chore: initial commit — post-worker with RabbitMQ consumer and CI/CD #1
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Deploy | |
| on: | |
| push: | |
| branches: [main] | |
| workflow_dispatch: | |
| inputs: | |
| environment: | |
| description: Target environment | |
| required: true | |
| default: production | |
| type: choice | |
| options: [production, staging] | |
| env: | |
| AWS_REGION: ${{ vars.AWS_REGION || 'us-east-1' }} | |
| ECR_REPOSITORY: ${{ vars.ECR_REPOSITORY_POST_WORKER || 'backendworks/post-worker' }} | |
| ECS_CLUSTER: ${{ vars.ECS_CLUSTER || 'backendworks' }} | |
| ECS_SERVICE: ${{ vars.ECS_SERVICE_POST_WORKER || 'post-worker' }} | |
| CONTAINER_NAME: bw-post-worker | |
| jobs: | |
| deploy: | |
| name: Build & Deploy to AWS ECS | |
| runs-on: ubuntu-latest | |
| environment: ${{ github.event.inputs.environment || 'production' }} | |
| permissions: | |
| id-token: write # OIDC token for AWS auth | |
| contents: read | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Setup Node | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: 20 | |
| cache: npm | |
| - name: Install dependencies | |
| run: npm ci | |
| - name: Build application | |
| run: npm run build | |
| - name: Configure AWS credentials (OIDC) | |
| uses: aws-actions/configure-aws-credentials@v4 | |
| with: | |
| role-to-assume: ${{ secrets.AWS_DEPLOY_ROLE_ARN }} | |
| aws-region: ${{ env.AWS_REGION }} | |
| - name: Login to Amazon ECR | |
| id: login-ecr | |
| uses: aws-actions/amazon-ecr-login@v2 | |
| - name: Build, tag & push Docker image | |
| id: build-image | |
| env: | |
| ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }} | |
| IMAGE_TAG: ${{ github.sha }} | |
| run: | | |
| docker build -t $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG . | |
| docker tag $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG \ | |
| $ECR_REGISTRY/$ECR_REPOSITORY:latest | |
| docker push $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG | |
| docker push $ECR_REGISTRY/$ECR_REPOSITORY:latest | |
| echo "image=$ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG" >> "$GITHUB_OUTPUT" | |
| - name: Download current ECS task definition | |
| run: | | |
| aws ecs describe-task-definition \ | |
| --task-definition ${{ env.ECS_SERVICE }} \ | |
| --query taskDefinition > task-definition.json | |
| - name: Update task definition with new image | |
| id: task-def | |
| uses: aws-actions/amazon-ecs-render-task-definition@v1 | |
| with: | |
| task-definition: task-definition.json | |
| container-name: ${{ env.CONTAINER_NAME }} | |
| image: ${{ steps.build-image.outputs.image }} | |
| - name: Deploy to ECS | |
| uses: aws-actions/amazon-ecs-deploy-task-definition@v2 | |
| with: | |
| task-definition: ${{ steps.task-def.outputs.task-definition }} | |
| service: ${{ env.ECS_SERVICE }} | |
| cluster: ${{ env.ECS_CLUSTER }} | |
| wait-for-service-stability: true |