Skip to content

test new deployment flow #681

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
charmingduchess merged 2 commits into from
Mar 17, 2026
Merged

test new deployment flow #681

Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
3dcbf33
refactor
charmingduchess Mar 12, 2026
66b2af2
Merge pull request #668 from NYPL/noref-refactor-deployment
charmingduchess Mar 17, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
133 changes: 20 additions & 113 deletions .github/workflows/test-and-deploy.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,11 @@ name: Unit Tests

on: [push]

# Global environment variable based on the branch name
env:
ENV_TAG: ${{ github.ref_name }}
ECR_REPOSITORY: discovery-api

jobs:
tests:
runs-on: ubuntu-latest
Expand All @@ -15,114 +20,15 @@ jobs:
run: npm ci
- name: Unit Tests
run: npm test
integration-test-qa:
permissions:
id-token: write
contents: read
runs-on: ubuntu-latest
needs: tests
if: github.ref == 'refs/heads/qa'
steps:
- uses: actions/checkout@v4
- name: Set Node version
uses: actions/setup-node@v4
with:
node-version-file: '.nvmrc'
- name: Install dependencies
run: npm ci
- name: Start service
run: ENV=qa npm start &
- name: Run tests
run: npm run test-integration
deploy-qa:
permissions:
id-token: write
contents: read
runs-on: ubuntu-latest
needs:
- tests
if: github.ref == 'refs/heads/qa'
steps:
- name: Checkout repo
uses: actions/checkout@v3

- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v2
with:
role-to-assume: arn:aws:iam::946183545209:role/GithubActionsDeployerRole
aws-region: us-east-1
- name: Log in to ECR
id: login-ecr
uses: aws-actions/amazon-ecr-login@v1
- name: Back up previous image for rollback
env:
ECR_REPOSITORY: discovery-api
run: |
MANIFEST=$(aws ecr batch-get-image --repository-name $ECR_REPOSITORY --image-ids imageTag="qa-latest" --output json | jq --raw-output --join-output '.images[0].imageManifest')
PREVIOUS_MANIFEST=$(aws ecr batch-get-image --repository-name $ECR_REPOSITORY --image-ids imageTag="qa-previous" --output json | jq --raw-output --join-output '.images[0].imageManifest')
if [ "$MANIFEST" != "$PREVIOUS_MANIFEST" ]; then aws ecr put-image --repository-name $ECR_REPOSITORY --image-tag "qa-previous" --image-manifest "$MANIFEST"; fi
- name: Build, tag, and push image to Amazon ECR
env:
ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }}
ECR_REPOSITORY: discovery-api
IMAGE_TAG: ${{ github.sha }}
run: |
docker build -t $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG .
docker push $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG
docker tag $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG $ECR_REGISTRY/$ECR_REPOSITORY:qa-latest
docker push $ECR_REGISTRY/$ECR_REPOSITORY:qa-latest
- name: Force ECS Update
run: |
aws ecs update-service --cluster discovery-api-qa --service discovery-api-qa --force-new-deployment
deploy-qa2:
permissions:
id-token: write
contents: read
runs-on: ubuntu-latest
needs:
- tests
if: github.ref == 'refs/heads/qa2'
steps:
- name: Checkout repo
uses: actions/checkout@v3

- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v2
with:
role-to-assume: arn:aws:iam::946183545209:role/GithubActionsDeployerRole
aws-region: us-east-1

- name: Log in to ECR
id: login-ecr
uses: aws-actions/amazon-ecr-login@v1
- name: Back up previous image for rollback
env:
ECR_REPOSITORY: discovery-api
run: |
MANIFEST=$(aws ecr batch-get-image --repository-name $ECR_REPOSITORY --image-ids imageTag="qa2-latest" --output json | jq --raw-output --join-output '.images[0].imageManifest')
PREVIOUS_MANIFEST=$(aws ecr batch-get-image --repository-name $ECR_REPOSITORY --image-ids imageTag="qa2-previous" --output json | jq --raw-output --join-output '.images[0].imageManifest')
if [ "$MANIFEST" != "$PREVIOUS_MANIFEST" ]; then aws ecr put-image --repository-name $ECR_REPOSITORY --image-tag "qa2-previous" --image-manifest "$MANIFEST"; fi
- name: Build, tag, and push image to Amazon ECR
env:
ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }}
ECR_REPOSITORY: discovery-api
IMAGE_TAG: ${{ github.sha }}
run: |
docker build -t $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG .
docker push $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG
docker tag $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG $ECR_REGISTRY/$ECR_REPOSITORY:qa2-latest
docker push $ECR_REGISTRY/$ECR_REPOSITORY:qa2-latest

- name: Force ECS Update
run: |
aws ecs update-service --cluster discovery-api-qa2 --service discovery-api-qa2 --force-new-deployment
deploy-production:
deploy:
permissions:
id-token: write
contents: read
runs-on: ubuntu-latest
needs: tests
if: github.ref == 'refs/heads/production'
# Only run if it's one of our three deployment branches
if: contains(fromJSON('["qa", "qa2", "production"]'), github.ref_name)
steps:
- name: Checkout repo
uses: actions/checkout@v3
Expand All @@ -138,22 +44,23 @@ jobs:
uses: aws-actions/amazon-ecr-login@v1

- name: Back up previous image for rollback
env:
ECR_REPOSITORY: discovery-api
run: |
MANIFEST=$(aws ecr batch-get-image --repository-name $ECR_REPOSITORY --image-ids imageTag="production-latest" --output json | jq --raw-output --join-output '.images[0].imageManifest')
PREVIOUS_MANIFEST=$(aws ecr batch-get-image --repository-name $ECR_REPOSITORY --image-ids imageTag="production-previous" --output json | jq --raw-output --join-output '.images[0].imageManifest')
if [ "$MANIFEST" != "$PREVIOUS_MANIFEST" ]; then aws ecr put-image --repository-name $ECR_REPOSITORY --image-tag "production-previous" --image-manifest "$MANIFEST"; fi
MANIFEST=$(aws ecr batch-get-image --repository-name ${{ env.ECR_REPOSITORY }} --image-ids imageTag="${{ env.ENV_TAG }}-latest" --output json | jq --raw-output --join-output '.images[0].imageManifest')
PREVIOUS_MANIFEST=$(aws ecr batch-get-image --repository-name ${{ env.ECR_REPOSITORY }} --image-ids imageTag="${{ env.ENV_TAG }}-previous" --output json | jq --raw-output --join-output '.images[0].imageManifest')
if [ "$MANIFEST" != "$PREVIOUS_MANIFEST" ]; then
aws ecr put-image --repository-name ${{ env.ECR_REPOSITORY }} --image-tag "${{ env.ENV_TAG }}-previous" --image-manifest "$MANIFEST"
fi

- name: Build, tag, and push image to Amazon ECR
env:
ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }}
ECR_REPOSITORY: discovery-api
IMAGE_TAG: ${{ github.sha }}
run: |
docker build -t $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG .
docker push $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG
docker tag $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG $ECR_REGISTRY/$ECR_REPOSITORY:production-latest
docker push $ECR_REGISTRY/$ECR_REPOSITORY:production-latest
docker build -t $ECR_REGISTRY/${{ env.ECR_REPOSITORY }}:$IMAGE_TAG .
docker push $ECR_REGISTRY/${{ env.ECR_REPOSITORY }}:$IMAGE_TAG
docker tag $ECR_REGISTRY/${{ env.ECR_REPOSITORY }}:$IMAGE_TAG $ECR_REGISTRY/${{ env.ECR_REPOSITORY }}:${{ env.ENV_TAG }}-latest
docker push $ECR_REGISTRY/${{ env.ECR_REPOSITORY }}:${{ env.ENV_TAG }}-latest

- name: Force ECS Update
run: |
aws ecs update-service --cluster discovery-api-production --service discovery-api-production --force-new-deployment
aws ecs update-service --cluster discovery-api-${{ env.ENV_TAG }} --service discovery-api-${{ env.ENV_TAG }} --force-new-deployment
Loading