1+ name : Build and Deploy littleX
2+
3+ on :
4+ release :
5+ types : [published]
6+ workflow_dispatch :
7+
8+ permissions :
9+ id-token : write
10+ contents : read
11+
12+ jobs :
13+ deploy-littleX : # TODO: need to change the tags below
14+ if : startsWith(github.ref, 'refs/tags/littleX-') || startsWith(github.ref, 'refs/tags/v')
15+ runs-on : ubuntu-latest
16+ outputs :
17+ tag : ${{ steps.tag.outputs.tag }}
18+
19+ permissions :
20+ id-token : write
21+ contents : read
22+
23+ steps :
24+ # Checkout the repository
25+ - name : Checkout code
26+ uses : actions/checkout@v4
27+
28+ # Set up QEMU for multi-architecture builds
29+ - name : Set up QEMU
30+ uses : docker/setup-qemu-action@v3
31+
32+ # Set up Docker Buildx for multi-architecture builds
33+ - name : Set up Docker Buildx
34+ uses : docker/setup-buildx-action@v3
35+
36+ # Configure AWS credentials
37+ - name : Configure AWS Credentials
38+ uses :
aws-actions/[email protected] 39+ with :
40+ aws-region : us-east-2
41+ role-to-assume : arn:aws:iam::776241927220:role/GitHubActionsSharedECRRole
42+ role-session-name : GitHubActions
43+ audience : sts.amazonaws.com
44+
45+ - name : Debug AWS Credentials
46+ run : |
47+ aws sts get-caller-identity
48+
49+ name : Debug OIDC Token
50+ run : |
51+ echo "OIDC_TOKEN=$ACTIONS_ID_TOKEN_REQUEST_TOKEN"
52+ curl -H "Authorization: bearer $ACTIONS_ID_TOKEN_REQUEST_TOKEN" "$ACTIONS_ID_TOKEN_REQUEST_URL&audience=sts.amazonaws.com"
53+
54+ # Login to AWS ECR
55+ - name : Login to Amazon ECR
56+ id : login-ecr
57+ uses : aws-actions/amazon-ecr-login@v2
58+
59+ # Extract tag name from GitHub ref
60+ - name : Get tag name
61+ id : tag
62+ run : |
63+ if [[ "${{ github.event_name }}" == "workflow_dispatch" ]]; then
64+ # Manual dispatch - use timestamp
65+ TAG="manual-$(date +%Y%m%d-%H%M%S)"
66+ elif [[ "${{ github.event_name }}" == "release" ]]; then
67+ # Release event - clean tag name
68+ TAG_NAME=${GITHUB_REF#refs/tags/}
69+
70+ # Remove prefixes: littleX-v1.2.3 -> v1.2.3 or littleX-1.2.3 -> 1.2.3
71+ if [[ $TAG_NAME =~ ^littleX-(.+)$ ]]; then
72+ TAG="${BASH_REMATCH[1]}"
73+ elif [[ $TAG_NAME =~ ^v(.+)$ ]]; then
74+ TAG="$TAG_NAME"
75+ else
76+ # Use tag as-is if no prefix
77+ TAG="$TAG_NAME"
78+ fi
79+ else
80+ # Fallback
81+ TAG="latest"
82+ fi
83+
84+ echo "Tag: $TAG"
85+ echo "Event: ${{ github.event_name }}"
86+ echo "Original Tag Name: ${TAG_NAME:-N/A}"
87+ echo "tag=$TAG" >> $GITHUB_OUTPUT
88+
89+ # Build and push Docker image
90+ - name : Build and push Docker image
91+ env :
92+ ECR_REGISTRY : 776241927220.dkr.ecr.us-east-2.amazonaws.com
93+ ECR_REPOSITORY : littleX/jac
94+ IMAGE_TAG : ${{ steps.tag.outputs.tag }}
95+ run : |
96+ echo "Building and pushing to: $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG"
97+
98+ # Build and push multi-architecture image
99+ docker buildx build \
100+ --platform linux/amd64 \
101+ -t $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG \
102+ -t $ECR_REGISTRY/$ECR_REPOSITORY:latest \
103+ --push \
104+ .
105+ working-directory : littleX_BE
106+
107+ deploy-littleX-webapp : # TODO: need to change the tags below
108+ if : startsWith(github.ref, 'refs/tags/littleX-') || startsWith(github.ref, 'refs/tags/v')
109+ runs-on : ubuntu-latest
110+ outputs :
111+ tag : ${{ steps.tag.outputs.tag }}
112+
113+ permissions :
114+ id-token : write
115+ contents : read
116+
117+ steps :
118+ # Checkout the repository
119+ - name : Checkout code
120+ uses : actions/checkout@v4
121+
122+ # Set up QEMU for multi-architecture builds
123+ - name : Set up QEMU
124+ uses : docker/setup-qemu-action@v3
125+
126+ # Set up Docker Buildx for multi-architecture builds
127+ - name : Set up Docker Buildx
128+ uses : docker/setup-buildx-action@v3
129+
130+ # Configure AWS credentials
131+ - name : Configure AWS Credentials
132+ uses :
aws-actions/[email protected] 133+ with :
134+ aws-region : us-east-2
135+ role-to-assume : arn:aws:iam::776241927220:role/GitHubActionsSharedECRRole
136+ role-session-name : GitHubActions
137+ audience : sts.amazonaws.com
138+
139+ - name : Debug AWS Credentials
140+ run : |
141+ aws sts get-caller-identity
142+
143+ name : Debug OIDC Token
144+ run : |
145+ echo "OIDC_TOKEN=$ACTIONS_ID_TOKEN_REQUEST_TOKEN"
146+ curl -H "Authorization: bearer $ACTIONS_ID_TOKEN_REQUEST_TOKEN" "$ACTIONS_ID_TOKEN_REQUEST_URL&audience=sts.amazonaws.com"
147+
148+ # Login to AWS ECR
149+ - name : Login to Amazon ECR
150+ id : login-ecr
151+ uses : aws-actions/amazon-ecr-login@v2
152+
153+ # Extract tag name from GitHub ref
154+ - name : Get tag name
155+ id : tag
156+ run : |
157+ if [[ "${{ github.event_name }}" == "workflow_dispatch" ]]; then
158+ # Manual dispatch - use timestamp
159+ TAG="manual-$(date +%Y%m%d-%H%M%S)"
160+ elif [[ "${{ github.event_name }}" == "release" ]]; then
161+ # Release event - clean tag name
162+ TAG_NAME=${GITHUB_REF#refs/tags/}
163+
164+ # Remove prefixes: littleX-v1.2.3 -> v1.2.3 or littleX-1.2.3 -> 1.2.3
165+ if [[ $TAG_NAME =~ ^littleX-(.+)$ ]]; then
166+ TAG="${BASH_REMATCH[1]}"
167+ elif [[ $TAG_NAME =~ ^v(.+)$ ]]; then
168+ TAG="$TAG_NAME"
169+ else
170+ # Use tag as-is if no prefix
171+ TAG="$TAG_NAME"
172+ fi
173+ else
174+ # Fallback
175+ TAG="latest"
176+ fi
177+
178+ echo "Tag: $TAG"
179+ echo "Event: ${{ github.event_name }}"
180+ echo "Original Tag Name: ${TAG_NAME:-N/A}"
181+ echo "tag=$TAG" >> $GITHUB_OUTPUT
182+
183+ # Build and push webapp Docker image
184+ - name : Build and push webapp Docker image
185+ env :
186+ ECR_REGISTRY : 776241927220.dkr.ecr.us-east-2.amazonaws.com
187+ ECR_REPOSITORY : littleX/webapp
188+ IMAGE_TAG : ${{ steps.tag.outputs.tag }}
189+ run : | # TODO: this is not a vite application but next based frontend
190+ echo "Building and pushing webapp to: $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG"
191+ # Build and push AMD64-only image (following deployment template)
192+ docker buildx build \
193+ --platform linux/amd64 \
194+ --build-arg VITE_API_URL=https://littleX-api.jaseci.org \
195+ -t $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG \
196+ -t $ECR_REGISTRY/$ECR_REPOSITORY:latest \
197+ --push \
198+ .
199+ working-directory : littleX_BE
200+
201+ summary :
202+ needs : [deploy-littleX, deploy-littleX-webapp]
203+ runs-on : ubuntu-latest
204+ if : always()
205+ steps :
206+ - name : Build and Push Summary
207+ run : |
208+ echo "## littleX Build and Push Summary" >> $GITHUB_STEP_SUMMARY
209+ echo "### Backend (JAC Server)" >> $GITHUB_STEP_SUMMARY
210+ echo "- **Image Tag**: ${{ needs.deploy-littleX.outputs.tag }}" >> $GITHUB_STEP_SUMMARY
211+ echo "- **ECR Repository**: 776241927220.dkr.ecr.us-east-2.amazonaws.com/littleX/jac" >> $GITHUB_STEP_SUMMARY
212+ echo "- **Status**: ${{ needs.deploy-littleX.result }}" >> $GITHUB_STEP_SUMMARY
213+ echo "- **API Endpoint**: https://littleX-api.jaseci.org" >> $GITHUB_STEP_SUMMARY
214+ echo "" >> $GITHUB_STEP_SUMMARY
215+ echo "### Frontend (Webapp)" >> $GITHUB_STEP_SUMMARY
216+ echo "- **Image Tag**: ${{ needs.deploy-littleX-webapp.outputs.tag }}" >> $GITHUB_STEP_SUMMARY
217+ echo "- **ECR Repository**: 776241927220.dkr.ecr.us-east-2.amazonaws.com/littleX/webapp" >> $GITHUB_STEP_SUMMARY
218+ echo "- **Status**: ${{ needs.deploy-littleX-webapp.result }}" >> $GITHUB_STEP_SUMMARY
219+ echo "- **Frontend URL**: https://X.jaseci.org" >> $GITHUB_STEP_SUMMARY
220+ echo "" >> $GITHUB_STEP_SUMMARY
221+ echo "**Note**: Deployment will be handled automatically by Flux in the infrastructure repository." >> $GITHUB_STEP_SUMMARY
0 commit comments