Skip to content

Instantly share code, notes, and snippets.

@stympy
Created January 18, 2025 14:14
Show Gist options
  • Save stympy/478d2a6086f83bac753c59c62143ffd7 to your computer and use it in GitHub Desktop.
Save stympy/478d2a6086f83bac753c59c62143ffd7 to your computer and use it in GitHub Desktop.
Deploying to ECS in multiple regions with GitHub Actions
name: Create Amazon ECS release
on:
workflow_run:
workflows: ["Tests"]
branches: [master]
types: [completed]
concurrency:
group: production
env:
AWS_ROLE: arn:aws:iam::${{ secrets.AWS_ACCOUNT_ID }}:role/${{ secrets.AWS_ROLE }}
IMAGE_TAG: ${{ github.sha }}
jobs:
build:
name: Build and push Docker image
runs-on: ubuntu-latest
timeout-minutes: 10
if: ${{ github.event.workflow_run.conclusion == 'success' }}
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Build Docker image
id: build-image
run: |
docker build --build-arg ENVIRONMENT=production -t honeybadger:latest -f Dockerfile.prod .
docker save honeybadger:latest | gzip > honeybadger.tar.gz
- name: Upload Docker image
uses: actions/upload-artifact@v4
with:
name: honeybadger
path: honeybadger.tar.gz
push:
needs: build
runs-on: ubuntu-latest
permissions:
id-token: write
contents: read
strategy:
matrix:
region: [us-east-1, eu-central-1]
steps:
- name: Download Docker image
uses: actions/download-artifact@v4
with:
name: honeybadger
- name: Load Docker image
run: |
gunzip -c honeybadger.tar.gz | docker load
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: ${{ env.AWS_ROLE }}
aws-region: ${{ matrix.region }}
- name: Login to Amazon ECR
id: login-ecr
uses: aws-actions/amazon-ecr-login@v2
- name: Tag and push image to Amazon ECR
env:
ECR_REPOSITORY: ${{ steps.login-ecr.outputs.registry }}/honeybadger
run: |
docker tag honeybadger:latest $ECR_REPOSITORY:$IMAGE_TAG
docker tag honeybadger:latest $ECR_REPOSITORY:latest
docker push $ECR_REPOSITORY:$IMAGE_TAG
docker push $ECR_REPOSITORY:latest
# We need to delete the artifact to avoid storing the Docker image in the GitHub Actions storage
- uses: geekyeggo/delete-artifact@v5
with:
name: honeybadger
deploy:
needs: push
name: Update Web Task
runs-on: ubuntu-latest
timeout-minutes: 10
permissions:
id-token: write
contents: read
environment:
name: production
strategy:
matrix:
region: [us-east-1, eu-central-1]
steps:
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: ${{ env.AWS_ROLE }}
aws-region: ${{ matrix.region }}
- name: Download task definition
run: aws ecs describe-task-definition --task-definition app --query taskDefinition > task-definition.json
- name: Fill in the new image ID in the task definition for the app container
id: task-def-app
uses: aws-actions/amazon-ecs-render-task-definition@v1
with:
task-definition: task-definition.json
container-name: app
image: ${{ secrets.AWS_ACCOUNT_ID }}.dkr.ecr.${{ matrix.region }}.amazonaws.com/honeybadger:${{ env.IMAGE_TAG }}
# This is only needed if the ECS task is configured to deploy with CodeDeploy for blue/green deploys
- name: Checkout
uses: actions/checkout@v4
- name: Deploy web task definition
uses: aws-actions/amazon-ecs-deploy-task-definition@v2
with:
task-definition: ${{ steps.task-def-app.outputs.task-definition }}
service: web
cluster: honeybadger-production
wait-for-service-stability: false
# These are used for blue/green deploys with CodeDeploy. Omit if you are not using CodeDeploy to deploy the ECS task.
codedeploy-application: honeybadger-web-production
codedeploy-deployment-group: production
codedeploy-appspec: config/appspec.yml
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment