Skip to content

Merge pull request #61 from bendsouza2/documentation/py-docstrings #6

Merge pull request #61 from bendsouza2/documentation/py-docstrings

Merge pull request #61 from bendsouza2/documentation/py-docstrings #6

name: Deploy to EC2
on:
workflow_dispatch:
push:
branches:
- main
paths:
- app/**
jobs:
deploy:
name: Deploy to EC2
permissions:
id-token: write
contents: read
runs-on: ubuntu-latest
env:
AWS_INSTANCE_SG_ID: ${{ secrets.AWS_INSTANCE_SG_ID }}
AWS_REGION: eu-west-2
AWS_ACCOUNT_ID: ${{ secrets.AWS_ACCOUNT_ID}}
AWS_ROLE_NAME: ${{ secrets.AWS_ROLE_NAME}}
steps:
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v2
with:
role-to-assume: arn:aws:iam::${{ secrets.AWS_ACCOUNT_ID }}:role/${{ secrets.AWS_ROLE_NAME }}
aws-region: ${{ env.AWS_REGION }}
role-session-name: GHActionsBackendDeployment
web-identity-token-file: ${{ env.ACTIONS_ID_TOKEN_REQUEST_TOKEN }}
- name: Get runner public IP address
id: ip
uses: haythem/public-ip@v1.2
- name: Whitelist GitHub Actions runner IP address
run: |
echo "Adding runner IP address to security group..."
aws ec2 authorize-security-group-ingress \
--group-id $AWS_INSTANCE_SG_ID \
--protocol tcp \
--port 22 \
--cidr ${{ steps.ip.outputs.ipv4 }}/32
- name: Deploy to EC2
uses: appleboy/ssh-action@v0.1.7
with:
host: ${{ secrets.EC2_HOST }}
username: ubuntu
key: ${{ secrets.EC2_SSH_KEY }}
script: |
cd ~/yt_translator
sudo app/post_update.sh
- name: Revoke GitHub Actions runner IP address
run: |
echo "Removing runner IP address from security group..."
aws ec2 revoke-security-group-ingress \
--group-id $AWS_INSTANCE_SG_ID \
--protocol tcp \
--port 22 \
--cidr ${{ steps.ip.outputs.ipv4 }}/32