@rileyfiretail: dev: push #2
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| env: | |
| SANDBOX_AWS_ACCT_ID: 453671210445 | |
| SANDBOX_AWS_ACCT_NAME: firetail-sandbox | |
| AWS_REGION: eu-west-1 | |
| ROLE_TO_ASSUME: arn:aws:iam::453671210445:role/firetail-sandbox-github-serverless-lambda-deployment | |
| LAMBDA_SERVERLESS_REPO: firetail-sandbox-eu-west-1-serverless-applications | |
| CFN_TEMPLATES_BUCKET: firetail-sandbox-us-east-1-cf-templates | |
| CFN_TEMPLATES_BUCKET_REGION: us-east-1 | |
| APP_NAME: aws-appsync-logging-lambda | |
| SEMANTIC_VERSION: 1.1.39 | |
| name: Deploy to Sandbox | |
| run-name: "@${{ github.triggering_actor }}: ${{ github.ref_name }}: ${{ github.event_name }}" | |
| on: | |
| push: | |
| branches: | |
| - dev | |
| - dev-preview | |
| defaults: | |
| run: | |
| shell: bash | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.ref_name }} | |
| cancel-in-progress: true | |
| permissions: | |
| id-token: write | |
| contents: read | |
| pull-requests: read | |
| jobs: | |
| deploy-sandbox: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout Code | |
| uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 | |
| with: | |
| fetch-depth: 2 | |
| - name: Set Environment | |
| run: | | |
| git_hash="$(git rev-parse --short "${{ github.sha }}")" | |
| RELEASE_VERSION="sandbox-${git_hash}-${{ github.run_id }}-${{ github.run_number }}-${{ github.run_attempt }}" | |
| IMAGE_TAG="${{ env.SANDBOX_ECR_HOSTNAME }}/${{ env.ECR_REPO }}:${RELEASE_VERSION}" | |
| cat <<EOF >>"${GITHUB_ENV}" | |
| RELEASE_VERSION=${RELEASE_VERSION} | |
| IMAGE_TAG=${IMAGE_TAG} | |
| EOF | |
| - name: Configure AWS Credentials | |
| uses: aws-actions/configure-aws-credentials@8c3f20df09ac63af7b3ae3d7c91f105f857d8497 # v4.0.0 | |
| with: | |
| aws-region: ${{ env.AWS_REGION }} | |
| role-to-assume: ${{env.ROLE_TO_ASSUME }} | |
| role-session-name: github | |
| - name: Run build docker image | |
| run: docker build -t lambda-image:latest --target runtime-image -f build_setup/Dockerfile . | |
| - name: create build dir | |
| run: mkdir build -p | |
| - name: extract docker build zip | |
| run: docker run --rm --entrypoint cat lambda-image:latest /src/lambda.zip > build/lambda.zip | |
| - name: sam | |
| run: | | |
| sam package --template-file template.yaml --output-template-file packaged.yaml --s3-bucket ${{ env.LAMBDA_SERVERLESS_REPO }} | |
| sam publish --template packaged.yaml --region ${{env.AWS_REGION}} --semantic-version ${{env.SEMANTIC_VERSION}} | |
| - name: copy new cfn to s3 | |
| run: | | |
| sed -i -e "s/0.0.1/${{env.SEMANTIC_VERSION}}/g" cfn_templates/appsync_logging_template.yaml | |
| aws s3 cp ./cfn_templates/ s3://${{env.CFN_TEMPLATES_BUCKET}}/applications/cfn/ --acl public-read --region ${{env.CFN_TEMPLATES_BUCKET_REGION}} --recursive |