add prod deploy

2026-05-02 03:02:03 -04:00 · 2024-03-24 00:35:10 -04:00
parent 76c4a8660f
commit a280e002ed
1 changed files with 68 additions and 5 deletions
--- a/.github/workflows/build-staging-and-deploy-aws.yml
+++ b/.github/workflows/build-staging-and-deploy-aws.yml
@@ -52,10 +52,12 @@ jobs:
            POSTHOG_API_KEY=${{ secrets.PUBLIC_POSTHOG_API_KEY }}
            INFISICAL_PLATFORM_VERSION=${{ steps.extract_version.outputs.version }}
    
-  postgres-migration:
-    name: Run latest migration files
+  gamma-postgres-migration:
+    name: Run latest migration in gamma
    runs-on: ubuntu-latest
    needs: [infisical-image]
+    environment:
+      name: Gamma
    steps:
      - name: Checkout code
        uses: actions/checkout@v2
@@ -65,15 +67,18 @@ jobs:
          node-version: "20"
      - name: Change directory to backend and install dependencies
        env:
-          DB_CONNECTION_URI: ${{ secrets.AWS_DB_CONNECTION_URI }}
+          DB_CONNECTION_URI: ${{ secrets.DB_CONNECTION_URI }}
        run: |
          cd backend
          npm install
          npm run migration:latest
  gamma-deployment:
-    name: Deploy to gamma
+    name: Deploy to gamma stage
    runs-on: ubuntu-latest
-    needs: [postgres-migration]
+    needs: [gamma-postgres-migration]
+    environment:
+      name: Gamma
+      url: https://gamma.infisical.com
    steps:
      - name: ☁️ Checkout source
        uses: actions/checkout@v3
@@ -104,3 +109,61 @@ jobs:
          service: infisical-prod-platform
          cluster: infisical-prod-platform
          wait-for-service-stability: true
+
+  production-postgres-migration:
+    name: Run latest migration in production
+    runs-on: ubuntu-latest
+    needs: [gamma-deployment]
+    environment:
+      name: Production
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v2
+      - name: Setup Node.js environment
+        uses: actions/setup-node@v2
+        with:
+          node-version: "20"
+      - name: Change directory to backend and install dependencies
+        env:
+          DB_CONNECTION_URI: ${{ secrets.DB_CONNECTION_URI }}
+        run: |
+          cd backend
+          npm install
+          npm run migration:latest
+  prod-deployment:
+    name: Deploy to production stage
+    runs-on: ubuntu-latest
+    needs: [production-postgres-migration]
+    environment:
+      name: Production
+      url: https://app.infisical.com
+    steps:
+      - name: ☁️ Checkout source
+        uses: actions/checkout@v3
+      - name: Configure AWS Credentials 
+        uses: aws-actions/configure-aws-credentials@v4
+        with:
+          audience: sts.amazonaws.com
+          aws-region: us-east-1
+          role-to-assume: arn:aws:iam::135906656851:role/github-action-deploy-prod
+      - name: Save commit hashes for tag
+        id: commit
+        uses: pr-mpt/actions-commit-hash@v2
+      - name: Download task definition
+        run: |
+          aws ecs describe-task-definition --task-definition infisical-prod-platform --query taskDefinition > task-definition.json
+      - name: Render Amazon ECS task definition
+        id: render-web-container
+        uses: aws-actions/amazon-ecs-render-task-definition@v1
+        with:
+          task-definition: task-definition.json
+          container-name: infisical-prod-platform
+          image: infisical/staging_infisical:${{ steps.commit.outputs.short }}
+          environment-variables: "LOG_LEVEL=info"
+      - name: Deploy to Amazon ECS service
+        uses: aws-actions/amazon-ecs-deploy-task-definition@v1
+        with:
+          task-definition: ${{ steps.render-web-container.outputs.task-definition }}
+          service: infisical-prod-platform
+          cluster: infisical-prod-platform
+          wait-for-service-stability: true