Docker build, tag, deploy

Build Environment
, ,
1

Hey,

I’m trying to build and tag a container using aws ecr and then deploying it but I’m having difficulties getting the sha of the tagged container.

This is my yaml.

version: 2.1

orbs:
  aws-ecr: circleci/aws-ecr@8.2.1
  circleci-argo: joaogl/circleci-argo@0.1.13

commands:
  build:
    parameters:
      tag:
        type: string
    steps:
      - aws-ecr/build-and-push-image:
          dockerfile: Dockerfile
          repo: api
          tag: << parameters.tag >>

jobs:
  build-dev:
    docker:
      - image: cimg/base:stable
    resource_class: small

    steps:
      - setup_remote_docker:
          version: 20.10.11

      - build:
          tag: $CIRCLE_SHA1

  deploy-dev-env:
    docker:
      - image: cimg/base:stable
    resource_class: small
    parameters:
      env:
        type: string
      branch:
        type: string
    steps:
      - circleci-argo/update-tag-yaml:
          file-path: api/templates/<<parameters.env>>/api.yaml
          app-name: api
          app-tag: $CIRCLE_SHA1
          gitops-repo: git@github.com:myrepo/repo.git
          gitops-username: CircleCI deployer
          gitops-email: deployer@me.io
          gitops-deploy-branch: <<parameters.branch>>
          gitops-repo-ssh-key-fingerprint: $SSH_KEY_FINGERPRINT
          gitops-repo-ssh-key-host: github.com
          gitops-repo-ssh-key-hostname: github.com

workflows:
  build-pre-staging:
    jobs:
      - build-dev:
          context:
            - aws_ecr
          filters:
            tags:
              ignore:
                - /.*/

      - hold-deploy-dev-env:
          type: approval
          requires:
            - build-dev

      - deploy-dev-env:
          env: dev
          branch: staging
          context:
            - gitops-repo
          requires:
            - hold-deploy-dev-env

Basically everything seems to be working the only thing I’m not sure of is, how do I get the sha of the container pushed and how do I use it in the app-tag param.
For some reason right now it’s not even passing the actual commit sha, it’s somehow passing just ‘$CIRCLE_SHA1’

Any help would be greatly appreciated.
Thanks!

2

First a question rather than an answer.

Was there an example somewhere that you based your code on?

The reason for asking is that joaogl/circleci-argo@0.1.23/update-tag-yaml does not accept a parameter called app-tag, so that section of code has an issue.

Now for your main question regarding trying to pass $CIRCLE_SHA1 as a parameter

The circleci script environment is not a Linux shell, with the result that it does not currently do environment variable expansion as you would hope/expect. So passing $MY_VAR will pass “$MY_VAR” rather than the value of MY_VAR. Circleci states

" In general, CircleCI does not support interpolating environment variables into build config. Values used are treated as literals. This can cause issues when defining working_directory, modifying PATH, and sharing variables across multiple run steps."

This limits what you can pass into ORBs as you can not just change the ORB source code.

The only workaround for this is the continuation orb, where you create a parameter list in the main config.yml and pass execution on to another config.yml file as this allows you to collect dynamic values such as environment variables and turn them into parameters.