From 7c5ab3e20be9d073b7eeb3872e78218f9d1cb231 Mon Sep 17 00:00:00 2001 From: John Bohannon Date: Mon, 14 Dec 2020 13:48:07 -0500 Subject: [PATCH 01/20] Add GKE deployment guide --- .../deploying-to-google-kubernetes-engine.md | 159 ++++++++++++++++++ content/actions/guides/index.md | 6 + 2 files changed, 165 insertions(+) create mode 100644 content/actions/guides/deploying-to-google-kubernetes-engine.md diff --git a/content/actions/guides/deploying-to-google-kubernetes-engine.md b/content/actions/guides/deploying-to-google-kubernetes-engine.md new file mode 100644 index 000000000000..951335cc3541 --- /dev/null +++ b/content/actions/guides/deploying-to-google-kubernetes-engine.md @@ -0,0 +1,159 @@ +--- +title: Deploying to Google Kubernetes Engine +intro: You can deploy to Google Kubernetes Engine as part of your continuous deployment (CD) workflows. +product: '{% data reusables.gated-features.actions %}' +versions: + free-pro-team: '*' + enterprise-server: '>=2.22' +--- + +{% data reusables.actions.enterprise-beta %} +{% data reusables.actions.enterprise-github-hosted-runners %} + +### Introduction +[Google Kubernetes Engine](https://cloud.google.com/kubernetes-engine) (GKE) is a managed Kubernetes cluster service from Google Cloud and is a great option for hosting your containerized workloads in the cloud or on premise. + +This guide will show you how to use GitHub Actions to build and deploy a containerized application from Google Container Registry (GCR) to GKE. + +### Prerequisites +To adopt this workflow, you will first need to complete the following setup steps: + +#### Create a GKE cluster +For example, after [authenticating](https://cloud.google.com/sdk/gcloud/reference/auth/login) with the [`gcloud` CLI](https://cloud.google.com/sdk/gcloud/reference), part of the [Cloud SDK](https://cloud.google.com/sdk/gcloud#the_gcloud_cli_and_cloud_sdk): + +{% raw %} +```bash{:copy} +gcloud container clusters create $GKE_CLUSTER \ + --project=$GKE_PROJECT \ + --zone=$GKE_ZONE +``` +{% endraw %} + +#### Enable required APIs +The Kubernetes Engine and Container Registry APIs are needed: + +{% raw %} +```bash{:copy} +gcloud services enable \ + containerregistry.googleapis.com \ + container.googleapis.com +``` +{% endraw %} + +#### Configure service account and store credentials as a secret, `GKE_SA_KEY` +Create a new service account, add roles to it, retrieve keys for it, and store it as a base64-encoded, [encrypted repository secret](https://docs.github.com/en/free-pro-team@latest/actions/reference/encrypted-secrets) named `GKE_SA_KEY`. + +Also store the project ID as a secret named `GKE_PROJECT`. + +{% raw %} +```bash{:copy} +# Create new service account +gcloud iam service-accounts create $SA_NAME + +# Retrieve email address of service account just created +gcloud iam service-accounts list + +# Add roles to service account +# Note: restrict these further in production +gcloud projects add-iam-policy-binding $GKE_PROJECT \ + --member=serviceAccount:$SA_EMAIL \ + --role=roles/container.admin \ + --role=roles/storage.admin + +# Download a JSON keyfile +gcloud iam service-accounts keys create key.json --iam-account=$SA_EMAIL + +export GKE_SA_KEY=$(cat key.json | base64) +``` +{% endraw %} + +#### (Optional) Set up `kustomize` +Kustomize is an optional tool used for managing YAML specs. After [setting up](https://github.com/kubernetes-sigs/kustomize#usage) a kustomization file, the workflow below can be used to dynamically set fields of the image and pipe in the result to `kubectl`: + +{% raw %} +```bash{:copy} +kustomize edit set image \ +gcr.io/PROJECT_ID/IMAGE:TAG=gcr.io/$PROJECT_ID/$IMAGE:$GITHUB_SHA + +kustomize build . | kubectl apply -f - +``` +{% endraw %} + +### Workflow + +Now that the prerequisite steps are done, consider the following workflow, which will build and push a container image to GCR, and then use Kubernetes native tools like `kubectl` and `kustomize` to pull this image into the cluster deployment. + +{% raw %} +```yaml{:copy} +name: Build and Deploy to GKE + +on: + release: + types: [created] + +# Environment variables available to all jobs and steps in this workflow +env: + GKE_PROJECT: ${{ secrets.GKE_PROJECT }} + GKE_EMAIL: ${{ secrets.GKE_EMAIL }} + GITHUB_SHA: ${{ github.sha }} + GKE_ZONE: us-west1-a + GKE_CLUSTER: example-gke-cluster + IMAGE: gke-test + REGISTRY_HOSTNAME: gcr.io + DEPLOYMENT_NAME: gke-test + +jobs: + setup-build-publish-deploy: + name: Setup, Build, Publish, and Deploy + runs-on: ubuntu-latest + steps: + + - name: Checkout + uses: actions/checkout@v2 + + # Setup gcloud CLI + - uses: GoogleCloudPlatform/github-actions/setup-gcloud@master + with: + service_account_email: ${{ secrets.GKE_EMAIL }} + service_account_key: ${{ secrets.GKE_KEY }} + + # Configure docker to use the gcloud command-line tool as a credential helper + - run: | + # Set up docker to authenticate + # via gcloud command-line tool. + gcloud auth configure-docker + + # Build the Docker image + - name: Build + run: | + docker build -t "$REGISTRY_HOSTNAME"/"$GKE_PROJECT"/"$IMAGE":"$GITHUB_SHA" + + # Push the Docker image to Google Container Registry + - name: Publish + run: | + docker push $REGISTRY_HOSTNAME/$GKE_PROJECT/$IMAGE:$GITHUB_SHA + + # Set up kustomize + - name: Set up Kustomize + run: | + curl -o kustomize --location https://github.com/kubernetes-sigs/kustomize/releases/download/v3.1.0/kustomize_3.1.0_linux_amd64 + chmod u+x ./kustomize + + # Deploy the Docker image to the GKE cluster + - name: Deploy + run: | + gcloud container clusters get-credentials $GKE_CLUSTER --zone $GKE_ZONE --project $GKE_PROJECT + ./kustomize edit set image $REGISTRY_HOSTNAME/$GKE_PROJECT/$IMAGE:${GITHUB_SHA} + ./kustomize build . | kubectl apply -f - + kubectl rollout status deployment/$DEPLOYMENT_NAME + kubectl get services -o wide +``` +{% endraw %} + +### Additional resources +The following additional resources may also be of use: + +1. [GKE starter workflow](https://github.com/actions/starter-workflows/blob/master/ci/google.yml) for the full starter workflow +2. [Google GitHub actions example workflows](https://github.com/google-github-actions/setup-gcloud/tree/master/example-workflows/) for more starter workflows and accompanying code +3. [Kustomize](https://kustomize.io/), the Kubernetes YAML customization engine +4. [Deploying a containerized web application](https://cloud.google.com/kubernetes-engine/docs/tutorials/hello-app) \ No newline at end of file diff --git a/content/actions/guides/index.md b/content/actions/guides/index.md index b428505073c4..8038e34e4a6a 100644 --- a/content/actions/guides/index.md +++ b/content/actions/guides/index.md @@ -36,6 +36,12 @@ You can use {% data variables.product.prodname_actions %} to create custom conti {% link_in_list /building-and-testing-java-with-gradle %} {% link_in_list /building-and-testing-java-with-ant %} +### Creating custom continuous deployment workflows + +You can use {% data variables.product.prodname_actions %} to create custom continuous deployment (CD) workflows that deploy projects to a number of cloud partner ecosystems. + +{% link_in_list /deploying-to-google-kubernetes-engine %} + ### Publishing software packages You can automate publishing software packages as part your continuous delivery (CD) workflow. Packages can be published to any package host and to {% data reusables.gated-features.packages %}. From bfff8569016e69f788f4e29e56c474ef8f9f527d Mon Sep 17 00:00:00 2001 From: John Bohannon Date: Tue, 15 Dec 2020 12:52:59 -0500 Subject: [PATCH 02/20] Updating GKE workflow based on latest starter workflow --- .../deploying-to-google-kubernetes-engine.md | 54 ++++++++++--------- 1 file changed, 29 insertions(+), 25 deletions(-) diff --git a/content/actions/guides/deploying-to-google-kubernetes-engine.md b/content/actions/guides/deploying-to-google-kubernetes-engine.md index 951335cc3541..451596561c6f 100644 --- a/content/actions/guides/deploying-to-google-kubernetes-engine.md +++ b/content/actions/guides/deploying-to-google-kubernetes-engine.md @@ -91,16 +91,12 @@ on: release: types: [created] -# Environment variables available to all jobs and steps in this workflow env: - GKE_PROJECT: ${{ secrets.GKE_PROJECT }} - GKE_EMAIL: ${{ secrets.GKE_EMAIL }} - GITHUB_SHA: ${{ github.sha }} - GKE_ZONE: us-west1-a - GKE_CLUSTER: example-gke-cluster - IMAGE: gke-test - REGISTRY_HOSTNAME: gcr.io - DEPLOYMENT_NAME: gke-test + PROJECT_ID: ${{ secrets.GKE_PROJECT }} + GKE_CLUSTER: cluster-1 # TODO: update to cluster name + GKE_ZONE: us-central1-c # TODO: update to cluster zone + DEPLOYMENT_NAME: gke-test # TODO: update to deployment name + IMAGE: static-site jobs: setup-build-publish-deploy: @@ -112,38 +108,46 @@ jobs: uses: actions/checkout@v2 # Setup gcloud CLI - - uses: GoogleCloudPlatform/github-actions/setup-gcloud@master + - uses: google-github-actions/setup-gcloud@v0.2.0 with: - service_account_email: ${{ secrets.GKE_EMAIL }} - service_account_key: ${{ secrets.GKE_KEY }} + service_account_key: ${{ secrets.GKE_SA_KEY }} + project_id: ${{ secrets.GKE_PROJECT }} # Configure docker to use the gcloud command-line tool as a credential helper - - run: | - # Set up docker to authenticate - # via gcloud command-line tool. - gcloud auth configure-docker + - run: |- + gcloud --quiet auth configure-docker + # Get the GKE credentials so we can deploy to the cluster + - uses: google-github-actions/get-gke-credentials@v0.2.1 + with: + cluster_name: ${{ env.GKE_CLUSTER }} + location: ${{ env.GKE_ZONE }} + credentials: ${{ secrets.GKE_SA_KEY }} + # Build the Docker image - name: Build - run: | - docker build -t "$REGISTRY_HOSTNAME"/"$GKE_PROJECT"/"$IMAGE":"$GITHUB_SHA" + run: |- + docker build \ + --tag "gcr.io/$PROJECT_ID/$IMAGE:$GITHUB_SHA" \ + --build-arg GITHUB_SHA="$GITHUB_SHA" \ + --build-arg GITHUB_REF="$GITHUB_REF" \ + . # Push the Docker image to Google Container Registry - name: Publish - run: | - docker push $REGISTRY_HOSTNAME/$GKE_PROJECT/$IMAGE:$GITHUB_SHA + run: |- + docker push "gcr.io/$PROJECT_ID/$IMAGE:$GITHUB_SHA" # Set up kustomize - name: Set up Kustomize - run: | - curl -o kustomize --location https://github.com/kubernetes-sigs/kustomize/releases/download/v3.1.0/kustomize_3.1.0_linux_amd64 + run: |- + curl -sfLo kustomize https://github.com/kubernetes-sigs/kustomize/releases/download/v3.1.0/kustomize_3.1.0_linux_amd64 chmod u+x ./kustomize # Deploy the Docker image to the GKE cluster - name: Deploy - run: | - gcloud container clusters get-credentials $GKE_CLUSTER --zone $GKE_ZONE --project $GKE_PROJECT - ./kustomize edit set image $REGISTRY_HOSTNAME/$GKE_PROJECT/$IMAGE:${GITHUB_SHA} + run: |- + ./kustomize edit set image gcr.io/PROJECT_ID/IMAGE:TAG=gcr.io/$PROJECT_ID/$IMAGE:$GITHUB_SHA ./kustomize build . | kubectl apply -f - kubectl rollout status deployment/$DEPLOYMENT_NAME kubectl get services -o wide From 8e35ec0fe260fd66509692d6f65c8cd2bcbf613c Mon Sep 17 00:00:00 2001 From: John Bohannon Date: Tue, 15 Dec 2020 12:57:19 -0500 Subject: [PATCH 03/20] Remove kustomize example --- .../guides/deploying-to-google-kubernetes-engine.md | 11 +---------- 1 file changed, 1 insertion(+), 10 deletions(-) diff --git a/content/actions/guides/deploying-to-google-kubernetes-engine.md b/content/actions/guides/deploying-to-google-kubernetes-engine.md index 451596561c6f..ca53a8a26fcb 100644 --- a/content/actions/guides/deploying-to-google-kubernetes-engine.md +++ b/content/actions/guides/deploying-to-google-kubernetes-engine.md @@ -68,16 +68,7 @@ export GKE_SA_KEY=$(cat key.json | base64) {% endraw %} #### (Optional) Set up `kustomize` -Kustomize is an optional tool used for managing YAML specs. After [setting up](https://github.com/kubernetes-sigs/kustomize#usage) a kustomization file, the workflow below can be used to dynamically set fields of the image and pipe in the result to `kubectl`: - -{% raw %} -```bash{:copy} -kustomize edit set image \ -gcr.io/PROJECT_ID/IMAGE:TAG=gcr.io/$PROJECT_ID/$IMAGE:$GITHUB_SHA - -kustomize build . | kubectl apply -f - -``` -{% endraw %} +Kustomize is an optional tool used for managing YAML specs. After [setting up](https://github.com/kubernetes-sigs/kustomize#usage) a kustomization file, the workflow below can be used to dynamically set fields of the image and pipe in the result to `kubectl`. ### Workflow From c970d5a55b374b9f09a80660a495442ef40351e4 Mon Sep 17 00:00:00 2001 From: John Bohannon Date: Tue, 15 Dec 2020 13:06:47 -0500 Subject: [PATCH 04/20] Add prerequisites --- .../actions/guides/deploying-to-google-kubernetes-engine.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/content/actions/guides/deploying-to-google-kubernetes-engine.md b/content/actions/guides/deploying-to-google-kubernetes-engine.md index ca53a8a26fcb..743c561042c6 100644 --- a/content/actions/guides/deploying-to-google-kubernetes-engine.md +++ b/content/actions/guides/deploying-to-google-kubernetes-engine.md @@ -16,7 +16,7 @@ versions: This guide will show you how to use GitHub Actions to build and deploy a containerized application from Google Container Registry (GCR) to GKE. ### Prerequisites -To adopt this workflow, you will first need to complete the following setup steps: +To adopt this workflow, you will first need to complete the following setup steps for your [Kubernetes](https://kubernetes.io/) project. This guide assumes you already have a Dockerfile and a Kubernetes Deployment configuration file in the root of your project. See [here](https://github.com/google-github-actions/setup-gcloud/tree/master/example-workflows/gke) for a concrete example. #### Create a GKE cluster For example, after [authenticating](https://cloud.google.com/sdk/gcloud/reference/auth/login) with the [`gcloud` CLI](https://cloud.google.com/sdk/gcloud/reference), part of the [Cloud SDK](https://cloud.google.com/sdk/gcloud#the_gcloud_cli_and_cloud_sdk): @@ -68,7 +68,7 @@ export GKE_SA_KEY=$(cat key.json | base64) {% endraw %} #### (Optional) Set up `kustomize` -Kustomize is an optional tool used for managing YAML specs. After [setting up](https://github.com/kubernetes-sigs/kustomize#usage) a kustomization file, the workflow below can be used to dynamically set fields of the image and pipe in the result to `kubectl`. +Kustomize is an optional tool used for managing YAML specs. After [setting up](https://github.com/kubernetes-sigs/kustomize#usage) a kustomization file, the workflow below can be used to dynamically set fields of the image and pipe in the result to `kubectl`. ### Workflow From 93de39455517359d294568d272a239aa3952d297 Mon Sep 17 00:00:00 2001 From: Martin Lopes Date: Wed, 16 Dec 2020 15:48:32 +1000 Subject: [PATCH 05/20] Added edits and structural changes to guide --- .../deploying-to-google-kubernetes-engine.md | 116 +++++++++++------- 1 file changed, 69 insertions(+), 47 deletions(-) diff --git a/content/actions/guides/deploying-to-google-kubernetes-engine.md b/content/actions/guides/deploying-to-google-kubernetes-engine.md index 743c561042c6..dffeee5e1a02 100644 --- a/content/actions/guides/deploying-to-google-kubernetes-engine.md +++ b/content/actions/guides/deploying-to-google-kubernetes-engine.md @@ -11,68 +11,89 @@ versions: {% data reusables.actions.enterprise-github-hosted-runners %} ### Introduction -[Google Kubernetes Engine](https://cloud.google.com/kubernetes-engine) (GKE) is a managed Kubernetes cluster service from Google Cloud and is a great option for hosting your containerized workloads in the cloud or on premise. -This guide will show you how to use GitHub Actions to build and deploy a containerized application from Google Container Registry (GCR) to GKE. +This guide explains how to use {% data variables.product.prodname_actions %} to build a containerized application in Google Container Registry (GCR) and deploy it to Google Kubernetes Engine (GKE). + +GKE is a managed Kubernetes cluster service from Google Cloud that can host your containerized workloads in the cloud or in your own datacenter. For more information, see [Google Kubernetes Engine](https://cloud.google.com/kubernetes-engine). ### Prerequisites -To adopt this workflow, you will first need to complete the following setup steps for your [Kubernetes](https://kubernetes.io/) project. This guide assumes you already have a Dockerfile and a Kubernetes Deployment configuration file in the root of your project. See [here](https://github.com/google-github-actions/setup-gcloud/tree/master/example-workflows/gke) for a concrete example. +Before you proceed with creating the workflow, you will need to complete the following steps for your Kubernetes project. This guide assumes the root of your project already has a `Dockerfile` and a Kubernetes Deployment configuration file. For an example, see [google-github-actions](https://github.com/google-github-actions/setup-gcloud/tree/master/example-workflows/gke). + +#### Creating a GKE cluster + +To create the GKE cluster, you will first need to authenticate using the `gcloud` CLI. For more information on this step, see the following articles: +- [`gcloud auth login`](https://cloud.google.com/sdk/gcloud/reference/auth/login). +- [`gcloud` CLI](https://cloud.google.com/sdk/gcloud/reference). +- [`gcloud` CLI and Cloud SDK](https://cloud.google.com/sdk/gcloud#the_gcloud_cli_and_cloud_sdk). -#### Create a GKE cluster -For example, after [authenticating](https://cloud.google.com/sdk/gcloud/reference/auth/login) with the [`gcloud` CLI](https://cloud.google.com/sdk/gcloud/reference), part of the [Cloud SDK](https://cloud.google.com/sdk/gcloud#the_gcloud_cli_and_cloud_sdk): +For example: {% raw %} ```bash{:copy} -gcloud container clusters create $GKE_CLUSTER \ +$ gcloud container clusters create $GKE_CLUSTER \ --project=$GKE_PROJECT \ --zone=$GKE_ZONE ``` {% endraw %} -#### Enable required APIs -The Kubernetes Engine and Container Registry APIs are needed: +#### Enabling the APIs + +Enable the Kubernetes Engine and Container Registry APIs. For example: {% raw %} ```bash{:copy} -gcloud services enable \ +$ gcloud services enable \ containerregistry.googleapis.com \ container.googleapis.com ``` {% endraw %} -#### Configure service account and store credentials as a secret, `GKE_SA_KEY` -Create a new service account, add roles to it, retrieve keys for it, and store it as a base64-encoded, [encrypted repository secret](https://docs.github.com/en/free-pro-team@latest/actions/reference/encrypted-secrets) named `GKE_SA_KEY`. - -Also store the project ID as a secret named `GKE_PROJECT`. - -{% raw %} -```bash{:copy} -# Create new service account -gcloud iam service-accounts create $SA_NAME - -# Retrieve email address of service account just created -gcloud iam service-accounts list - -# Add roles to service account -# Note: restrict these further in production -gcloud projects add-iam-policy-binding $GKE_PROJECT \ - --member=serviceAccount:$SA_EMAIL \ - --role=roles/container.admin \ - --role=roles/storage.admin - -# Download a JSON keyfile -gcloud iam service-accounts keys create key.json --iam-account=$SA_EMAIL - -export GKE_SA_KEY=$(cat key.json | base64) -``` -{% endraw %} - -#### (Optional) Set up `kustomize` -Kustomize is an optional tool used for managing YAML specs. After [setting up](https://github.com/kubernetes-sigs/kustomize#usage) a kustomization file, the workflow below can be used to dynamically set fields of the image and pipe in the result to `kubectl`. - -### Workflow - -Now that the prerequisite steps are done, consider the following workflow, which will build and push a container image to GCR, and then use Kubernetes native tools like `kubectl` and `kustomize` to pull this image into the cluster deployment. +#### Configuring a service account and storing its credentials + +This procedure demonstrates how to create the service account for your GKE integration. It explains how to create the account, add roles to it, retrieve its keys, and store them as a base64-encoded [encrypted repository secret](/actions/reference/encrypted-secrets) named `GKE_SA_KEY`. + +1. Create a new service account: + {% raw %} + ``` + $ gcloud iam service-accounts create $SA_NAME + ``` + {% endraw %} +1. Retrieve the email address of the service account you just created: + {% raw %} + ``` + $ gcloud iam service-accounts list + ``` + {% endraw %} +1. Add roles to the service account. Note: Apply more restrictive roles to suit your requirements. + {% raw %} + ``` + $ gcloud projects add-iam-policy-binding $GKE_PROJECT \ + --member=serviceAccount:$SA_EMAIL \ + --role=roles/container.admin \ + --role=roles/storage.admin + ``` + {% endraw %} +1. Download the JSON keyfile for the service account: + {% raw %} + ``` + $ gcloud iam service-accounts keys create key.json --iam-account=$SA_EMAIL + ``` + {% endraw %} +1. Store the project ID as a secret named `GKE_PROJECT`: + {% raw %} + ``` + $ export GKE_SA_KEY=$(cat key.json | base64) + ``` + {% endraw %} + +#### (Optional) Configuring kustomize +Kustomize is an optional tool used for managing YAML specs. After creating a _kustomization_ file, the workflow below can be used to dynamically set fields of the image and pipe in the result to `kubectl`. For more information, see [kustomize usage](https://github.com/kubernetes-sigs/kustomize#usage). + +### Creating the workflow + +Once you've completed the prerequisites, you can proceed with creating the workflow. + +The following example workflow demonstrates how to build a container image and push it to GCR. It then uses the Kubernetes tools (such as `kubectl` and `kustomize`) to pull the image into the cluster deployment. {% raw %} ```yaml{:copy} @@ -84,9 +105,9 @@ on: env: PROJECT_ID: ${{ secrets.GKE_PROJECT }} - GKE_CLUSTER: cluster-1 # TODO: update to cluster name - GKE_ZONE: us-central1-c # TODO: update to cluster zone - DEPLOYMENT_NAME: gke-test # TODO: update to deployment name + GKE_CLUSTER: cluster-1 # Add your cluster name here. + GKE_ZONE: us-central1-c # Add your cluster zone here. + DEPLOYMENT_NAME: gke-test # Add your deployment name here. IMAGE: static-site jobs: @@ -146,9 +167,10 @@ jobs: {% endraw %} ### Additional resources -The following additional resources may also be of use: + +For more information on the tools used in these examples, see the following documentation: 1. [GKE starter workflow](https://github.com/actions/starter-workflows/blob/master/ci/google.yml) for the full starter workflow 2. [Google GitHub actions example workflows](https://github.com/google-github-actions/setup-gcloud/tree/master/example-workflows/) for more starter workflows and accompanying code 3. [Kustomize](https://kustomize.io/), the Kubernetes YAML customization engine -4. [Deploying a containerized web application](https://cloud.google.com/kubernetes-engine/docs/tutorials/hello-app) \ No newline at end of file +4. [Deploying a containerized web application](https://cloud.google.com/kubernetes-engine/docs/tutorials/hello-app) From 5a43098fc747f9061c5580c11053b2c93b892ba6 Mon Sep 17 00:00:00 2001 From: Martin Lopes Date: Wed, 16 Dec 2020 16:11:10 +1000 Subject: [PATCH 06/20] Small changes to the list of links --- .../guides/deploying-to-google-kubernetes-engine.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/content/actions/guides/deploying-to-google-kubernetes-engine.md b/content/actions/guides/deploying-to-google-kubernetes-engine.md index dffeee5e1a02..e0d1ea1c3aaa 100644 --- a/content/actions/guides/deploying-to-google-kubernetes-engine.md +++ b/content/actions/guides/deploying-to-google-kubernetes-engine.md @@ -170,7 +170,7 @@ jobs: For more information on the tools used in these examples, see the following documentation: -1. [GKE starter workflow](https://github.com/actions/starter-workflows/blob/master/ci/google.yml) for the full starter workflow -2. [Google GitHub actions example workflows](https://github.com/google-github-actions/setup-gcloud/tree/master/example-workflows/) for more starter workflows and accompanying code -3. [Kustomize](https://kustomize.io/), the Kubernetes YAML customization engine -4. [Deploying a containerized web application](https://cloud.google.com/kubernetes-engine/docs/tutorials/hello-app) +1. For the full starter workflow, see [GKE starter workflow](https://github.com/actions/starter-workflows/blob/master/ci/google.yml). +2. For more starter workflows and accompanying code, see [Google GitHub actions example workflows](https://github.com/google-github-actions/setup-gcloud/tree/master/example-workflows/). +3. The Kubernetes YAML customization engine: [Kustomize](https://kustomize.io/), +4. [Deploying a containerized web application](https://cloud.google.com/kubernetes-engine/docs/tutorials/hello-app). From 8837b7df70cfb69e5e6261f646a3317dd9d99e26 Mon Sep 17 00:00:00 2001 From: Steve Winton Date: Mon, 14 Dec 2020 14:53:56 -0600 Subject: [PATCH 07/20] Add Amazon ECS guide --- ...ing-to-amazon-elastic-container-service.md | 144 ++++++++++++++++++ 1 file changed, 144 insertions(+) create mode 100644 content/actions/guides/deploying-to-amazon-elastic-container-service.md diff --git a/content/actions/guides/deploying-to-amazon-elastic-container-service.md b/content/actions/guides/deploying-to-amazon-elastic-container-service.md new file mode 100644 index 000000000000..8c647058e873 --- /dev/null +++ b/content/actions/guides/deploying-to-amazon-elastic-container-service.md @@ -0,0 +1,144 @@ +--- +title: Deploying to Amazon Elastic Container Service +intro: You can deploy to Amazon Elastic Container Service (ECS) as part of your continuous deployment (CD) workflows. +product: '{% data reusables.gated-features.actions %}' +versions: + free-pro-team: '*' + enterprise-server: '>=2.22' +--- + +{% data reusables.actions.enterprise-beta %} +{% data reusables.actions.enterprise-github-hosted-runners %} + +### Introduction +[Amazon ECR (Elastic Container Registry)](https://aws.amazon.com/ecr/) and [Amazon ECS (Elastic Container Service)](https://aws.amazon.com/ecs/) are a great combination for running your container-based workloads in the cloud. + +This guide will show you how to orchestrate your deployments to Amazon ECR and ECS via GitHub Actions. + +The included workflow will build and push a new container image to Amazon ECR, and then will deploy a new task definition to Amazon ECS, on every push to the default branch. + +### Prerequisites +To adopt this workflow, you will first need to complete the following setup steps: + +#### Create an ECR repository to store your images +For example, using [the AWS CLI](https://aws.amazon.com/cli/): + +{% raw %} +```bash{:copy} +aws ecr create-repository \ + --repository-name $ECR_REPOSITORY \ + --region $AWS_REGION +``` +{% endraw %} + +Replace the value of `$ECR_REPOSITORY` in the workflow below with your repository's name. + +Replace the value of `$AWS_REGION` in the workflow below with your repository's region. + +#### Create an ECS task definition, an ECS cluster, and an ECS service +For details, follow [the Getting Started guide on the ECS console](https://us-east-2.console.aws.amazon.com/ecs/home?region=us-east-2#/firstRun). + +Replace the values for `$ECS_SERVICE` and `$ECS_CLUSTER` in the workflow below with your service and cluster names. + +#### Store your ECS task definition as a JSON file in your repository +The format should mirror the output generated by: + +{% raw %} +```bash{:copy} +aws ecs register-task-definition --generate-cli-skeleton +``` +{% endraw %} + +Replace the value of `$ECS_TASK_DEFINITION` in the workflow below with your JSON file's name. + +Replace the value of `$CONTAINER_NAME` in the workflow below with the name of the container in the containerDefinitions section of the task definition. + +#### Store an IAM user access key in GitHub Actions secrets named `AWS_ACCESS_KEY_ID` and `AWS_SECRET_ACCESS_KEY` +See the documentation for each action used below for the recommended IAM policies for this IAM user, and best practices on handling the access key credentials. + +### Workflow +After updating the env section, follow these instructions to add the workflow to your repository: + +{% raw %} +```bash{:copy} +name: Deploy to Amazon ECS + +on: + release: + types: [ created ] + +env: + AWS_REGION: your-preferred-aws-region # set this to your preferred AWS region, e.g. us-west-1 + ECR_REPOSITORY: your-ecr-repository # set this to your Amazon ECR repository name + ECS_SERVICE: your-ecs-service # set this to your Amazon ECS service name + ECS_CLUSTER: your-ecs-cluster # set this to your Amazon ECS cluster name + ECS_TASK_DEFINITION: your-ecs-task-defintion # set this to the path to your Amazon ECS task definition + # file, e.g. .aws/task-definition.json + CONTAINER_NAME: your-container-name # set this to the name of the container in the + # containerDefinitions section of your task definition + +defaults: + run: + shell: bash + +jobs: + deploy: + name: Deploy + runs-on: ubuntu-latest + + steps: + - name: Checkout + uses: actions/checkout@v2 + + - name: Configure AWS credentials + uses: aws-actions/configure-aws-credentials@v1 + with: + aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} + aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + aws-region: $AWS_REGION + + - name: Login to Amazon ECR + id: login-ecr + uses: aws-actions/amazon-ecr-login@v1 + + - name: Build, tag, and push image to Amazon ECR + id: build-image + env: + ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }} + IMAGE_TAG: ${{ github.sha }} + run: | + # Build a docker container and + # push it to ECR so that it can + # be deployed to ECS. + docker build -t $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG . + docker push $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG + echo "image=$ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG" >> $GITHUB_ENV + + - name: Fill in the new image ID in the Amazon ECS task definition + id: task-def + uses: aws-actions/amazon-ecs-render-task-definition@v1 + with: + task-definition: $ECS_TASK_DEFINITION + container-name: $CONTAINER_NAME + image: ${{ steps.build-image.outputs.image }} + + - name: Deploy Amazon ECS task definition + uses: aws-actions/amazon-ecs-deploy-task-definition@v1 + with: + task-definition: ${{ steps.task-def.outputs.task-definition }} + service: $ECS_SERVICE + cluster: $ECS_CLUSTER + wait-for-service-stability: true +``` +{% endraw %} + +### Additional resources +The following additional resources may also be of use: + +1. Best practices on handling AWS access key credentials: https://docs.aws.amazon.com/IAM/latest/UserGuide/best-practices.html +1. Amazon ECR: https://aws.amazon.com/ecr/ +1. Amazon ECS: https://aws.amazon.com/ecs/ +1. Official AWS GitHub action to configure AWS credentials: https://github.com/aws-actions/configure-aws-credentials +1. Official AWS GitHub action to login to Amazon ECR: https://github.com/aws-actions/amazon-ecr-login +1. Official AWS GitHub action to “render” and Amazon ECS task definition: https://github.com/aws-actions/amazon-ecs-render-task-definition +1. Official AWS GitHub action to register an Amazon ECS task definition and deploy it to an ECS service: https://github.com/aws-actions/amazon-ecs-deploy-task-definition From fc4d5fb37a6916395e6dcd2534b14e3515850aad Mon Sep 17 00:00:00 2001 From: Steve Winton Date: Mon, 14 Dec 2020 17:25:27 -0600 Subject: [PATCH 08/20] Add Azure App Service guide --- .../guides/deploying-to-azure-app-service.md | 101 ++++++++++++++++++ 1 file changed, 101 insertions(+) create mode 100644 content/actions/guides/deploying-to-azure-app-service.md diff --git a/content/actions/guides/deploying-to-azure-app-service.md b/content/actions/guides/deploying-to-azure-app-service.md new file mode 100644 index 000000000000..2b04aac3c129 --- /dev/null +++ b/content/actions/guides/deploying-to-azure-app-service.md @@ -0,0 +1,101 @@ +--- +title: Deploying to Azure App Service Service +intro: You can deploy to Azure App Service as part of your continuous deployment (CD) workflows. +product: '{% data reusables.gated-features.actions %}' +versions: + free-pro-team: '*' + enterprise-server: '>=2.22' +--- + +{% data reusables.actions.enterprise-beta %} +{% data reusables.actions.enterprise-github-hosted-runners %} + +### Introduction +[Azure App Service](https://azure.microsoft.com/en-us/services/app-service/) is a Platform-as-a-Service (PaaS) offering from Microsoft, a “fully managed platform for building, deploying and scaling your web apps”. It is a great way to run web apps in several languages including JavaScript, which will be shown here. + +This guide assumes you are in the directory of an existing [Node.js](https://nodejs.org/en/) project. + +### Prerequisites +To adopt this workflow, you will first need to complete the following setup steps: + +#### Create an App Service plan +For example, after [authenticating](https://docs.microsoft.com/en-us/cli/azure/authenticate-azure-cli) with `az`, the [Azure CLI](https://docs.microsoft.com/en-us/cli/azure/): + +{% raw %} +```bash{:copy} +az appservice plan create \ + --resource-group $AZ_RESOURCE_GROUP \ + --name $AZ_APP_SERVICE_PLAN \ + --is-linux +``` +{% endraw %} + +where `$AZ_RESOURCE_GROUP` is a pre-existing Azure Resource Group and `$AZ_APP_SERVICE_PLAN` is a name of your choosing. If you need to set up a new Resource Group, follow [these instructions](https://docs.microsoft.com/en-us/cli/azure/group?view=azure-cli-latest#az_group_create). + +#### Create a Web App +Create an [App Service Web App](https://azure.microsoft.com/en-us/services/app-service/web/) with a [node runtime](https://docs.microsoft.com/en-us/cli/azure/webapp?view=azure-cli-latest#az_webapp_list_runtimes), for example, using the Azure CLI: + +{% raw %} +```bash{:copy} +az webapp create \ + --name $AZURE_WEBAPP_NAME \ + --plan $AZ_APP_SERVICE_PLAN \ + --resource-group $AZ_RESOURCE_GROUP \ + --runtime "node|10.14" +``` +{% endraw %} + +where `$AZURE_WEBAPP_NAME` is a webapp name of your choosing. + +#### Configure publish profile and store as `AZURE_WEBAPP_PUBLISH_PROFILE` secret +Next, we will generate Azure deployment credentials via a publish profile using [these instructions](https://docs.microsoft.com/en-us/azure/app-service/deploy-github-actions?tabs=applevel#generate-deployment-credentials), adding them as a [GitHub repository secret](https://docs.github.com/en/free-pro-team@latest/actions/reference/encrypted-secrets) named `AZURE_WEBAPP_PUBLISH_PROFILE`. + +### Workflow +Now that the prerequisite steps are done, consider the following workflow, which will build, test, and deploy the Node.js project to Azure App Service. + +{% raw %} +```bash{:copy} +on: + release: + types: [created] + +env: + AZURE_WEBAPP_NAME: your-app-name # set this to your application's name + AZURE_WEBAPP_PACKAGE_PATH: '.' # set this to the path to your web app project, defaults to the repository root + NODE_VERSION: '10.x' # set this to the node version to use + +jobs: + build-and-deploy: + name: Build and Deploy + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v2 + + - name: Use Node.js ${{ env.NODE_VERSION }} + uses: actions/setup-node@v1 + with: + node-version: ${{ env.NODE_VERSION }} + + - name: npm install, build, and test + run: | + # Build and test the project, then + # deploy to Azure Web App. + npm install + npm run build --if-present + npm run test --if-present + + - name: 'Deploy to Azure WebApp' + uses: azure/webapps-deploy@v2 + with: + app-name: ${{ env.AZURE_WEBAPP_NAME }} + publish-profile: ${{ secrets.AZURE_WEBAPP_PUBLISH_PROFILE }} + package: ${{ env.AZURE_WEBAPP_PACKAGE_PATH }} +``` +{% endraw %} + +### Additional resources +The following additional resources may also be of use: + +1. [Azure App Service starter workflow](https://github.com/actions/starter-workflows/blob/master/ci/azure.yml) for the full starter workflow +1. [`Azure/webapps-deploy`](https://github.com/Azure/webapps-deploy), the Azure action used +1. [App Service quickstart -- Node.js](https://docs.microsoft.com/en-us/azure/app-service/quickstart-nodejs) for a quickstart using the [VSCode Azure App Service extension](https://marketplace.visualstudio.com/items?itemName=ms-azuretools.vscode-azureappservice) From 7ba46cdceee94407c98843b37c8886215890321c Mon Sep 17 00:00:00 2001 From: Steve Winton Date: Tue, 15 Dec 2020 14:30:45 -0600 Subject: [PATCH 09/20] Add links to guides --- content/actions/guides/index.md | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/content/actions/guides/index.md b/content/actions/guides/index.md index 8038e34e4a6a..9651b4e8c7fa 100644 --- a/content/actions/guides/index.md +++ b/content/actions/guides/index.md @@ -41,6 +41,11 @@ You can use {% data variables.product.prodname_actions %} to create custom conti You can use {% data variables.product.prodname_actions %} to create custom continuous deployment (CD) workflows that deploy projects to a number of cloud partner ecosystems. {% link_in_list /deploying-to-google-kubernetes-engine %} + You can use {% data variables.product.prodname_actions %} to create custom continuous deployment (CD) workflows that deploy projects to a number of cloud partner ecosystems. + + {% link_in_list /deploying-to-amazon-elastic-container-service %} + {% link_in_list /deploying-to-azure-app-service %} + {% link_in_list /deploying-to-google-kubernetes-engine %} ### Publishing software packages From d81f474b15cfe3c93316534e88c93dfd782bf4ed Mon Sep 17 00:00:00 2001 From: Steve Winton Date: Wed, 16 Dec 2020 16:44:25 -0600 Subject: [PATCH 10/20] Remove duplicated items --- content/actions/guides/index.md | 3 --- 1 file changed, 3 deletions(-) diff --git a/content/actions/guides/index.md b/content/actions/guides/index.md index 9651b4e8c7fa..0ccacf47e77a 100644 --- a/content/actions/guides/index.md +++ b/content/actions/guides/index.md @@ -40,9 +40,6 @@ You can use {% data variables.product.prodname_actions %} to create custom conti You can use {% data variables.product.prodname_actions %} to create custom continuous deployment (CD) workflows that deploy projects to a number of cloud partner ecosystems. -{% link_in_list /deploying-to-google-kubernetes-engine %} - You can use {% data variables.product.prodname_actions %} to create custom continuous deployment (CD) workflows that deploy projects to a number of cloud partner ecosystems. - {% link_in_list /deploying-to-amazon-elastic-container-service %} {% link_in_list /deploying-to-azure-app-service %} {% link_in_list /deploying-to-google-kubernetes-engine %} From d836fd11fb43fb397ff715826df51380cb52fa0d Mon Sep 17 00:00:00 2001 From: "Leona B. Campbell" <3880403+runleonarun@users.noreply.github.com> Date: Wed, 16 Dec 2020 14:52:46 -0800 Subject: [PATCH 11/20] Update content/actions/guides/deploying-to-azure-app-service.md --- content/actions/guides/deploying-to-azure-app-service.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/content/actions/guides/deploying-to-azure-app-service.md b/content/actions/guides/deploying-to-azure-app-service.md index 2b04aac3c129..3c0e26153b1e 100644 --- a/content/actions/guides/deploying-to-azure-app-service.md +++ b/content/actions/guides/deploying-to-azure-app-service.md @@ -1,5 +1,5 @@ --- -title: Deploying to Azure App Service Service +title: Deploying to Azure App Service intro: You can deploy to Azure App Service as part of your continuous deployment (CD) workflows. product: '{% data reusables.gated-features.actions %}' versions: From 9a9970dbcad4f9e36bbd10c11ed02b1e19559529 Mon Sep 17 00:00:00 2001 From: Lucas Costi Date: Thu, 17 Dec 2020 14:09:19 +1000 Subject: [PATCH 12/20] Revise intro sentence per @imjohnbo's suggestion --- content/actions/guides/deploying-to-google-kubernetes-engine.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/content/actions/guides/deploying-to-google-kubernetes-engine.md b/content/actions/guides/deploying-to-google-kubernetes-engine.md index e0d1ea1c3aaa..6e84d9f17f8f 100644 --- a/content/actions/guides/deploying-to-google-kubernetes-engine.md +++ b/content/actions/guides/deploying-to-google-kubernetes-engine.md @@ -12,7 +12,7 @@ versions: ### Introduction -This guide explains how to use {% data variables.product.prodname_actions %} to build a containerized application in Google Container Registry (GCR) and deploy it to Google Kubernetes Engine (GKE). +This guide explains how to use {% data variables.product.prodname_actions %} to build a containerized application, push it to Google Container Registry (GCR), and deploy it to Google Kubernetes Engine (GKE). GKE is a managed Kubernetes cluster service from Google Cloud that can host your containerized workloads in the cloud or in your own datacenter. For more information, see [Google Kubernetes Engine](https://cloud.google.com/kubernetes-engine). From 3ef5057d9ff1db036c2fcfeaa800b2027c712cd9 Mon Sep 17 00:00:00 2001 From: Lucas Costi Date: Thu, 17 Dec 2020 14:19:34 +1000 Subject: [PATCH 13/20] GKE article edits for lists --- .../deploying-to-google-kubernetes-engine.md | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) diff --git a/content/actions/guides/deploying-to-google-kubernetes-engine.md b/content/actions/guides/deploying-to-google-kubernetes-engine.md index 6e84d9f17f8f..ed8256ebbf05 100644 --- a/content/actions/guides/deploying-to-google-kubernetes-engine.md +++ b/content/actions/guides/deploying-to-google-kubernetes-engine.md @@ -17,14 +17,15 @@ This guide explains how to use {% data variables.product.prodname_actions %} to GKE is a managed Kubernetes cluster service from Google Cloud that can host your containerized workloads in the cloud or in your own datacenter. For more information, see [Google Kubernetes Engine](https://cloud.google.com/kubernetes-engine). ### Prerequisites + Before you proceed with creating the workflow, you will need to complete the following steps for your Kubernetes project. This guide assumes the root of your project already has a `Dockerfile` and a Kubernetes Deployment configuration file. For an example, see [google-github-actions](https://github.com/google-github-actions/setup-gcloud/tree/master/example-workflows/gke). #### Creating a GKE cluster To create the GKE cluster, you will first need to authenticate using the `gcloud` CLI. For more information on this step, see the following articles: -- [`gcloud auth login`](https://cloud.google.com/sdk/gcloud/reference/auth/login). -- [`gcloud` CLI](https://cloud.google.com/sdk/gcloud/reference). -- [`gcloud` CLI and Cloud SDK](https://cloud.google.com/sdk/gcloud#the_gcloud_cli_and_cloud_sdk). +- [`gcloud auth login`](https://cloud.google.com/sdk/gcloud/reference/auth/login) +- [`gcloud` CLI](https://cloud.google.com/sdk/gcloud/reference) +- [`gcloud` CLI and Cloud SDK](https://cloud.google.com/sdk/gcloud#the_gcloud_cli_and_cloud_sdk) For example: @@ -170,7 +171,7 @@ jobs: For more information on the tools used in these examples, see the following documentation: -1. For the full starter workflow, see [GKE starter workflow](https://github.com/actions/starter-workflows/blob/master/ci/google.yml). -2. For more starter workflows and accompanying code, see [Google GitHub actions example workflows](https://github.com/google-github-actions/setup-gcloud/tree/master/example-workflows/). -3. The Kubernetes YAML customization engine: [Kustomize](https://kustomize.io/), -4. [Deploying a containerized web application](https://cloud.google.com/kubernetes-engine/docs/tutorials/hello-app). +* For the full starter workflow, see the ["Build and Deploy to GKE" workflow](https://github.com/actions/starter-workflows/blob/master/ci/google.yml). +* For more starter workflows and accompanying code, see Google's [{% data variables.product.prodname_actions %} example workflows](https://github.com/google-github-actions/setup-gcloud/tree/master/example-workflows/). +* The Kubernetes YAML customization engine: [Kustomize](https://kustomize.io/). +* "[Deploying a containerized web application](https://cloud.google.com/kubernetes-engine/docs/tutorials/hello-app)" in the Google Kubernetes Engine documentation. From ea9be2076e301a05e8b41fa8ba6cebce8e0b3113 Mon Sep 17 00:00:00 2001 From: Lucas Costi Date: Thu, 17 Dec 2020 16:08:26 +1000 Subject: [PATCH 14/20] Added edits and style changes to Amazon guide --- ...ing-to-amazon-elastic-container-service.md | 172 +++++++++--------- 1 file changed, 89 insertions(+), 83 deletions(-) diff --git a/content/actions/guides/deploying-to-amazon-elastic-container-service.md b/content/actions/guides/deploying-to-amazon-elastic-container-service.md index 8c647058e873..d6cc9c814daa 100644 --- a/content/actions/guides/deploying-to-amazon-elastic-container-service.md +++ b/content/actions/guides/deploying-to-amazon-elastic-container-service.md @@ -11,56 +11,63 @@ versions: {% data reusables.actions.enterprise-github-hosted-runners %} ### Introduction -[Amazon ECR (Elastic Container Registry)](https://aws.amazon.com/ecr/) and [Amazon ECS (Elastic Container Service)](https://aws.amazon.com/ecs/) are a great combination for running your container-based workloads in the cloud. -This guide will show you how to orchestrate your deployments to Amazon ECR and ECS via GitHub Actions. +This guide explains how to use {% data variables.product.prodname_actions %} to build a containerized application, push it to [Amazon Elastic Container Registry (ECR)](https://aws.amazon.com/ecr/), and deploy it to [Amazon Elastic Container Service (ECS)](https://aws.amazon.com/ecs/). -The included workflow will build and push a new container image to Amazon ECR, and then will deploy a new task definition to Amazon ECS, on every push to the default branch. +On every new release in your {% data variables.product.company_short %} repository, the {% data variables.product.prodname_actions %} workflow builds and pushes a new container image to Amazon ECR, and then deploys a new task definition to Amazon ECS. ### Prerequisites -To adopt this workflow, you will first need to complete the following setup steps: -#### Create an ECR repository to store your images -For example, using [the AWS CLI](https://aws.amazon.com/cli/): +Before creating your {% data variables.product.prodname_actions %} workflow, you will first need to complete the following setup steps for Amazon ECR and ECS: -{% raw %} -```bash{:copy} -aws ecr create-repository \ - --repository-name $ECR_REPOSITORY \ - --region $AWS_REGION -``` -{% endraw %} +1. Create an Amazon ECR repository to store your images. -Replace the value of `$ECR_REPOSITORY` in the workflow below with your repository's name. + For example, using [the AWS CLI](https://aws.amazon.com/cli/): -Replace the value of `$AWS_REGION` in the workflow below with your repository's region. + {% raw %}```bash{:copy} + aws ecr create-repository \ + --repository-name $ECR_REPOSITORY \ + --region $AWS_REGION + ```{% endraw %} -#### Create an ECS task definition, an ECS cluster, and an ECS service -For details, follow [the Getting Started guide on the ECS console](https://us-east-2.console.aws.amazon.com/ecs/home?region=us-east-2#/firstRun). + Ensure that you use the same Amazon ECR repository name for the `ECR_REPOSITORY` variable in the workflow below. -Replace the values for `$ECS_SERVICE` and `$ECS_CLUSTER` in the workflow below with your service and cluster names. + Ensure that you use the same AWS region value for the `AWS_REGION` variable in the workflow below. -#### Store your ECS task definition as a JSON file in your repository -The format should mirror the output generated by: +2. Create an Amazon ECS task definition, cluster, and service. -{% raw %} -```bash{:copy} -aws ecs register-task-definition --generate-cli-skeleton -``` -{% endraw %} + For details, follow the [Getting started wizard on the Amazon ECS console](https://us-east-2.console.aws.amazon.com/ecs/home?region=us-east-2#/firstRun), or the [Getting started guide](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/getting-started-fargate.html) in the Amazon ECS documentation. + + Ensure that you note the names you set for the Amazon ECS service and cluster, and use them for the `ECS_SERVICE` and `ECS_CLUSTER` variables in the workflow below. + +3. Store your Amazon ECS task definition as a JSON file in your {% data variables.product.company_short %} repository. + + The format of the file should be the same as the output generated by: -Replace the value of `$ECS_TASK_DEFINITION` in the workflow below with your JSON file's name. + {% raw %}```bash{:copy} + aws ecs register-task-definition --generate-cli-skeleton + ```{% endraw %} -Replace the value of `$CONTAINER_NAME` in the workflow below with the name of the container in the containerDefinitions section of the task definition. + Ensure that you set the `ECS_TASK_DEFINITION` variable in the workflow below as the path to the JSON file. -#### Store an IAM user access key in GitHub Actions secrets named `AWS_ACCESS_KEY_ID` and `AWS_SECRET_ACCESS_KEY` -See the documentation for each action used below for the recommended IAM policies for this IAM user, and best practices on handling the access key credentials. + Ensure that you set the `CONTAINER_NAME` variable in the workflow below as the container name in the `containerDefinitions` section of the task definition. -### Workflow -After updating the env section, follow these instructions to add the workflow to your repository: +4. Create {% data variables.product.prodname_actions %} secrets named `AWS_ACCESS_KEY_ID` and `AWS_SECRET_ACCESS_KEY` to store the values for your Amazon IAM access key. + + For more information on creating secrets for {% data variables.product.prodname_actions %}, see "[Encrypted secrets](t/actions/reference/encrypted-secrets#creating-encrypted-secrets-for-a-repository)." + + See the documentation for each action used below for the recommended IAM policies for the IAM user, and methods for handling the access key credentials. + +### Creating the workflow + +Once you've completed the prerequisites, you can proceed with creating the workflow. + +The following example workflow demonstrates how to build a container image and push it to Amazon ECR. It then updates the task definition with the new image ID, and deploys the task definition to Amazon ECS. + +Ensure that you provide your own values for all the variables in the `env:` key of the workflow. {% raw %} -```bash{:copy} +```yaml{:copy} name: Deploy to Amazon ECS on: @@ -87,58 +94,57 @@ jobs: runs-on: ubuntu-latest steps: - - name: Checkout - uses: actions/checkout@v2 - - - name: Configure AWS credentials - uses: aws-actions/configure-aws-credentials@v1 - with: - aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} - aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} - aws-region: $AWS_REGION - - - name: Login to Amazon ECR - id: login-ecr - uses: aws-actions/amazon-ecr-login@v1 - - - name: Build, tag, and push image to Amazon ECR - id: build-image - env: - ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }} - IMAGE_TAG: ${{ github.sha }} - run: | - # Build a docker container and - # push it to ECR so that it can - # be deployed to ECS. - docker build -t $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG . - docker push $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG - echo "image=$ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG" >> $GITHUB_ENV - - - name: Fill in the new image ID in the Amazon ECS task definition - id: task-def - uses: aws-actions/amazon-ecs-render-task-definition@v1 - with: - task-definition: $ECS_TASK_DEFINITION - container-name: $CONTAINER_NAME - image: ${{ steps.build-image.outputs.image }} - - - name: Deploy Amazon ECS task definition - uses: aws-actions/amazon-ecs-deploy-task-definition@v1 - with: - task-definition: ${{ steps.task-def.outputs.task-definition }} - service: $ECS_SERVICE - cluster: $ECS_CLUSTER - wait-for-service-stability: true + - name: Checkout + uses: actions/checkout@v2 + + - name: Configure AWS credentials + uses: aws-actions/configure-aws-credentials@v1 + with: + aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} + aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + aws-region: $AWS_REGION + + - name: Login to Amazon ECR + id: login-ecr + uses: aws-actions/amazon-ecr-login@v1 + + - name: Build, tag, and push image to Amazon ECR + id: build-image + env: + ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }} + IMAGE_TAG: ${{ github.sha }} + run: | + # Build a docker container and + # push it to ECR so that it can + # be deployed to ECS. + docker build -t $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG . + docker push $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG + echo "image=$ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG" >> $GITHUB_ENV + + - name: Fill in the new image ID in the Amazon ECS task definition + id: task-def + uses: aws-actions/amazon-ecs-render-task-definition@v1 + with: + task-definition: $ECS_TASK_DEFINITION + container-name: $CONTAINER_NAME + image: ${{ steps.build-image.outputs.image }} + + - name: Deploy Amazon ECS task definition + uses: aws-actions/amazon-ecs-deploy-task-definition@v1 + with: + task-definition: ${{ steps.task-def.outputs.task-definition }} + service: $ECS_SERVICE + cluster: $ECS_CLUSTER + wait-for-service-stability: true ``` {% endraw %} ### Additional resources -The following additional resources may also be of use: - -1. Best practices on handling AWS access key credentials: https://docs.aws.amazon.com/IAM/latest/UserGuide/best-practices.html -1. Amazon ECR: https://aws.amazon.com/ecr/ -1. Amazon ECS: https://aws.amazon.com/ecs/ -1. Official AWS GitHub action to configure AWS credentials: https://github.com/aws-actions/configure-aws-credentials -1. Official AWS GitHub action to login to Amazon ECR: https://github.com/aws-actions/amazon-ecr-login -1. Official AWS GitHub action to “render” and Amazon ECS task definition: https://github.com/aws-actions/amazon-ecs-render-task-definition -1. Official AWS GitHub action to register an Amazon ECS task definition and deploy it to an ECS service: https://github.com/aws-actions/amazon-ecs-deploy-task-definition + +For more information on the services used in these examples, see the following documentation: + +* "[Security best practices in IAM](https://docs.aws.amazon.com/IAM/latest/UserGuide/best-practices.html)" in the Amazon AWS documentation. +* Official AWS "[Configure AWS Credentials](https://github.com/aws-actions/configure-aws-credentials)" action. +* Official AWS [Amazon ECR "Login"](https://github.com/aws-actions/amazon-ecr-login) action. +* Official AWS [Amazon ECS "Render Task Definition"](https://github.com/aws-actions/amazon-ecs-render-task-definition) action. +* Official AWS [Amazon ECS "Deploy Task Definition"](https://github.com/aws-actions/amazon-ecs-deploy-task-definition) action. From f7e1d81c7010dd926f679b6421948c3e65d1c013 Mon Sep 17 00:00:00 2001 From: Lucas Costi Date: Thu, 17 Dec 2020 17:37:07 +1000 Subject: [PATCH 15/20] Added edits and style changes to Azure web app guide --- .../guides/deploying-to-azure-app-service.md | 128 ++++++++++-------- 1 file changed, 71 insertions(+), 57 deletions(-) diff --git a/content/actions/guides/deploying-to-azure-app-service.md b/content/actions/guides/deploying-to-azure-app-service.md index 3c0e26153b1e..3471b333ace0 100644 --- a/content/actions/guides/deploying-to-azure-app-service.md +++ b/content/actions/guides/deploying-to-azure-app-service.md @@ -11,56 +11,69 @@ versions: {% data reusables.actions.enterprise-github-hosted-runners %} ### Introduction -[Azure App Service](https://azure.microsoft.com/en-us/services/app-service/) is a Platform-as-a-Service (PaaS) offering from Microsoft, a “fully managed platform for building, deploying and scaling your web apps”. It is a great way to run web apps in several languages including JavaScript, which will be shown here. -This guide assumes you are in the directory of an existing [Node.js](https://nodejs.org/en/) project. +This guide explains how to use {% data variables.product.prodname_actions %} to build, test, and deploy an application to [Azure App Service](https://azure.microsoft.com/en-us/services/app-service/). + +Azure App Service can run web apps in several languages, but this guide demonstrates deploying an existing Node.js project. ### Prerequisites -To adopt this workflow, you will first need to complete the following setup steps: -#### Create an App Service plan -For example, after [authenticating](https://docs.microsoft.com/en-us/cli/azure/authenticate-azure-cli) with `az`, the [Azure CLI](https://docs.microsoft.com/en-us/cli/azure/): +Before creating your {% data variables.product.prodname_actions %} workflow, you will first need to complete the following setup steps: -{% raw %} -```bash{:copy} -az appservice plan create \ - --resource-group $AZ_RESOURCE_GROUP \ - --name $AZ_APP_SERVICE_PLAN \ - --is-linux -``` -{% endraw %} +1. Create an Azure App Service plan. -where `$AZ_RESOURCE_GROUP` is a pre-existing Azure Resource Group and `$AZ_APP_SERVICE_PLAN` is a name of your choosing. If you need to set up a new Resource Group, follow [these instructions](https://docs.microsoft.com/en-us/cli/azure/group?view=azure-cli-latest#az_group_create). + For example, you can use the Azure CLI to create a new App Service plan: -#### Create a Web App -Create an [App Service Web App](https://azure.microsoft.com/en-us/services/app-service/web/) with a [node runtime](https://docs.microsoft.com/en-us/cli/azure/webapp?view=azure-cli-latest#az_webapp_list_runtimes), for example, using the Azure CLI: + ```bash{:copy} + az appservice plan create \ + --resource-group MY_RESOURCE_GROUP \ + --name MY_APP_SERVICE_PLAN \ + --is-linux + ``` -{% raw %} -```bash{:copy} -az webapp create \ - --name $AZURE_WEBAPP_NAME \ - --plan $AZ_APP_SERVICE_PLAN \ - --resource-group $AZ_RESOURCE_GROUP \ - --runtime "node|10.14" -``` -{% endraw %} + In the command above, replace `MY_RESOURCE_GROUP` with your pre-existing Azure Resource Group, and `MY_APP_SERVICE_PLAN` with a new name for the App Service plan. + + See the Azure documentation for more information on using the [Azure CLI](https://docs.microsoft.com/en-us/cli/azure/): + + * For authentication, see "[Sign in with Azure CLI](https://docs.microsoft.com/en-us/cli/azure/authenticate-azure-cli)". + * If you need to create a new resource group, see "[az group](https://docs.microsoft.com/en-us/cli/azure/group?view=azure-cli-latest#az_group_create)." -where `$AZURE_WEBAPP_NAME` is a webapp name of your choosing. +2. Create a web app. -#### Configure publish profile and store as `AZURE_WEBAPP_PUBLISH_PROFILE` secret -Next, we will generate Azure deployment credentials via a publish profile using [these instructions](https://docs.microsoft.com/en-us/azure/app-service/deploy-github-actions?tabs=applevel#generate-deployment-credentials), adding them as a [GitHub repository secret](https://docs.github.com/en/free-pro-team@latest/actions/reference/encrypted-secrets) named `AZURE_WEBAPP_PUBLISH_PROFILE`. + For example, you can use the Azure CLI to create an Azure App Service web app with a node runtime: -### Workflow -Now that the prerequisite steps are done, consider the following workflow, which will build, test, and deploy the Node.js project to Azure App Service. + ```bash{:copy} + az webapp create \ + --name MY_WEBAPP_NAME \ + --plan MY_APP_SERVICE_PLAN \ + --resource-group MY_RESOURCE_GROUP \ + --runtime "node|10.14" + ``` + + In the command above, replace the parameters with your own values, where `MY_WEBAPP_NAME` is a new name for the web app. + +3. Configure an Azure publish profile and create an `AZURE_WEBAPP_PUBLISH_PROFILE` secret. + + Generate your Azure deployment credentials using a publish profile. For more information, see "[Generate deployment credentials](https://docs.microsoft.com/en-us/azure/app-service/deploy-github-actions?tabs=applevel#generate-deployment-credentials)" in the Azure documentation. + + In your {% data variables.product.prodname_dotcom %} repository, create a secret named `AZURE_WEBAPP_PUBLISH_PROFILE` that contains the contents of the publish profile. For more information on creating secrets, see "[Encrypted secrets](/actions/reference/encrypted-secrets#creating-encrypted-secrets-for-a-repository)." + +### Creating the workflow + +Once you've completed the prerequisites, you can proceed with creating the workflow. + +The following example workflow demonstrates how to build, test, and deploy the Node.js project to Azure App Service. + +Ensure that you set `AZURE_WEBAPP_NAME` in the workflow `env` key to the name of the web app you created. {% raw %} -```bash{:copy} +```yaml{:copy} on: release: types: [created] env: - AZURE_WEBAPP_NAME: your-app-name # set this to your application's name + AZURE_WEBAPP_NAME: MY_WEBAPP_NAME # set this to your application's name AZURE_WEBAPP_PACKAGE_PATH: '.' # set this to the path to your web app project, defaults to the repository root NODE_VERSION: '10.x' # set this to the node version to use @@ -69,33 +82,34 @@ jobs: name: Build and Deploy runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 - - - name: Use Node.js ${{ env.NODE_VERSION }} - uses: actions/setup-node@v1 - with: - node-version: ${{ env.NODE_VERSION }} - - - name: npm install, build, and test - run: | - # Build and test the project, then - # deploy to Azure Web App. - npm install - npm run build --if-present - npm run test --if-present - - - name: 'Deploy to Azure WebApp' - uses: azure/webapps-deploy@v2 - with: - app-name: ${{ env.AZURE_WEBAPP_NAME }} - publish-profile: ${{ secrets.AZURE_WEBAPP_PUBLISH_PROFILE }} - package: ${{ env.AZURE_WEBAPP_PACKAGE_PATH }} + - uses: actions/checkout@v2 + + - name: Use Node.js ${{ env.NODE_VERSION }} + uses: actions/setup-node@v1 + with: + node-version: ${{ env.NODE_VERSION }} + + - name: npm install, build, and test + run: | + # Build and test the project, then + # deploy to Azure Web App. + npm install + npm run build --if-present + npm run test --if-present + + - name: 'Deploy to Azure WebApp' + uses: azure/webapps-deploy@v2 + with: + app-name: ${{ env.AZURE_WEBAPP_NAME }} + publish-profile: ${{ secrets.AZURE_WEBAPP_PUBLISH_PROFILE }} + package: ${{ env.AZURE_WEBAPP_PACKAGE_PATH }} ``` {% endraw %} ### Additional resources -The following additional resources may also be of use: -1. [Azure App Service starter workflow](https://github.com/actions/starter-workflows/blob/master/ci/azure.yml) for the full starter workflow -1. [`Azure/webapps-deploy`](https://github.com/Azure/webapps-deploy), the Azure action used -1. [App Service quickstart -- Node.js](https://docs.microsoft.com/en-us/azure/app-service/quickstart-nodejs) for a quickstart using the [VSCode Azure App Service extension](https://marketplace.visualstudio.com/items?itemName=ms-azuretools.vscode-azureappservice) +The following resources may also be useful: + +* For the original starter workflow, see [`azure.yml`](https://github.com/actions/starter-workflows/blob/master/ci/azure.yml) in the {% data variables.product.prodname_actions %} `starter-workflows` repository. +* The action used to deploy the web app is the official Azure [`Azure/webapps-deploy`](https://github.com/Azure/webapps-deploy) action. +* The "[Create a Node.js web app in Azure](https://docs.microsoft.com/en-us/azure/app-service/quickstart-nodejs)" quickstart in the Azure web app documentation demonstrates using VS Code with the [Azure App Service extension](https://marketplace.visualstudio.com/items?itemName=ms-azuretools.vscode-azureappservice). From 45f810f83e8609e083f2b3021341d1b08ad117e1 Mon Sep 17 00:00:00 2001 From: Lucas Costi Date: Thu, 17 Dec 2020 17:43:48 +1000 Subject: [PATCH 16/20] Replace pseudo environment variables with obvious replaceables in examples --- ...loying-to-amazon-elastic-container-service.md | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/content/actions/guides/deploying-to-amazon-elastic-container-service.md b/content/actions/guides/deploying-to-amazon-elastic-container-service.md index d6cc9c814daa..9835f448b4a7 100644 --- a/content/actions/guides/deploying-to-amazon-elastic-container-service.md +++ b/content/actions/guides/deploying-to-amazon-elastic-container-service.md @@ -26,8 +26,8 @@ Before creating your {% data variables.product.prodname_actions %} workflow, you {% raw %}```bash{:copy} aws ecr create-repository \ - --repository-name $ECR_REPOSITORY \ - --region $AWS_REGION + --repository-name MY_ECR_REPOSITORY \ + --region MY_AWS_REGION ```{% endraw %} Ensure that you use the same Amazon ECR repository name for the `ECR_REPOSITORY` variable in the workflow below. @@ -75,13 +75,13 @@ on: types: [ created ] env: - AWS_REGION: your-preferred-aws-region # set this to your preferred AWS region, e.g. us-west-1 - ECR_REPOSITORY: your-ecr-repository # set this to your Amazon ECR repository name - ECS_SERVICE: your-ecs-service # set this to your Amazon ECS service name - ECS_CLUSTER: your-ecs-cluster # set this to your Amazon ECS cluster name - ECS_TASK_DEFINITION: your-ecs-task-defintion # set this to the path to your Amazon ECS task definition + AWS_REGION: MY_AWS_REGION # set this to your preferred AWS region, e.g. us-west-1 + ECR_REPOSITORY: MY_ECR_REPOSITORY # set this to your Amazon ECR repository name + ECS_SERVICE: MY-ECS-SERVICE # set this to your Amazon ECS service name + ECS_CLUSTER: MY-ECS-CLUSTER # set this to your Amazon ECS cluster name + ECS_TASK_DEFINITION: MY-ECS-TASK-DEFINITION # set this to the path to your Amazon ECS task definition # file, e.g. .aws/task-definition.json - CONTAINER_NAME: your-container-name # set this to the name of the container in the + CONTAINER_NAME: MY-CONTAINER-NAME # set this to the name of the container in the # containerDefinitions section of your task definition defaults: From 1772d741f145cb5d7c1362ac9ca16226a1104aec Mon Sep 17 00:00:00 2001 From: Lucas Costi Date: Thu, 17 Dec 2020 17:53:52 +1000 Subject: [PATCH 17/20] Fix bad link URL --- .../guides/deploying-to-amazon-elastic-container-service.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/content/actions/guides/deploying-to-amazon-elastic-container-service.md b/content/actions/guides/deploying-to-amazon-elastic-container-service.md index 9835f448b4a7..7af3367b8fa6 100644 --- a/content/actions/guides/deploying-to-amazon-elastic-container-service.md +++ b/content/actions/guides/deploying-to-amazon-elastic-container-service.md @@ -54,7 +54,7 @@ Before creating your {% data variables.product.prodname_actions %} workflow, you 4. Create {% data variables.product.prodname_actions %} secrets named `AWS_ACCESS_KEY_ID` and `AWS_SECRET_ACCESS_KEY` to store the values for your Amazon IAM access key. - For more information on creating secrets for {% data variables.product.prodname_actions %}, see "[Encrypted secrets](t/actions/reference/encrypted-secrets#creating-encrypted-secrets-for-a-repository)." + For more information on creating secrets for {% data variables.product.prodname_actions %}, see "[Encrypted secrets](/actions/reference/encrypted-secrets#creating-encrypted-secrets-for-a-repository)." See the documentation for each action used below for the recommended IAM policies for the IAM user, and methods for handling the access key credentials. From f810e4f16cf9d5c07013a30e71ef36a48e411a42 Mon Sep 17 00:00:00 2001 From: "Leona B. Campbell" <3880403+runleonarun@users.noreply.github.com> Date: Thu, 17 Dec 2020 13:01:07 -0800 Subject: [PATCH 18/20] Update content/actions/guides/deploying-to-amazon-elastic-container-service.md Co-authored-by: Steve Winton --- .../guides/deploying-to-amazon-elastic-container-service.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/content/actions/guides/deploying-to-amazon-elastic-container-service.md b/content/actions/guides/deploying-to-amazon-elastic-container-service.md index 7af3367b8fa6..dde155426ceb 100644 --- a/content/actions/guides/deploying-to-amazon-elastic-container-service.md +++ b/content/actions/guides/deploying-to-amazon-elastic-container-service.md @@ -30,9 +30,9 @@ Before creating your {% data variables.product.prodname_actions %} workflow, you --region MY_AWS_REGION ```{% endraw %} - Ensure that you use the same Amazon ECR repository name for the `ECR_REPOSITORY` variable in the workflow below. + Ensure that you use the same Amazon ECR repository name (represented here by `MY_ECR_REPOSITORY`) for the `ECR_REPOSITORY` variable in the workflow below. - Ensure that you use the same AWS region value for the `AWS_REGION` variable in the workflow below. + Ensure that you use the same AWS region value for the `AWS_REGION` (represented here by `MY_AWS_REGION`) variable in the workflow below. 2. Create an Amazon ECS task definition, cluster, and service. From b68c1eed87da17fad8a6ef284120f76337bd816d Mon Sep 17 00:00:00 2001 From: "Leona B. Campbell" <3880403+runleonarun@users.noreply.github.com> Date: Thu, 17 Dec 2020 13:06:33 -0800 Subject: [PATCH 19/20] Update content/actions/guides/deploying-to-amazon-elastic-container-service.md Co-authored-by: Steve Winton --- .../deploying-to-amazon-elastic-container-service.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/content/actions/guides/deploying-to-amazon-elastic-container-service.md b/content/actions/guides/deploying-to-amazon-elastic-container-service.md index dde155426ceb..64f0faf946a0 100644 --- a/content/actions/guides/deploying-to-amazon-elastic-container-service.md +++ b/content/actions/guides/deploying-to-amazon-elastic-container-service.md @@ -77,11 +77,11 @@ on: env: AWS_REGION: MY_AWS_REGION # set this to your preferred AWS region, e.g. us-west-1 ECR_REPOSITORY: MY_ECR_REPOSITORY # set this to your Amazon ECR repository name - ECS_SERVICE: MY-ECS-SERVICE # set this to your Amazon ECS service name - ECS_CLUSTER: MY-ECS-CLUSTER # set this to your Amazon ECS cluster name - ECS_TASK_DEFINITION: MY-ECS-TASK-DEFINITION # set this to the path to your Amazon ECS task definition + ECS_SERVICE: MY_ECS_SERVICE # set this to your Amazon ECS service name + ECS_CLUSTER: MY_ECS_CLUSTER # set this to your Amazon ECS cluster name + ECS_TASK_DEFINITION: MY_ECS_TASK_DEFINITION # set this to the path to your Amazon ECS task definition # file, e.g. .aws/task-definition.json - CONTAINER_NAME: MY-CONTAINER-NAME # set this to the name of the container in the + CONTAINER_NAME: MY_CONTAINER_NAME # set this to the name of the container in the # containerDefinitions section of your task definition defaults: From 8162972df13fddbb83ec69428624f055ecaccfb6 Mon Sep 17 00:00:00 2001 From: "Leona B. Campbell" <3880403+runleonarun@users.noreply.github.com> Date: Thu, 17 Dec 2020 13:14:34 -0800 Subject: [PATCH 20/20] Update content/actions/guides/deploying-to-amazon-elastic-container-service.md --- .../guides/deploying-to-amazon-elastic-container-service.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/content/actions/guides/deploying-to-amazon-elastic-container-service.md b/content/actions/guides/deploying-to-amazon-elastic-container-service.md index 64f0faf946a0..59b5b7bae253 100644 --- a/content/actions/guides/deploying-to-amazon-elastic-container-service.md +++ b/content/actions/guides/deploying-to-amazon-elastic-container-service.md @@ -64,7 +64,7 @@ Once you've completed the prerequisites, you can proceed with creating the workf The following example workflow demonstrates how to build a container image and push it to Amazon ECR. It then updates the task definition with the new image ID, and deploys the task definition to Amazon ECS. -Ensure that you provide your own values for all the variables in the `env:` key of the workflow. +Ensure that you provide your own values for all the variables in the `env` key of the workflow. {% raw %} ```yaml{:copy}