feat: Draft new composite actions and reusable workflows

Signed-off-by: Dimitris Kargatzis <dkargatzis@gmail.com>

ci-cd-and-automation/github/composite-actions/aws-configure/action.yaml

@@ -0,0 +1,61 @@
+name: 'Configure AWS'
+description: 'Configures AWS credentials, authenticates to ECR and creates AWS profile'
+
+inputs:
+  aws-access-key-id:
+    description: 'AWS Access Key ID'
+    required: true
+  aws-secret-access-key:
+    description: 'AWS Secret Access Key'
+    required: true
+  aws-region:
+    description: 'The region on AWS to host the workspace resources in'
+    required: true
+  eks-cluster:
+    description: 'The name of the EKS cluster on AWS'
+    required: true
+outputs:
+  registry-url:
+    description: 'The URL of the Container Registry in AWS'
+    value: ${{ steps.construct-registry-url.outputs.registry-url }}
+
+runs:
+  using: "composite"
+  steps:
+    # Configure AWS credentials
+    - name: Configure AWS credentials
+      uses: aws-actions/configure-aws-credentials@v4
+      with:
+        aws-access-key-id: ${{ inputs.aws-access-key-id }}
+        aws-secret-access-key: ${{ inputs.aws-secret-access-key }}
+        aws-region: ${{ inputs.aws-region }}
+
+    # Configure authentication to ECR
+    - name: Authenticate to ECR
+      id: ecr
+      uses: jwalton/gh-ecr-login@v1
+      with:
+        access-key-id: ${{ inputs.aws-access-key-id }}
+        secret-access-key: ${{ inputs.aws-secret-access-key }}
+        region: ${{ inputs.aws-region }}
+
+    # Create profile for AWS interface
+    - name: Create the default profile for EKS/ECR interface
+      run: |-
+        aws configure set aws_access_key_id ${{ inputs.aws-access-key-id }}
+        aws configure set aws_secret_access_key ${{ inputs.aws-secret-access-key }}
+
+    # Construct the ECR registry URL
+    - name: Construct ECR Registry URL
+      id: construct-registry-url
+      run: |-
+        registry_url="${{ inputs.aws-account-id }}.dkr.ecr.${{ inputs.aws-region }}.amazonaws.com"
+        echo "registry_url=$registry_url" >> $GITHUB_ENV
+        echo "::set-output name=registry-url::$registry_url"
+
+    # Update kube-config for EKS cluster
+    - name: Config kubectl
+      id: kube-config
+      run: |
+        # Update kube-config for EKS cluster
+        aws eks --region ${{ inputs.aws-region }} update-kubeconfig --name ${{ inputs.eks-cluster }}

ci-cd-and-automation/github/composite-actions/docker-build-and-push/examples/example_workflow.yaml

@@ -65,7 +65,7 @@ jobs:
 
       # Build and push image
       - name: Build and push image
-        uses: warestack/blueprints/ci-cd-and-automation/github/composite-actions/action.yaml@main
+        uses: warestack/platform/ci-cd-and-automation/github/composite-actions/docker-build-and-push/action.yaml@main
         with:
           registry_url: ${{ steps.construct_registry_url.outputs.registry_url }}
           image_name: ${{ env.IMAGE_NAME }}

ci-cd-and-automation/github/composite-actions/helm-install-local-chart/action.yaml

@@ -0,0 +1,59 @@
+name: 'Install Helm releases'
+description: 'Deploy a service using Warestack and Helm package manager'
+inputs:
+  environment:
+    description: "The value can be development, staging, production, etc."
+    required: true
+  release_name:
+    description: 'Release name to be used for the helm releases and Container Repository'
+    required: true
+  namespace:
+    description: 'The organization to be used for the namespace in helm install'
+    required: true
+  registry_url:
+    description: 'URL of the container registry'
+    required: true
+  image_name:
+    description: 'Name of the image to build and push'
+    required: true
+  image_tag:
+    description: 'The tag of the image pushed to the container registry'
+    required: true
+  public_url:
+    description: 'Public URL to used for exposing the service'
+    required: true
+  port:
+    description: 'Port to used for exposing the pod in Kube'
+    required: true
+  helm_path:
+    description: 'Path to the Helm chart'
+    required: true
+
+runs:
+  using: "composite"
+  steps:
+    # Install or Upgrade the Helm release
+    - name: Install or upgrade helm release
+      env:
+        ENVIRONMENT: ${{ github.event.inputs.environment }}
+        RELEASE_NAME: ${{ inputs.release_name }}
+        NAMESPACE: ${{ inputs.namespace }}
+        IMAGE_REPO: ${{ inputs.registry_url }}/${{ inputs.image_name }}
+        IMAGE_TAG: ${{ inputs.image_tag }}
+        PUBLIC_URL: ${{ inputs.public_url }}
+        PORT: ${{ inputs.port }}
+        HELM_PATH: ${{ inputs.helm_path }}
+      run: |-
+        helm upgrade ${{ env.RELEASE_NAME }} ${{ env.HELM_PATH }} --namespace ${{ env.NAMESPACE }} --create-namespace --wait \
+          --values ${{ env.HELM_PATH }}/values-${{ env.ENVIRONMENT }}.yaml \
+          --set image.repository=$IMAGE_REPO \
+          --set image.tag=$IMAGE_TAG \
+          --set cert.tls.secretName=$RELEASE_NAME \
+          --set cert.commonName=$PUBLIC_URL \
+          --set cert.dnsNames.hosts={$PUBLIC_URL} \
+          --set service.port=$PORT \
+          --set ingress.hosts[0].host=$PUBLIC_URL \
+          --set ingress.tls[0].secretName=$RELEASE_NAME \
+          --set ingress.tls[0].hosts={$PUBLIC_URL} \
+          --install
+      shell: bash

ci-cd-and-automation/github/reusable-workflows/aws-build-push-and-deploy-to-eks-with-helm/main.yaml

@@ -0,0 +1,96 @@
+on:
+  workflow_call:
+    inputs:
+      environment:
+        description: "Specifies the deployment environment (e.g., 'development', 'staging', 'production', 'QA', 'testing')."
+        required: true
+      region:
+        description: 'The AWS region where the service resources will be hosted. This should match your organization operational region.'
+        required: true
+      image_name:
+        description: 'The name of the Docker image to be built and pushed to the container registry. This name should be unique within your registry.'
+        required: true
+      release_name:
+        description: 'A unique name for this release, used to identify helm releases.'
+        required: true
+      eks_cluster:
+        description: 'The name of the EKS cluster where the application will be deployed. This name should correspond to an existing EKS cluster configured within your AWS account.'
+        required: true
+      namespace:
+        description: 'The Kubernetes namespace within the EKS cluster to isolate resources. Namespaces are used to isolate applications within a single cluster.'
+        required: true
+      public_url:
+        description: "The domain name for accessing the service publicly. This URL should include both the subdomain and base domain name."
+        required: true
+      port:
+        description: 'The port should match the one specified in the service Dockerfile and is used for routing external traffic to the application.'
+        required: true
+      helm_path:
+        description: 'The path of the chart which defines the Kubernetes resources and configurations used for deploying the application to EKS.'
+        required: true
+
+concurrency:
+  group: ${{ inputs.release_name }}
+  cancel-in-progress: true
+
+jobs:
+  deploy:
+    name: Setup, Build and Publish Dokcer image to ECR, and Deploy to EKS using Helm
+    runs-on: ubuntu-latest
+    env:
+      BRANCH: ${{ github.head_ref || github.ref_name }}
+      ENVIRONMENT: ${{ github.event.inputs.environment }}
+      REGION: ${{ github.event.inputs.region }}
+      IMAGE_NAME: ${{ github.event.inputs.image_name }}
+      EKS_CLUSTER: ${{ github.event.inputs.eks_cluster }}
+      NAMESPACE: ${{ github.event.inputs.namespace }}
+      RELEASE_NAME: ${{ github.event.inputs.release_name }}
+      PUBLIC_URL: ${{ github.event.inputs.public_url }}
+      PORT: ${{ github.event.inputs.port }}
+      HELM_PATH: ${{ github.event.inputs.helm_path }}
+      JOB_STATUS: succeeded
+
+    # Add "id-token" with the intended permissions.
+    permissions:
+      contents: 'read'
+      id-token: 'write'
+
+    steps:
+      # Checkout GitHub branch's config
+      - name: Checkout
+        uses: actions/checkout@v4
+        with:
+          ref: ${{ env.BRANCH }}
+          fetch-depth: 0
+
+      # Configure AWS
+      - name: Configure AWS
+        id: configure_aws
+        uses: warestack/platform/ci-cd-and-automation/github/composite-actions/configure_aws/action.yaml@main
+        with:
+          aws_access_key_id: ${{ secrets.AWS_ACCESS_KEY_ID }}
+          aws_secret_access_key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+          aws_region: ${{ env.REGION }}
+          eks_cluster: ${{ env.EKS_CLUSTER }}
+
+      # Build and push image
+      - name: Build and push image
+        id: build_and_deploy
+        uses: warestack/platform/ci-cd-and-automation/github/composite-actions/docker-build-and-push/action.yaml@main
+        with:
+          registry_url: ${{ steps.configure_aws.outputs.registry_url }}
+          image_name: ${{ env.IMAGE_NAME }}
+
+      # Install or upgrade Helm chart
+      - name: Install or upgrade Helm chart
+        uses: warestack/platform/ci-cd-and-automation/github/composite-actions/helm-install-local-chart/action.yaml@main
+        with:
+          release_name: ${{ env.RELEASE_NAME }}
+          namespace: ${{ env.NAMESPACE }}
+          helm_path: ${{ env.HELM_PATH }}
+          environment: ${{ env.ENVIRONMENT }}
+          registry_url: ${{ steps.configure_aws.outputs.registry_url }}
+          image_name: ${{ env.IMAGE_NAME }}
+          image_tag: ${{ steps.build_and_deploy.outputs.image_tag }}
+          public_url: ${{ env.PUBLIC_URL }}
+          port: ${{ env.PORT }}