version: 2.1 orbs: aws-ecr: circleci/aws-ecr@8.2.1 aws-ecs: circleci/aws-ecs@03.2.0 slack: circleci/slack@4.12.0 node: circleci/node@5.0.3 parameters: build-api: type: boolean default: false jobs: tests-server: executor: node/default steps: - checkout - run: command: cd front && npm install name: install node dependencies - run: command: cd front && npm run test name: tests workflows: build-and-deploy-server: jobs: - tests-server - aws-ecr/build-and-push-image: name: build-image-server filters: branches: only: main requires: - tests-server dockerfile: ./infra/prod/twenty-server/Dockerfile registry-id: AWS_ACCOUNT_ID aws-access-key-id: AWS_ACCESS_KEY_ID aws-secret-access-key: AWS_SECRET_ACCESS_KEY region: $AWS_REGION repo: $AWS_ECR_REPO tag: $CIRCLE_SHA1 extra-build-args: > --build-arg REACT_APP_AUTH0_DOMAIN=$REACT_APP_AUTH0_DOMAIN --build-arg REACT_APP_AUTH0_CLIENT_ID=$REACT_APP_AUTH0_CLIENT_ID --build-arg REACT_APP_AUTH0_CALLBACK_URL=$REACT_APP_AUTH0_CALLBACK_URL --build-arg REACT_APP_AUTH0_AUDIENCE=$REACT_APP_AUTH0_AUDIENCE --build-arg REACT_APP_API_URL=$REACT_APP_API_URL - aws-ecs/deploy-service-update: name: deploy-server-canary requires: - build-image-server family: $AWS_ECS_CONTAINER_NAME_SERVER_CANARY cluster: $AWS_ECS_CLUSTER container-image-name-updates: "container=$AWS_ECS_CONTAINER_NAME_SERVER_CANARY,tag=${CIRCLE_SHA1}" - slack/on-hold: name: slack-notification context: slack-secrets requires: - deploy-server-canary - hold: type: approval requires: - slack-notification - aws-ecs/deploy-service-update: name: deploy-server-default requires: - hold family: $AWS_ECS_CONTAINER_NAME_SERVER_DEFAULT cluster: $AWS_ECS_CLUSTER container-image-name-updates: "container=$AWS_ECS_CONTAINER_NAME_SERVER_DEFAULT,tag=${CIRCLE_SHA1}" post-steps: - slack/notify: event: pass template: basic_success_1 - slack/notify: event: fail template: basic_fail_1 - aws-ecr/build-and-push-image: name: build-image-latest requires: - deploy-server-default dockerfile: ./infra/prod/twenty-server/Dockerfile registry-id: AWS_ACCOUNT_ID aws-access-key-id: AWS_ACCESS_KEY_ID aws-secret-access-key: AWS_SECRET_ACCESS_KEY region: $AWS_REGION repo: $AWS_ECR_REPO tag: latest extra-build-args: > --build-arg REACT_APP_AUTH0_DOMAIN=$REACT_APP_AUTH0_DOMAIN --build-arg REACT_APP_AUTH0_CLIENT_ID=$REACT_APP_AUTH0_CLIENT_ID --build-arg REACT_APP_AUTH0_CALLBACK_URL=$REACT_APP_AUTH0_CALLBACK_URL --build-arg REACT_APP_AUTH0_AUDIENCE=$REACT_APP_AUTH0_AUDIENCE --build-arg REACT_APP_API_URL=$REACT_APP_API_URL build-and-deploy-api: when: << pipeline.parameters.build-api >> jobs: - aws-ecr/build-and-push-image: name: build-image-api dockerfile: ./infra/prod/twenty-api/Dockerfile registry-id: AWS_ACCOUNT_ID aws-access-key-id: AWS_ACCESS_KEY_ID aws-secret-access-key: AWS_SECRET_ACCESS_KEY region: $AWS_REGION repo: $AWS_ECR_REPO_API tag: $CIRCLE_SHA1 extra-build-args: > --build-arg HASURA_GRAPHQL_JWT_SECRET=$HASURA_GRAPHQL_JWT_SECRET - aws-ecs/deploy-service-update: name: deploy-api-canary requires: - build-image-api family: $AWS_ECS_CONTAINER_NAME_API_CANARY cluster: $AWS_ECS_CLUSTER container-image-name-updates: "container=$AWS_ECS_CONTAINER_NAME_API_CANARY,tag=${CIRCLE_SHA1}" - hold: type: approval requires: - deploy-api-canary - aws-ecs/deploy-service-update: name: deploy-api-default requires: - hold family: $AWS_ECS_CONTAINER_NAME_API_DEFAULT cluster: $AWS_ECS_CLUSTER container-image-name-updates: "container=$AWS_ECS_CONTAINER_NAME_API_DEFAULT,tag=${CIRCLE_SHA1}" - aws-ecr/build-and-push-image: name: build-image-api-latest requires: - deploy-api-default dockerfile: ./infra/prod/twenty-api/Dockerfile registry-id: AWS_ACCOUNT_ID aws-access-key-id: AWS_ACCESS_KEY_ID aws-secret-access-key: AWS_SECRET_ACCESS_KEY region: $AWS_REGION repo: $AWS_ECR_REPO_API tag: latest extra-build-args: > --build-arg HASURA_GRAPHQL_JWT_SECRET=$HASURA_GRAPHQL_JWT_SECRET