uurtech · March 25, 2024 07:44
diff --git a/github_actions.yaml b/github_actions.yaml
 name: CI/CD Pipeline

 on:
  pull_request:
    types: [opened, synchronize]

 jobs:
  deploy:
    runs-on: ubuntu-latest

    steps:
      - name: Checkout Repository
        uses: actions/checkout@v2

      # Set up AWS CLI
      - name: Configure AWS Credentials
        uses: aws-actions/configure-aws-credentials@v1
        with:
          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
          aws-region: your-aws-region

      # Install kubectl
      - name: Install kubectl
        run: |
          sudo apt-get update
          sudo apt-get install -y apt-transport-https
          sudo apt-get install -y curl
          sudo apt-get install -y gnupg
          sudo apt-get install -y lsb-release
          curl -s https://packages.cloud.google.com/apt/doc/apt-key.gpg | sudo apt-key add -
          echo "deb https://apt.kubernetes.io/ kubernetes-xenial main" | sudo tee -a /etc/apt/sources.list.d/kubernetes.list
          sudo apt-get update
          sudo apt-get install -y kubectl

      # Authenticate with AWS EKS
      - name: Configure kubectl for EKS
        run: aws eks --region your-aws-region update-kubeconfig --name your-eks-cluster-name

      # Install Helm
      - name: Install Helm
        run: |
          curl -fsSL -o get_helm.sh https://raw.githubusercontent.com/helm/helm/master/scripts/get-helm-3
          chmod 700 get_helm.sh
          ./get_helm.sh

      # Install Nginx Ingress Controller
      - name: Install Nginx Ingress Controller
        run: |
          helm repo add ingress-nginx https://kubernetes.github.io/ingress-nginx
          helm repo update
          helm install nginx-ingress ingress-nginx/ingress-nginx \
            --namespace nginx-ingress \
            --set controller.replicaCount=2 \
            --set controller.nodeSelector."beta\.kubernetes\.io/os"=linux \
            --set defaultBackend.nodeSelector."beta\.kubernetes\.io/os"=linux \
            --set controller.service.type=LoadBalancer

      # Create Node.js Deployment YAML
      - name: Create Node.js Deployment YAML
        id: create_nodejs_deployment_yaml
        run: |
          BRANCH_NAME=$(echo ${GITHUB_REF#refs/heads/})
          cat <<EOF > nodejs-app-deployment.yaml
          apiVersion: apps/v1
          kind: Deployment
          metadata:
            name: nodejs-app
            labels:
              app: nodejs-app
          spec:
            replicas: 3
            selector:
              matchLabels:
                app: nodejs-app
            template:
              metadata:
                labels:
                  app: nodejs-app
              spec:
                containers:
                - name: nodejs-app
                  image: your-nodejs-image:${BRANCH_NAME}
                  ports:
                  - containerPort: 3000
          EOF
        shell: bash

      # Display Approval Message in Slack
      - name: Send Slack Notification for Approval
        if: always()
        run: |
          if [ "${{ github.event_name }}" == "pull_request" ]; then
            curl -X POST -H 'Content-type: application/json' --data '{"text":"A deployment is awaiting approval for the branch: '${{ github.head_ref }}'."}' $SLACK_WEBHOOK_URL
          fi

      # Manual Approval Step for Ingress Controller Deployment
      - name: Manual Approval for Ingress Controller Deployment
        if: github.event_name == 'pull_request'
        uses: stefanzweifel/git-auto-commit-action@v4
        with:
          commit_message: "Require manual approval for Ingress Controller deployment"
          file_pattern: ingress_approval
          commit_user_name: "GitHub Actions"
          commit_user_email: "[email protected]"

      # Deploy Nginx Ingress Controller
      - name: Deploy Nginx Ingress Controller
        if: always() && steps.ingress_approval.outputs.result == 'true'
        run: kubectl apply -f nginx-ingress-controller.yaml

      # Manual Approval Step for Route 53 DNS Record Update
      - name: Manual Approval for Route 53 DNS Record Update
        if: github.event_name == 'pull_request'
        uses: stefanzweifel/git-auto-commit-action@v4
        with:
          commit_message: "Require manual approval for Route 53 DNS record update"
          file_pattern: route53_approval
          commit_user_name: "GitHub Actions"
          commit_user_email: "[email protected]"

      # Update Route 53 DNS Record
      - name: Update Route 53 DNS Record
        if: always() && steps.route53_approval.outputs.result == 'true'
        run: |
          BRANCH_NAME=$(echo ${GITHUB_REF#refs/heads/})
          aws route53 change-resource-record-sets --hosted-zone-id your-hosted-zone-id --change-batch '{
            "Changes": [
              {
                "Action": "UPSERT",
                "ResourceRecordSet": {
                  "Name": "${BRANCH_NAME}.yourdomain.com",
                  "Type": "A",
                  "TTL": 300,
                  "ResourceRecords": [
                    {
                      "Value": "your-nginx-load-balancer-dns-name"
                    }
                  ]
                }
              }
            ]
          }'
	name: CI/CD Pipeline

	on:
	pull_request:
	types: [opened, synchronize]

	jobs:
	deploy:
	runs-on: ubuntu-latest

	steps:
	- name: Checkout Repository
	uses: actions/checkout@v2

	# Set up AWS CLI
	- name: Configure AWS Credentials
	uses: aws-actions/configure-aws-credentials@v1
	with:
	aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
	aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
	aws-region: your-aws-region

	# Install kubectl
	- name: Install kubectl
	run: \|
	sudo apt-get update
	sudo apt-get install -y apt-transport-https
	sudo apt-get install -y curl
	sudo apt-get install -y gnupg
	sudo apt-get install -y lsb-release
	curl -s https://packages.cloud.google.com/apt/doc/apt-key.gpg \| sudo apt-key add -
	echo "deb https://apt.kubernetes.io/ kubernetes-xenial main" \| sudo tee -a /etc/apt/sources.list.d/kubernetes.list
	sudo apt-get update
	sudo apt-get install -y kubectl

	# Authenticate with AWS EKS
	- name: Configure kubectl for EKS
	run: aws eks --region your-aws-region update-kubeconfig --name your-eks-cluster-name

	# Install Helm
	- name: Install Helm
	run: \|
	curl -fsSL -o get_helm.sh https://raw.githubusercontent.com/helm/helm/master/scripts/get-helm-3
	chmod 700 get_helm.sh
	./get_helm.sh

	# Install Nginx Ingress Controller
	- name: Install Nginx Ingress Controller
	run: \|
	helm repo add ingress-nginx https://kubernetes.github.io/ingress-nginx
	helm repo update
	helm install nginx-ingress ingress-nginx/ingress-nginx \
	--namespace nginx-ingress \
	--set controller.replicaCount=2 \
	--set controller.nodeSelector."beta\.kubernetes\.io/os"=linux \
	--set defaultBackend.nodeSelector."beta\.kubernetes\.io/os"=linux \
	--set controller.service.type=LoadBalancer

	# Create Node.js Deployment YAML
	- name: Create Node.js Deployment YAML
	id: create_nodejs_deployment_yaml
	run: \|
	BRANCH_NAME=$(echo ${GITHUB_REF#refs/heads/})
	cat <<EOF > nodejs-app-deployment.yaml
	apiVersion: apps/v1
	kind: Deployment
	metadata:
	name: nodejs-app
	labels:
	app: nodejs-app
	spec:
	replicas: 3
	selector:
	matchLabels:
	app: nodejs-app
	template:
	metadata:
	labels:
	app: nodejs-app
	spec:
	containers:
	- name: nodejs-app
	image: your-nodejs-image:${BRANCH_NAME}
	ports:
	- containerPort: 3000
	EOF
	shell: bash

	# Display Approval Message in Slack
	- name: Send Slack Notification for Approval
	if: always()
	run: \|
	if [ "${{ github.event_name }}" == "pull_request" ]; then
	curl -X POST -H 'Content-type: application/json' --data '{"text":"A deployment is awaiting approval for the branch: '${{ github.head_ref }}'."}' $SLACK_WEBHOOK_URL
	fi

	# Manual Approval Step for Ingress Controller Deployment
	- name: Manual Approval for Ingress Controller Deployment
	if: github.event_name == 'pull_request'
	uses: stefanzweifel/git-auto-commit-action@v4
	with:
	commit_message: "Require manual approval for Ingress Controller deployment"
	file_pattern: ingress_approval
	commit_user_name: "GitHub Actions"
	commit_user_email: "[email protected]"

	# Deploy Nginx Ingress Controller
	- name: Deploy Nginx Ingress Controller
	if: always() && steps.ingress_approval.outputs.result == 'true'
	run: kubectl apply -f nginx-ingress-controller.yaml

	# Manual Approval Step for Route 53 DNS Record Update
	- name: Manual Approval for Route 53 DNS Record Update
	if: github.event_name == 'pull_request'
	uses: stefanzweifel/git-auto-commit-action@v4
	with:
	commit_message: "Require manual approval for Route 53 DNS record update"
	file_pattern: route53_approval
	commit_user_name: "GitHub Actions"
	commit_user_email: "[email protected]"

	# Update Route 53 DNS Record
	- name: Update Route 53 DNS Record
	if: always() && steps.route53_approval.outputs.result == 'true'
	run: \|
	BRANCH_NAME=$(echo ${GITHUB_REF#refs/heads/})
	aws route53 change-resource-record-sets --hosted-zone-id your-hosted-zone-id --change-batch '{
	"Changes": [
	{
	"Action": "UPSERT",
	"ResourceRecordSet": {
	"Name": "${BRANCH_NAME}.yourdomain.com",
	"Type": "A",
	"TTL": 300,
	"ResourceRecords": [
	{
	"Value": "your-nginx-load-balancer-dns-name"
	}
	]
	}
	}
	]
	}'