Reusable Github Action Workflows
aws-deploy-ecs.yml
:
name: Try workflow
on:
push:
branches:
- try-workflow
jobs:
try-workflow:
uses: AuDigent/gha-workflows/.github/workflows/[email protected]
with:
ecr-repository-name: your-repo
docker-image-tag: ${{ github.sha }}
docker-build-platforms: linux/arm64
environment: dev
ecs-cluster: your-cluster
ecs-service: your_service
container-name: some-container
aws-region: us-east-1
secrets: inherit
build-and-push-to-ecr
:
- uses: actions/checkout@v3
- name: Push Image to ECR
uses: AuDigent/gha-workflows/.github/actions/[email protected]
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: us-east-1
docker-image-tag: ${{ github.sha }}
ecr-repository-name: my-repo
deploy-to-ecs
:
- uses: actions/checkout@v3
- name: Deploy to ECS
uses: AuDigent/gha-workflows/.github/actions/[email protected]
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: us-east-1
ecs-cluster: your-cluster
ecs-service: your_service
docker-image: myregistry/myimage:tag
container-name: my_container
get-codeartifact-token
:
- uses: actions/checkout@v3
- name: Get CodeArtifact Token
id: token
uses: AuDigent/gha-workflows/.github/actions/[email protected]
with:
domain: my-domain
domain-owner: 1111111 # Your AWS Account ID
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
- uses: actions/setup-python@v4
with:
python-version: '3.9'
cache: 'pipenv'
- name: install dependencies
env:
CODEARTIFACT_AUTH_TOKEN: ${{ steps.token.outputs.token }}
run: |
pip install pipenv
pipenv install --dev --ignore-pipfile
Example of pipenv config:
[[source]]
name = "aws"
url = "https://aws:${CODEARTIFACT_AUTH_TOKEN}@xxxxxx.d.codeartifact.us-east-1.amazonaws.com/pypi/xxxxx/simple/"
verify_ssl = true
[packages]
your-package = { version = "~=1.0", index = "aws" }
Example of IAM Policies to grant access to the repositories available here