FossilRepo

Add ECS deploy workflow (build, push ECR, update task, wait for stable)

lmata 2026-04-07 03:45 trunk

Commit 31d5c167e15d77cd22be949b90f53da27ffaaffb2c8ef3b29f09633890c5188d

Parent 9460009c8199648…

2 files changed +1 +48

M .github/workflows/ci.yaml

		--- .github/workflows/ci.yaml
		+++ .github/workflows/ci.yaml
		@@ -3,10 +3,11 @@
3	3	on:
4	4	push:
5	5	branches: [main]
6	6	pull_request:
7	7	branches: [main]
	8	+ workflow_call:
8	9
9	10	jobs:
10	11	lint:
11	12	runs-on: ubuntu-latest
12	13	steps:
13	14
14	15	ADDED .github/workflows/deploy.yaml

	--- .github/workflows/ci.yaml
	+++ .github/workflows/ci.yaml
	@@ -3,10 +3,11 @@
3	on:
4	push:
5	branches: [main]
6	pull_request:
7	branches: [main]

8
9	jobs:
10	lint:
11	runs-on: ubuntu-latest
12	steps:
13
14	DDED .github/workflows/deploy.yaml

	--- .github/workflows/ci.yaml
	+++ .github/workflows/ci.yaml
	@@ -3,10 +3,11 @@
3	on:
4	push:
5	branches: [main]
6	pull_request:
7	branches: [main]
8	workflow_call:
9
10	jobs:
11	lint:
12	runs-on: ubuntu-latest
13	steps:
14
15	DDED .github/workflows/deploy.yaml

A .github/workflows/deploy.yaml

+48

		--- a/.github/workflows/deploy.yaml
		+++ b/.github/workflows/deploy.yaml
		@@ -0,0 +1,48 @@
	1	+name: Deploy
	2	+
	3	+on:
	4	+ push:
	5	+ branches: [main]
	6	+ paths-ignore:
	7	+ - 'docs/**'
	8	+ - 'mkdocs.yml'
	9	+ - '*.md'
	10	+
	11	+env:
	12	+ AWS_REGION: us-west-2
	13	+ ECR_REPO: silrepo-app
	14	+ TASK_t-2
	15	+ ECR_REPO: fossilrepo
	16	+ ECS_CLUSTER: dev-fossilrepo
	17	+ ECS_SERVICE: dev-foss# ── Gate: CI must pass before deploying ──────────────────────────────────
	18	+ ci:
	19	+ uses: ./.g# ── Build + Push + Deploy ───────────────────────────────────────
	20	+ deploy:
	21	+ needs: [ci]
	22	+ runs-on: ubuntu-latest
	23	+ permissions:
	24	+ id-token: write
	25	+ contents: read
	26	+
	27	+ steps:
	28	+ - uses: actions/checkout@v4
	29	+
	30	+ - uses: aws-actions/configure-aws-credentials@v4
	31	+ with:
	32	+ aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
	33	+ aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
	34	+ aws-region: ${{ env.AWS_REGION }}
	35	+
	36	+ - uses: aws-actions/amazon-ecr-login@v2
	37	+ id: ecr
	38	+
	39	+ - name: Build and push image
	40	+ env:
	41	+ ECR_REGISTRY: ${{ steps.ecr.outputs.registry }}
	42	+ IMAGE_TAG: ${{ github.sha }}
	43	+ run: \|
	44	+ docker build \
	45	+ -t $ECR_REGISTRY/$ECR_REPO:$IMAGE_TAG \
	46	+ -t $ECR_REGISTRY/$ECR_REPO:latest \
	47	+ .
	48	+ docker push $ECR_REGIS

	--- a/.github/workflows/deploy.yaml
	+++ b/.github/workflows/deploy.yaml
	@@ -0,0 +1,48 @@

	--- a/.github/workflows/deploy.yaml
	+++ b/.github/workflows/deploy.yaml
	@@ -0,0 +1,48 @@
1	name: Deploy
2
3	on:
4	push:
5	branches: [main]
6	paths-ignore:
7	- 'docs/**'
8	- 'mkdocs.yml'
9	- '*.md'
10
11	env:
12	AWS_REGION: us-west-2
13	ECR_REPO: silrepo-app
14	TASK_t-2
15	ECR_REPO: fossilrepo
16	ECS_CLUSTER: dev-fossilrepo
17	ECS_SERVICE: dev-foss# ── Gate: CI must pass before deploying ──────────────────────────────────
18	ci:
19	uses: ./.g# ── Build + Push + Deploy ───────────────────────────────────────
20	deploy:
21	needs: [ci]
22	runs-on: ubuntu-latest
23	permissions:
24	id-token: write
25	contents: read
26
27	steps:
28	- uses: actions/checkout@v4
29
30	- uses: aws-actions/configure-aws-credentials@v4
31	with:
32	aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
33	aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
34	aws-region: ${{ env.AWS_REGION }}
35
36	- uses: aws-actions/amazon-ecr-login@v2
37	id: ecr
38
39	- name: Build and push image
40	env:
41	ECR_REGISTRY: ${{ steps.ecr.outputs.registry }}
42	IMAGE_TAG: ${{ github.sha }}
43	run: \|
44	docker build \
45	-t $ECR_REGISTRY/$ECR_REPO:$IMAGE_TAG \
46	-t $ECR_REGISTRY/$ECR_REPO:latest \
47	.
48	docker push $ECR_REGIS