Versions Compared

Old Version 6

changes.mady.by.user Joe Ferris

Saved on

compared with

New Version Current

changes.mady.by.user Joe Ferris

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

GitHub Actions will start building and pushing Docker images for your application to ECR whenever developers open pull requests.

Continuous Deployment

For One of the application roles for each stage of the software development lifecycle , create a GitHub Actions workflow in your application repository to deploy the latest images and manifests to the cluster. These Actions can be triggered when pull requests are opened by defining triggers in the Job itself. Resources related to the workflow should be provisioned in the Operations account.

Code Block
infra/
  cd/
    APPLICATION/

  • An IAM OIDC provider which trusts your GitHub Actions workflow. If you used the landing zone template, one will already be created in workload accounts and you can locate its ARN using the SSM parameter /GitHubActions/OIDCProviderArn.

  • An IAM role that can be assumed by GitHub using OIDC and deploy to each cluster. You can use the github-actions-eks-deploy Terraform module.

    Code Block
    module "deploy_role" {
  source = "github.com/thoughtbot/terraform-eks-cicd//modules/github-actions-eks-deploy-role?ref=v0.1.1"

  cluster_names         = ["example-sandbox-v1"]
  github_branches       = ["main"]
  github_organization   = "example-org"
  github_repository     = "example-app"
  iam_oidc_provider_arn = data.aws_ssm_parameter.iam_oidc_provider_arn.value
  name                  = "example-staging-deploy"
}

data "aws_ssm_parameter" "iam_oidc_provider_arn" {
  name = "/GitHubActions/OIDCProviderArn"
}

  • Helm or Kustomize manifests to describe how the application should run in the Kubernetes cluster.

  • A GitHub Actions Job for deploying the latest Docker images and manifests to the cluster.

Once a GitHub Actions Job is successfully created, it will be triggered to deploy your application whenever a pull request is merged. The artifacts from the manifest project will be provided to the deploy job, which can apply the manifests to the clusteris a deploy role, which can be used by CI/CD pipelines to deploy new versions of the application. You can assume this role from your deployment GitHub workflow using the configure-aws-credentials action.

You can use the k8s-bake action to generate Kubernetes manifests for your application. There is a helm-rails Helm chart you can use with this action to deploy a Rails application.

Finally, you can use the k8s-deploy action to apply the updated manifests to your cluster.

Once configured, deployments will kick off in GitHub Actions whenever you push code to the appropriate branch in your source repository.