Skip to content

Commit 9d6105d

Browse files
authored
ci(mcp): render and deploy task definition to ECS (#7716)
Signed-off-by: germangarces <german.garces@flagsmith.com>
1 parent a8a7758 commit 9d6105d

1 file changed

Lines changed: 58 additions & 4 deletions

File tree

.github/workflows/mcp-docker-build-publish.yml renamed to .github/workflows/mcp-docker-build-publish-deploy.yml

Lines changed: 58 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -1,10 +1,10 @@
1-
name: MCP Build Docker Image and Publish
1+
name: MCP Build, Publish and Deploy
22

33
on:
44
pull_request:
55
paths:
66
- mcp/**
7-
- .github/workflows/mcp-docker-build-publish.yml
7+
- .github/workflows/mcp-docker-build-publish-deploy.yml
88
- .github/workflows/.reusable-docker-build.yml
99
- .github/workflows/.reusable-docker-publish.yml
1010
types: [opened, synchronize, reopened, ready_for_review]
@@ -13,12 +13,13 @@ on:
1313
- main
1414
paths:
1515
- mcp/**
16-
- .github/workflows/mcp-docker-build-publish.yml
16+
- .github/workflows/mcp-docker-build-publish-deploy.yml
1717
- .github/workflows/.reusable-docker-build.yml
1818
- .github/workflows/.reusable-docker-publish.yml
1919
release:
2020
types:
2121
- released
22+
workflow_dispatch:
2223

2324
jobs:
2425
docker-build-mcp:
@@ -60,7 +61,7 @@ jobs:
6061
docker-publish-ecr-staging-mcp:
6162
name: Publish MCP image to staging ECR
6263
needs: [docker-build-mcp]
63-
if: github.event_name == 'push'
64+
if: github.event_name == 'push' || github.event_name == 'workflow_dispatch'
6465
runs-on: depot-ubuntu-latest
6566
# The OIDC role trusts jobs running in the staging environment.
6667
environment: staging
@@ -99,6 +100,7 @@ jobs:
99100
tags: |
100101
type=ref,event=branch
101102
type=sha
103+
type=raw,value=latest
102104
103105
# Setup Docker buildx with Depot builder so imagetools have access to Depot cache
104106
- uses: depot/use-action@v1
@@ -153,6 +155,7 @@ jobs:
153155
tags: |
154156
type=semver,pattern={{version}}
155157
type=semver,pattern={{major}}.{{minor}}
158+
type=raw,value=latest
156159
157160
# Setup Docker buildx with Depot builder so imagetools have access to Depot cache
158161
- uses: depot/use-action@v1
@@ -162,3 +165,54 @@ jobs:
162165
with:
163166
sources: ${{ needs.docker-build-mcp.outputs.image }}
164167
tags: ${{ steps.meta.outputs.tags }}
168+
169+
deploy-ecr-staging-mcp:
170+
name: Deploy MCP to staging
171+
needs: [docker-publish-ecr-staging-mcp]
172+
if: github.event_name == 'push' || github.event_name == 'workflow_dispatch'
173+
runs-on: depot-ubuntu-latest
174+
environment: staging
175+
permissions:
176+
contents: read
177+
id-token: write
178+
steps:
179+
- name: Configure AWS credentials
180+
uses: aws-actions/configure-aws-credentials@v6
181+
with:
182+
role-to-assume: ${{ vars.MCP_ECR_GITHUB_ROLE_ARN }}
183+
aws-region: eu-west-2
184+
185+
- name: Roll the service onto the new image
186+
run: |
187+
aws ecs update-service \
188+
--cluster "$CLUSTER" --service "$SERVICE" --force-new-deployment
189+
aws ecs wait services-stable --cluster "$CLUSTER" --services "$SERVICE"
190+
env:
191+
CLUSTER: ${{ vars.AWS_ECS_CLUSTER_NAME }}
192+
SERVICE: ${{ vars.AWS_ECS_MCP_SERVICE_NAME }}
193+
194+
deploy-ecr-mcp:
195+
name: Deploy MCP to production
196+
needs: [docker-publish-ecr-mcp]
197+
if: github.event_name == 'release'
198+
runs-on: depot-ubuntu-latest
199+
# The OIDC role trusts jobs running in the production environment.
200+
environment: production
201+
permissions:
202+
contents: read
203+
id-token: write
204+
steps:
205+
- name: Configure AWS credentials
206+
uses: aws-actions/configure-aws-credentials@v6
207+
with:
208+
role-to-assume: ${{ vars.MCP_ECR_GITHUB_ROLE_ARN }}
209+
aws-region: eu-west-2
210+
211+
- name: Roll the service onto the new image
212+
run: |
213+
aws ecs update-service \
214+
--cluster "$CLUSTER" --service "$SERVICE" --force-new-deployment
215+
aws ecs wait services-stable --cluster "$CLUSTER" --services "$SERVICE"
216+
env:
217+
CLUSTER: ${{ vars.MCP_ECS_CLUSTER }}
218+
SERVICE: ${{ vars.MCP_ECS_SERVICE }}

0 commit comments

Comments
 (0)