chore(cilogon): expand membership/role sync logging for debugging #368
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Build container and push to AWS ECR | |
| on: | |
| push: | |
| branches: | |
| - main | |
| - production | |
| - dev | |
| - wordpress-cilogon | |
| name: AWS ECR Build & Push | |
| env: | |
| BRANCH_NAME: ${{ github.base_ref || github.ref_name }} | |
| ECR_REGISTRY: ${{ secrets.AWS_ACCOUNT_ID }}.dkr.ecr.${{ secrets.AWS_REGION }}.amazonaws.com | |
| jobs: | |
| build-nginx: | |
| name: Build and Push Nginx | |
| runs-on: ubuntu-24.04-arm | |
| permissions: | |
| id-token: write | |
| contents: read | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| with: | |
| token: ${{ secrets.GH_PAT }} | |
| - name: Configure AWS credentials | |
| uses: aws-actions/configure-aws-credentials@v4 | |
| with: | |
| aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| aws-region: ${{ secrets.AWS_REGION }} | |
| - name: Login to Amazon ECR | |
| id: login-ecr | |
| uses: aws-actions/amazon-ecr-login@v2 | |
| with: | |
| mask-password: true | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Build and push nginx image | |
| uses: docker/build-push-action@v5 | |
| with: | |
| context: . | |
| file: Dockerfile.nginx | |
| push: true | |
| tags: ${{ env.ECR_REGISTRY }}/commons-wordpress-nginx:${{ env.BRANCH_NAME }} | |
| cache-from: type=registry,ref=${{ env.ECR_REGISTRY }}/commons-wordpress-nginx:cache | |
| cache-to: type=registry,ref=${{ env.ECR_REGISTRY }}/commons-wordpress-nginx:cache,mode=max | |
| build-app: | |
| name: Build and Push App | |
| runs-on: ubuntu-24.04-arm | |
| permissions: | |
| id-token: write | |
| contents: read | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| with: | |
| token: ${{ secrets.GH_PAT }} | |
| - name: Configure AWS credentials | |
| uses: aws-actions/configure-aws-credentials@v4 | |
| with: | |
| aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| aws-region: ${{ secrets.AWS_REGION }} | |
| - name: Login to Amazon ECR | |
| id: login-ecr | |
| uses: aws-actions/amazon-ecr-login@v2 | |
| with: | |
| mask-password: true | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Build and push app image | |
| uses: docker/build-push-action@v5 | |
| with: | |
| context: . | |
| file: Dockerfile.php | |
| target: cloud | |
| push: true | |
| tags: ${{ env.ECR_REGISTRY }}/commons-wordpress-app:${{ env.BRANCH_NAME }} | |
| build-args: | | |
| BASE_IMAGE=${{ env.ECR_REGISTRY }}/commons-wordpress-base:latest | |
| cache-from: type=registry,ref=${{ env.ECR_REGISTRY }}/commons-wordpress-app:cache | |
| cache-to: type=registry,ref=${{ env.ECR_REGISTRY }}/commons-wordpress-app:cache,mode=max | |
| deploy-staging: | |
| name: Force Redeploy to Staging | |
| if: github.ref_name == 'wordpress-cilogon' | |
| needs: [build-nginx, build-app] | |
| runs-on: ubuntu-latest | |
| permissions: | |
| id-token: write | |
| contents: read | |
| steps: | |
| - name: Configure AWS credentials | |
| uses: aws-actions/configure-aws-credentials@v4 | |
| with: | |
| aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| aws-region: ${{ secrets.AWS_REGION }} | |
| - name: Force redeploy ECS service | |
| run: | | |
| aws ecs update-service \ | |
| --cluster wordpress-staging \ | |
| --service wp-staging \ | |
| --force-new-deployment |