From 890d493138d6c116c6189e0b5c45edb5700b48e3 Mon Sep 17 00:00:00 2001 From: seaerchin Date: Mon, 19 Feb 2024 19:23:42 +0800 Subject: [PATCH] fix(ci): use workflwo i m tard fix(workflow): remove additional builds tep fix(secrets): inherit secrest from caller --- .github/workflows/aws_deploy.yml | 8 -------- .github/workflows/ci.yml | 26 +++----------------------- 2 files changed, 3 insertions(+), 31 deletions(-) diff --git a/.github/workflows/aws_deploy.yml b/.github/workflows/aws_deploy.yml index 860ccb106..73d005178 100644 --- a/.github/workflows/aws_deploy.yml +++ b/.github/workflows/aws_deploy.yml @@ -85,9 +85,7 @@ jobs: - name: Build and push image to ECR uses: docker/build-push-action@v4 with: - provenance: false push: true - sbom: false tags: ${{ steps.login-ecr.outputs.registry }}/${{ inputs.ecr-repository }}:${{ github.sha }} deploy: @@ -111,12 +109,6 @@ jobs: id: login-ecr uses: aws-actions/amazon-ecr-login@v1 - - name: Build and push image to ECR - uses: docker/build-push-action@v4 - with: - push: true - tags: ${{ steps.login-ecr.outputs.registry }}/${{ inputs.ecr-repository }}:${{ github.sha }} - - name: Replace variables in task definition file run: | sed -i 's//${{ secrets.AWS_ACCOUNT_ID }}/g' ${{ inputs.task-definition-path }} diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 34fad6a6a..1004066c8 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -184,27 +184,7 @@ jobs: # NOTE: Not combining with above workflow to allow parallel execution deploy_ecs: name: Build and deploy to ECS - runs-on: ubuntu-latest needs: [gatekeep] - if: needs.gatekeep.outputs.proceed == 'true' - steps: - - name: Deploy to ECS - uses: ./.github/workflows/aws_deploy.yml - with: - aws-region: "ap-southeast-1" - cicd-role: "arn:aws:iam::095733531422:role/isomer-infra-github-oidc-role-16ea937" - ecr-repository: "isomer-infra-prod-ecr" - ecs-cluster-name: "isomer-prod-ecs" - ecs-web-service-name: "isomer-prod-ecs-service" - ecs-container-name: "backend" - environment: "prod" - shortEnv: "prod" - task-definition-path: ".aws/deploy/backend-task-definition.prod.json" - codedeploy-application: "isomer-prod-ecs-app" - codedeploy-deployment-group: "isomer-prod-ecs-dg" - - # Secrets - AWS_ACCOUNT_ID: ${{ secrets.AWS_ACCOUNT_ID }} - EFS_FILE_SYSTEM_ID: ${{ secrets.PROD_EFS_FILE_SYSTEM_ID }} - DD_API_KEY: ${{ secrets.DD_API_KEY }} - \ No newline at end of file + uses: ./.github/workflows/deploy_prod.yml + secrets: inherit + \ No newline at end of file