update production deploy and add rollback

charmingduchess · charmingduchess · commit c62838f439cb · 2025-06-02T13:22:04.000-04:00
diff --git a/.github/workflows/rollback-prod.yml b/.github/workflows/rollback-prod.yml
@@ -0,0 +1,45 @@
+name: Rollback production
+
+on:
+  workflow_dispatch:
+
+jobs:
+  # Rollback job in case of failure (Revert production to the previous task definition)
+  rollback:
+    permissions:
+        id-token: write
+        contents: read
+    name: Rollback to Previous Version
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Setup Node
+        uses: actions/setup-node@v4
+        with:
+          node-version-file: ".nvmrc"
+          cache: npm
+
+      - name: Configure AWS credentials from production account
+        uses: aws-actions/configure-aws-credentials@v2
+        with:
+          role-to-assume: arn:aws:iam::946183545209:role/GithubActionsDeployerRole
+          aws-region: us-east-1
+
+      - name: Login to Amazon ECR
+        id: login-ecr
+        uses: aws-actions/amazon-ecr-login@v2
+
+      - name: Pull and tag previous image
+        env:
+          ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }}
+          ECR_REPOSITORY: discovery-api
+        run: |
+          docker pull $ECR_REGISTRY/$ECR_REPOSITORY:production-previous
+          docker tag $ECR_REGISTRY/$ECR_REPOSITORY:production-previous $ECR_REGISTRY/$ECR_REPOSITORY:production-latest
+          docker push $ECR_REGISTRY/$ECR_REPOSITORY:production-latest
+
+      - name: Force ECS Update
+        run: |
+          aws ecs update-service --cluster discovery-api-production --service discovery-api-production --force-new-deployment
diff --git a/.github/workflows/test-and-deploy.yml b/.github/workflows/test-and-deploy.yml
@@ -115,6 +115,13 @@ jobs:
         id: login-ecr
         uses: aws-actions/amazon-ecr-login@v1
 
+      - name: Back up previous image for rollback
+        env:
+          ECR_REPOSITORY: discovery-api
+        run: |
+          MANIFEST=$(aws ecr batch-get-image --repository-name $ECR_REPOSITORY --image-ids imageTag="production-latest" --output json | jq --raw-output --join-output '.images[0].imageManifest')
+          aws ecr put-image --repository-name $ECR_REPOSITORY --image-tag "production-previous" --image-manifest "$MANIFEST"
+
       - name: Build, tag, and push image to Amazon ECR
         env:
           ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }}
