: Configure AWS credentials
	uses: aws-actions/configure-aws-credentials@v4
	with:
	aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
	aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
	aws-region: ${{ secrets.AWS_REGION \|\| 'ap-northeast-2' }}

	- name: Deploy via SSM (docker-compose in /apps/senifit)
	id: send
	run: \|
	ORG_LOWER="team-senifit"
	REPO_LOWER=$(echo "${{ github.repository }}" \| tr '[:upper:]' '[:lower:]')
	SPRING_BOOT_IMAGE="ghcr.io/${REPO_LOWER}:${{ github.sha }}"
	ENV_B64=$(printf '%s' "${{ secrets.ENV_FILE }}" \| base64 -w 0)
	SCRIPT_B64=$(base64 -w 0 deploy/restart_if_infra_down.sh)
	COMMAND_ID=$(aws ssm send-command \
	--instance-ids "${{ secrets.SSM_INSTANCE_ID }}" \
	--document-name "AWS-RunShellScript" \
	--parameters "{\"commands\":[\"cd /apps/senifit && echo ${ENV_B64} \| base64 -d > /apps/senifit/.env && echo ${SCRIPT_B64} \| base64 -d > /apps/senifit/restart_if_infra_down.sh && chmod +x /apps/senifit/restart_if_infra_down.sh && export SPRING_BOOT_IMAGE=${SPRING_BOOT_IMAGE} && sudo /apps/senifit/restart_if_infra_down.sh\"]}" \
	--comment "Deploy was image ${SPRING_BOOT_IMAGE}" \
	--output text \
	--query "Command.CommandId")
	echo "command_id=$COMMAND_ID" >> $GITHUB_OUTPUT
	echo "Sent SSM command: $COMMAND_ID"

	- name: Wait for SSM command
	run: \|
	COMMAND_ID="${{ steps.send.outputs.command_id }}"
	for i in $(seq 1 30); do
	STATUS=$(aws ssm get-command-invocation --command-id "$COMMAND_ID" --instance-id "${{ secrets.SSM_INSTANCE_ID }}" --query "Status" --output text 2>/dev/null \|\| echo "Pending")
	echo "SSM command status: $STATUS"
	if [ "$STATUS" = "Success" ]; then exit 0; fi
	if [ "$STATUS" = "Failed" ] \|\| [ "$STATUS" = "Cancelled" ]; then
	aws ssm get-command-invocation --command-id "$COMMAND_ID" --instance-id "${{ secrets.SSM_INSTANCE_ID }}"
	exit 1
	fi
	sleep 10
	done
	echo "Timeout waiting for SSM command"
	exit 1

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Run infra-aware restart script on deploy #79

Workflow file

Run infra-aware restart script on deploy #79

Uh oh!

Workflow file for this run