We Keep Coding

How to pass custom environment variables related to specific environment in Github Actions

I would like to use custom environment variables related to specific environment based on environment selection from dropdown during deployment. How to get the custom variables related to specific environment from environment variable section. Any suggestions on how this can be achieved.
name: Adios CD pipeline.
on:
workflow_dispatch:
inputs:
ENVIRONMENT:
type: choice
description: 'Select the Environment to deploy'
required: true
options:
- dev
- qa
- uat
- load
- prod
default: 'dev'
env:
Dev:
AWS_REGION: "us-east-1"
STAGE: "${{ github.event.inputs.ENVIRONMENT }}"
SYSTEM: "ADIOSAPP"
QA:
AWS_REGION: "us-east-1"
STAGE: "${{ github.event.inputs.ENVIRONMENT }}"
SYSTEM: "ADIOSAPP"
jobs:
build:
name: "Deploying ${{ github.ref_name }} branch to ${{ github.event.inputs.ENVIRONMENT }} environment"
runs-on: ubuntu-latest
environment: ${{ github.event.inputs.ENVIRONMENT }}
steps:
- name: Checkout
uses: actions/checkout#v3
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials#v1
with:
aws-region: ${{ env.AWS_REGION }}

As you already know mapping is not allowed at this place, byt you could use fromJson to mimic this:
on:
workflow_dispatch:
inputs:
ENVIRONMENT:
type: choice
description: 'Select the Environment to deploy'
required: true
options:
- dev
- qa
- uat
- load
- prod
default: 'dev'
env:
AWS_REGION: ${{ fromJSON('{"dev":"us-east-1","qa":"us-east-1"}')[github.event.inputs.ENVIRONMENT] }}
STAGE: "${{ github.event.inputs.ENVIRONMENT }}"
SYSTEM: ${{ fromJSON('{"dev":"ADIOSAPP","qa":"ADIOSAPP"}')[github.event.inputs.ENVIRONMENT] }}
jobs:
build:
name: "Deploying ${{ github.ref_name }} branch to ${{ github.event.inputs.ENVIRONMENT }} environment"
runs-on: ubuntu-latest
#environment: ${{ github.event.inputs.ENVIRONMENT }}
steps:
- name: Checkout
uses: actions/checkout#v3
- name: Print env
run: echo "${{ env.AWS_REGION }}"

I think you can also use secrets in different environments.

github composite action checkout detach

I have created a composite action see the link for running a Sonarcloud analysis for dotnet projects.
name: Sonarcloud
description: Sonarcloud
inputs:
sonar_project_key:
required: true
type: string
github_token:
required: true
type: string
sonar_token:
required: true
type: string
runs:
using: "composite"
steps:
- name: Set up JDK 11
uses: actions/setup-java#v1
with:
java-version: 1.11
- name: Install dotnet SonarCloud scanner
shell: powershell
run: |
dotnet tool install --global dotnet-sonarscanner
- name: Build and analyze
shell: powershell
env:
GITHUB_TOKEN: ${{ inputs.github_token }}
SONAR_TOKEN: ${{ inputs.sonar_token }}
run: |
dotnet sonarscanner begin /k:"${{ inputs.sonar_project_key }}" /o:"my-org" /d:sonar.login="${{ inputs.sonar_token }}" /d:sonar.host.url="https://sonarcloud.io" /d:sonar.cs.opencover.reportsPaths="**/coverage.opencover.xml"
dotnet build --configuration Release
dotnet test --no-restore --configuration Release --verbosity normal /p:CollectCoverage=true /p:CoverletOutputFormat=opencover
dotnet sonarscanner end /d:sonar.login="${{ inputs.sonar_token }}"
Then follow the link I have to create a release with the tag "v1" something like: "my-org/sonarcloud#v1" and then used it in another repository as follows:
name: Sonarcloud
on:
push:
branches:
- main
pull_request:
types: [opened, synchronize, reopened]
workflow_call:
secrets:
SONAR_TOKEN:
required: true
workflow_dispatch: ~
jobs:
build:
name: Build
runs-on: windows-latest
steps:
- uses: actions/checkout#v3
with:
submodules: 'true'
fetch-depth: 0
- uses: microsoft/variable-substitution#v1
with:
files: 'tests/IntegrationTests/tests.settings.json'
env:
ConnectionString: ${{ secrets.CONNECTIONSTRING }} # please note that in this repo is connection string but it could vary from repo to repo,
# maybe in another repo I need to substitute a Sas token for example
# so I cannot move the variable substitution to the composite action
- uses: actions/checkout#v3
- id: sonarcloud
uses: my-org/sonarcloud#v1
with:
sonar_project_key: 'my-project'
sonar_token: ${{ secrets.SONAR_TOKEN }}
github_token: ${{ secrets.GITHUB_TOKEN }}
Check that I need to modify the "tests.settings.json" file in order to provide a valid connection string for the Tests to work.
Now the problem. The transformation is being conducted properly but here:
- uses: actions/checkout#v3
- id: sonarcloud
uses: my-org/sonarcloud#v1
git realize that "test.settings.json" has been modified and restore it to original version (that not contain the connection string) and the test fail.
here are the logs of the workflow:
2022-04-29T10:56:04.3078283Z [command]"C:\Program Files\Git\bin\git.exe" checkout --detach
2022-04-29T10:56:04.8735279Z M tests/IntegrationTests/tests.settings.json
2022-04-29T10:56:04.8736695Z HEAD is now at 5e6cf4b fix
So how can I avoid this behavior in the second checkout that is needed in order to get the composite action?.
thanks

I have found the problem! The second
uses: actions/checkout#v3
was not needed. To fix it just removed.
Replace this:
- uses: actions/checkout#v3
- id: sonarcloud
uses: my-org/sonarcloud#v1
with:
sonar_project_key: 'my-project'
sonar_token: ${{ secrets.SONAR_TOKEN }}
github_token: ${{ secrets.GITHUB_TOKEN }}
By:
- id: sonarcloud
uses: my-org/sonarcloud#v1
with:
sonar_project_key: 'my-project'
sonar_token: ${{ secrets.SONAR_TOKEN }}
github_token: ${{ secrets.GITHUB_TOKEN }}

AWS CI/CD with GItHub Actions and Code Deploy to the EC2 instance

I am trying to do ci/cd with github actions and aws code deploy to the ec2 instance.
I have one ec2 instance and three github repositories(each repository has their own gitflow as well)
name: Deployment
on:
push:
branches:
- main
pull_request:
branches:
- main
jobs:
buildAndTest:
name: CI Pipeline
runs-on: ubuntu-latest
strategy:
matrix:
node-version: [ '14.x' ]
steps:
- uses: actions/checkout#v2
# Initialize Node.js
- name: Install Node.js ${{ matrix.node-version }}
uses: actions/setup-node#v1
with:
node-version: ${{ matrix.node-version }}
# Install project dependencies, test and build
- name: Install dependencies
run: yarn
- name: Run build
run: yarn build
deploy:
runs-on: ubuntu-latest
strategy:
matrix:
node-version: ['14.x']
appname: ['app_name']
deploy-group: ['group_name']
region: ['region']
needs: [buildAndTest]
if: github.ref == 'refs/heads/main'
steps:
- uses: actions/checkout#v2
# Initialize Node.js
- name: Install Node.js ${{ matrix.node-version }}
uses: actions/setup-node#v1
with:
node-version: ${{ matrix.node-version }}
# Step 1
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials#v1
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: ${{ matrix.region }}
# Step 2
- name: Create CodeDeploy Deployment
id: deploy
run: |
aws deploy create-deployment \
--application-name ${{ matrix.appname }} \
--deployment-group-name ${{ matrix.deploy-group }} \
--deployment-config-name CodeDeployDefault.OneAtATime \
--github-location repository=${{ github.repository }},commitId=${{ github.sha }}
It works good when I push or do pull request to one repo, but when I push two repo at once which means I am gonna push and deploy concurrently, only one is success and another one is failed.
version: 0.0
os: linux
files:
- source: .
destination: /var/www/source
hooks:
ApplicationStart:
- location: deploy.sh // yarn install and restart server.
timeout: 300
runas: root
What is really curious is that except main location(in ec2), some files excluding build or so in other repos(two) are removed ???
I am using the same application and group id for three repositories and Is it a problem?
Any help would be super helpful :)

AWS CodeDeploy application group can not make two deployments at the same time.

Github actions Error: Input required and not supplied: task-definition

[![enter image description here][2]][2]
on:
push:
branches:
- soubhagya
name: Deploy to Amazon ECS
jobs:
deploy:
name: Deploy
runs-on: ubuntu-latest
environment: production
steps:
- name: Checkout
uses: actions/checkout#v2
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials#v1
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: af-south-1
- name: Login to Amazon ECR
id: login-ecr
uses: aws-actions/amazon-ecr-login#v1
- name: Build, tag, and push image to Amazon ECR
id: build-image
env:
ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }}
ECR_REPOSITORY: new-cgafrica-backend
IMAGE_TAG: ${{ github.sha }}
run: |
# Build a docker container and
# push it to ECR so that it can
# be deployed to ECS.
docker build -t $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG .
docker push $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG
echo "::set-output name=image::$ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG"
- name: Fill in the new image ID in the Amazon ECS task definition
id: cgafrica-new-backend-task
uses: aws-actions/amazon-ecs-render-task-definition#v1
with:
task-definition: task-definition.json
container-name: cgafrica-backend-container
image: ${{ steps.build-image.outputs.image }}
- name: Deploy Amazon ECS task definition
uses: aws-actions/amazon-ecs-deploy-task-definition#v1
with:
task-definition: ${{ steps.task-def.outputs.task-definition }}
service: cgafrica-backend-service
cluster: cgafrica-backend-cluster
wait-for-service-stability: true
Here is my yaml file code added. Please check
I have shared my task-definition.json and github actions pipeline progress.
But, I am getting some error Input required and not supplied: task-definition
Please let me know what is the issue here

The problem is in the last step - Deploy Amazon ECS task definition
The problematic part is ${{ steps.task-def.outputs.task-definition }} which doesn't refer to an existing step. There is not step with id task-def.
In order to work it should be: ${{ steps.cgafrica-new-backend-task.outputs.task-definition }}
- name: Deploy Amazon ECS task definition
uses: aws-actions/amazon-ecs-deploy-task-definition#v1
with:
task-definition: ${{ steps.cgafrica-new-backend-task.outputs.task-definition }}
service: cgafrica-backend-service
cluster: cgafrica-backend-cluster
wait-for-service-stability: true

A workflow is not triggering a second workflow

The workflow in file inrisk.packages.ci.yml generates a tag and a realise of the code when a push is done in the develop branch. The below works as expected.
name: Code Int
on:
push:
paths:
- 'infra/**'
jobs:
ci:
runs-on: ubuntu-latest
steps:
# Checks-out to $GITHUB_WORKSPACE
- uses: actions/checkout#v2
- name: Basic Checks
run: |
whoami
ls -lah
pwd
- uses: actions/setup-node#v1
# Create a new release when on develop which triggers the deployment
- name: Bump version and push tag
if: github.ref == 'refs/heads/develop'
uses: mathieudutour/github-tag-action#v4.5
id: tag_version
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Create Release
if: github.ref == 'refs/heads/develop'
id: create_release
uses: actions/create-release#v1
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
tag_name: ${{ steps.tag_version.outputs.new_tag }}
release_name: Release ${{ steps.tag_version.outputs.new_tag }}
draft: false
prerelease: false
The below workflow in file inrisk.packages.cd.yml and is suppose to be triggered when ever a tag/realise is created/published.
name: Code Deploy
on:
push:
tags:
- 'v*'
release:
types:
- published
- created
- released
jobs:
build-and-deploy:
runs-on: ubuntu-latest
steps:
# Checks-out to $GITHUB_WORKSPACE
- uses: actions/checkout#v2
- uses: actions/setup-node#v1
- name: Install Yarn
run: npm install -g yarn
- uses: chrislennon/action-aws-cli#v1.1
- name: Install, Build and Deploy
run: |
whoami
ls -lah
pwd
The second workflow Code Deploy dose not get trigger after Code Int publishes/created a tag/realise
However when I manually create a realise/tag the second workflow Code Deploy get triggered

This seems to be by design as stated here .This is to stop recursive workflow runs.
I used this article to get around the problem