-
Notifications
You must be signed in to change notification settings - Fork 0
158 lines (150 loc) · 6.26 KB
/
packer-build.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
name: Build
on:
workflow_dispatch:
push:
branches: [master]
jobs:
tests:
runs-on: ubuntu-latest
environment: ${{ vars.ENVIRONMENT }}
services:
# Label used to access the service container
postgres:
# Docker Hub image
image: postgres:latest
ports:
- 5432:5432
env:
POSTGRES_DB: ${{ vars.DATABASE }}
POSTGRES_USER: ${{ vars.DBUSER }}
POSTGRES_PASSWORD: ${{ secrets.DBPASSWORD }}
# Set health checks to wait until postgres has started
options: >-
--health-cmd pg_isready
--health-interval 10s
--health-timeout 5s
--health-retries 5
name: Run unit tests
steps:
- uses: actions/checkout@v4
- name: "Create .env file"
run: |
touch .env
echo ENVIRONMENT=${{ vars.ENVIRONMENT }} >> .env
echo HOSTNAME=${{ vars.HOSTNAME}} >> .env
echo PORT=${{ vars.PORT }} >> .env
echo DATABASE=${{ vars.DATABASE }} >> .env
echo DBUSER=${{ vars.DBUSER }} >> .env
echo DBPASSWORD=${{ secrets.DBPASSWORD }} >> .env
- uses: actions/setup-node@v4
with:
node-version: 20
- run: npm ci
- run: npm run test
# Packer init, validate and build
packer:
needs: tests
runs-on: ubuntu-latest
environment: ${{ vars.ENVIRONMENT }}
name: Build AWS Custom AMI with REST API app artifacts
steps:
- name: Checkout code from branch
uses: actions/checkout@v4
- name: Build artifacts
run: |
touch .env
echo ENVIRONMENT=${{ vars.ENVIRONMENT }} >> .env
echo HOSTNAME=${{ vars.HOSTNAME}} >> .env
echo PORT=${{ vars.PORT }} >> .env
echo DATABASE=${{ vars.DATABASE }} >> .env
echo DBUSER=${{ vars.DBUSER }} >> .env
echo DBPASSWORD=${{ secrets.DBPASSWORD }} >> .env
zip -r webapp.zip ./
- name: Packer variables
run: |
cd aws/packer/ && touch ami.pkrvars.hcl
echo ami_prefix=\"${{ vars.AMI_PREFIX }}\" >> ami.pkrvars.hcl
echo OS=\"${{ vars.OS }}\" >> ami.pkrvars.hcl
echo ubuntu_version=\"${{ vars.VERSION }}\" >> ami.pkrvars.hcl
echo ssh_username=\"${{ vars.SSH_USERNAME }}\" >> ami.pkrvars.hcl
echo subnet_id=\"${{ secrets.SUBNET_ID }}\" >> ami.pkrvars.hcl
echo dev_id=\"${{ secrets.DEV_ID }}\" >> ami.pkrvars.hcl
echo prod_id=\"${{ secrets.PROD_ID }}\" >> ami.pkrvars.hcl
echo source_ami=\"${{ vars.SOURCE_AMI }}\" >> ami.pkrvars.hcl
echo aws_region=\"${{ vars.AWS_REGION }}\" >> ami.pkrvars.hcl
echo instance_type=\"${{ vars.INSTANCE_TYPE}}\" >> ami.pkrvars.hcl
echo volume_type=\"${{ vars.VOLUME_TYPE}}\" >> ami.pkrvars.hcl
echo volume_size=\"${{ vars.VOLUME_SIZE}}\" >> ami.pkrvars.hcl
echo device_name=\"${{ vars.DEVICE_NAME}}\" >> ami.pkrvars.hcl
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v4
with:
aws-access-key-id: ${{ secrets.AWS_DEV_ACCESS_KEY }}
aws-secret-access-key: ${{ secrets.AWS_DEV_SECRET_KEY }}
aws-region: ${{ vars.AWS_REGION }}
- name: Setup `packer`
uses: hashicorp/setup-packer@main
id: setup
with:
version: "latest"
- name: Run `packer init`
id: init
run: "packer init ./aws/packer/ami.pkr.hcl"
- name: Run `packer validate`
id: validate
run: |
cd aws/packer/ &&
packer validate -evaluate-datasources --var-file=ami.pkrvars.hcl ami.pkr.hcl
- name: Run `packer build`
id: build
run: |
cd aws/packer/ &&
packer build --var-file=ami.pkrvars.hcl ami.pkr.hcl
# - name: Packer init, format validate and build custom AMI
# run: |
# packer fmt .
# packer init ami.pkr.hcl
# packer validate -evaluate-datasources --var-file=ami.pkrvars.hcl ami.pkr.hcl
# packer build --var-file=ami.pkrvars.hcl ami.pkr.hcl
# - name: Configure AWS Credentials
# uses: aws-actions/configure-aws-credentials@v4
# with:
# aws-access-key-id: ${{ secrets.AWS_PROD_ACCESS_KEY }}
# aws-secret-access-key: ${{ secrets.AWS_PROD_SECRET_KEY }}
# aws-region: ${{ vars.AWS_REGION }}
# - name: Instance Refresh automation
# run: |
# sudo apt-get install jq
# ASG_NAME=${{ secrets.ASG_NAME }}
# LAUNCH_CONFIG=${{ secrets.LAUNCH_CONFIG }}
# IMAGE=$(jq -r '.builds[-1].artifact_id' manifest.json | cut -d':' -f2)
# IMAGE_ID=$(jq -n \
# --arg img "$IMAGE" \
# '{"ImageId": $img}')
# aws ec2 create-launch-template-version \
# --launch-template-name "$LAUNCH_CONFIG" \
# --version-description updateAMI --source-version 1 \
# --launch-template-data="$IMAGE_ID"
# TEMPLATE_VERSION=$(aws ec2 describe-launch-template-versions --launch-template-name="$LAUNCH_CONFIG" \
# --filters="Name=is-default-version,Values=false" \
# --query 'sort_by(LaunchTemplateVersions, &CreateTime)[-1].[VersionNumber]' --output text)
# aws autoscaling update-auto-scaling-group --auto-scaling-group-name $ASG_NAME \
# --launch-template LaunchTemplateName="$LAUNCH_CONFIG",Version=$TEMPLATE_VERSION
# aws autoscaling start-instance-refresh \
# --auto-scaling-group-name $ASG_NAME --strategy Rolling
# printf "Instance refresh in progress"
# while true;
# do
# instance_refresh_status=$(aws autoscaling describe-instance-refreshes --auto-scaling-group-name $ASG_NAME \
# --query "InstanceRefreshes[0].Status" --output text)
# if [ "$instance_refresh_status" = "Successful" ]; then
# printf "\nInstance refresh successful!"
# break
# fi
# if [ "$instance_refresh_status" = "Cancelling" ] || [ "$instance_refresh_status" = "Cancelled" ] || [ "$instance_refresh_status" = "Failed" ]; then
# printf "\nInstance refresh failed!"
# exit 1
# fi
# echo -ne "."
# sleep 10
# done