-
Notifications
You must be signed in to change notification settings - Fork 1
109 lines (92 loc) · 3.48 KB
/
deploy.yaml
File metadata and controls
109 lines (92 loc) · 3.48 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
name: Deploy Text-to-Code AWS demo
run-name: Deploy Text-to-Code AWS demo by @${{ github.actor }}
on:
workflow_dispatch:
inputs:
apply:
description: "Apply changes (if false, only runs plan)"
type: boolean
default: false
destroy:
description: "Destroy all resources (WARNING: irreversible)"
type: boolean
default: false
push:
branches:
- main
concurrency:
group: deploy-text-to-code-aws-demo
cancel-in-progress: false
permissions:
id-token: write
contents: read
jobs:
deploy_text_to_code:
name: Terraform
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v6
- name: Setup Terraform
uses: hashicorp/setup-terraform@v4
with:
terraform_version: 1.14.7
terraform_wrapper: false
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v6
with:
role-to-assume: ${{ secrets.TERRAFORM_ROLE_ARN }}
role-session-name: githubDeploymentWorkflow
aws-region: ${{ vars.AWS_REGION }}
- name: Terraform Init
working-directory: terraform
run: terraform init
- name: Terraform Format Check
working-directory: terraform
run: terraform fmt -check -recursive
- name: Terraform Validate
working-directory: terraform
run: terraform validate
- name: Create ECR repositories
if: ${{ inputs.apply && !inputs.destroy }}
working-directory: terraform
run: terraform apply -auto-approve -target=aws_ecr_repository.index_lambda -target=aws_ecr_repository.ttc_lambda
- name: Login to Amazon ECR
if: ${{ inputs.apply && !inputs.destroy }}
id: ecr-login
uses: aws-actions/amazon-ecr-login@v2
- name: Get ECR repository URLs
if: ${{ inputs.apply && !inputs.destroy }}
id: ecr-url
working-directory: terraform
run: |
INDEX_ECR_URL=$(terraform output -raw index_ecr_repository_url)
echo "index_ecr_url=$INDEX_ECR_URL" >> "$GITHUB_OUTPUT"
ECR_URL=$(terraform output -raw ecr_repository_url)
echo "ecr_url=$ECR_URL" >> "$GITHUB_OUTPUT"
- name: Build and push Index Docker image
if: ${{ inputs.apply && !inputs.destroy }}
run: |
INDEX_ECR_URL="${{ steps.ecr-url.outputs.index_ecr_url }}"
docker build -f Dockerfile.index -t "$INDEX_ECR_URL:${{ github.sha }}" -t "$INDEX_ECR_URL:latest" .
docker push "$INDEX_ECR_URL:${{ github.sha }}"
docker push "$INDEX_ECR_URL:latest"
- name: Build and push TTC Docker image
if: ${{ inputs.apply && !inputs.destroy }}
run: |
ECR_URL="${{ steps.ecr-url.outputs.ecr_url }}"
docker build -f Dockerfile.ttc -t "$ECR_URL:${{ github.sha }}" -t "$ECR_URL:latest" .
docker push "$ECR_URL:${{ github.sha }}"
docker push "$ECR_URL:latest"
- name: Terraform Plan
if: ${{ !inputs.apply && !inputs.destroy }}
working-directory: terraform
run: terraform plan
- name: Terraform Apply
if: ${{ inputs.apply && !inputs.destroy }}
working-directory: terraform
run: terraform apply -auto-approve -var="index_lambda_image_tag=${{ github.sha }}" -var="ttc_lambda_image_tag=${{ github.sha }}"
- name: Terraform Destroy
if: ${{ inputs.destroy }}
working-directory: terraform
run: terraform destroy -auto-approve