-
make sure gitlab-runner works with
docker:dind, we need set upprivileged = true -
make sure gitlab-runner can access our AWS ECR, set up aws access id & access token on gitlab
-
set up
Dockerfile, start auto build
Last active
September 11, 2024 16:17
-
-
Save ssskip/1fd85c29e896cdee2b4dee41be6f6bd6 to your computer and use it in GitHub Desktop.
gitlab-ci AWS ECS build & deploy
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| image: docker:latest | |
| variables: | |
| REPOSITORY_URL: xxx.dkr.ecr.us-west-2.amazonaws.com/xxx | |
| REGION: us-west-2 | |
| TASK_DEFINTION_NAME: xxx | |
| CLUSTER_NAME: xxx | |
| SERVICE_NAME: xxx | |
| services: | |
| - docker:dind | |
| before_script: | |
| - apk add --no-cache curl jq python py-pip git | |
| - git submodule sync --recursive | |
| - git submodule update --init --recursive | |
| - pip install awscli | |
| - $(aws ecr get-login --no-include-email --region "${REGION}") | |
| - IMAGE_TAG="$(echo $CI_COMMIT_SHA | head -c 8)" | |
| stages: | |
| - test | |
| - build | |
| - deploy | |
| build test: | |
| stage: test | |
| script: | |
| - echo "Test building image..." | |
| - docker build -t $REPOSITORY_URL:latest . | |
| except: | |
| - master | |
| build: | |
| stage: build | |
| script: | |
| - echo "Building image..." | |
| - docker build -t $REPOSITORY_URL:latest . | |
| - echo "Tagging image..." | |
| - docker tag $REPOSITORY_URL:latest $REPOSITORY_URL:$IMAGE_TAG | |
| - echo "Pushing image..." | |
| - docker push $REPOSITORY_URL:latest | |
| - docker push $REPOSITORY_URL:$IMAGE_TAG | |
| only: | |
| - master | |
| deploy: | |
| stage: deploy | |
| script: | |
| - echo $REPOSITORY_URL:$IMAGE_TAG | |
| - TASK_DEFINITION=$(aws ecs describe-task-definition --task-definition "$TASK_DEFINTION_NAME" --region "${REGION}") | |
| - NEW_CONTAINER_DEFINTIION=$(echo $TASK_DEFINITION | python $CI_PROJECT_DIR/update_task_definition_image.py $REPOSITORY_URL:$IMAGE_TAG) | |
| - echo "Registering new container definition..." | |
| - aws ecs register-task-definition --region "${REGION}" --family "${TASK_DEFINTION_NAME}" --container-definitions "${NEW_CONTAINER_DEFINTIION}" | |
| - echo "Updating the service..." | |
| - aws ecs update-service --region "${REGION}" --cluster "${CLUSTER_NAME}" --service "${SERVICE_NAME}" --task-definition "${TASK_DEFINTION_NAME}" | |
| when: manual | |
| only: | |
| - master |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| concurrent = 5 | |
| check_interval = 0 | |
| [[runners]] | |
| name = "share-runner" | |
| url = "xxxx" | |
| token = "xxxx" | |
| executor = "docker" | |
| output_limit = 40960 | |
| request_concurrency = 5 | |
| concurrent = 5 | |
| [runners.docker] | |
| tls_verify = false | |
| privileged = true | |
| disable_cache = false | |
| volumes = ["/cache"] | |
| shm_size = 0 | |
| extra_hosts = [] | |
| [runners.cache] |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import sys, json, argparse | |
| parser = argparse.ArgumentParser('Replaces image in the task definition') | |
| parser.add_argument('image_uri', metavar='I', type=str, nargs='+', | |
| help='The new image URI') | |
| args = parser.parse_args() | |
| definition = json.load(sys.stdin)['taskDefinition']['containerDefinitions'] | |
| definition[0]['image'] = args.image_uri[0] | |
| print(json.dumps(definition)) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment