Warning

This action has been archived. It's generally just better to run cdk directly, e.g. by doing yarn global add aws-cdk then run: cdk deploy ... etc.

The problems with this action are:

• It downloads a massive Docker image at the start of each run (the original project—which has also been archived—would build the image on each run which was even slower)
• It freezes the version of all the dependencies like the rust compiler, cargo-lambda etc. such that they can only be updated by updating the Docker image (or setting up some automation to generate a bunch of different images with different versions etc.)
• If any of your CDK constructs use Docker to build you end up running Docker inside Docker which causes problems like requiring you to use BundlingFileAccess.VOLUME_COPY in your bundling options for things like S3 Assets.

AWS CDK GitHub Actions

AWS CDK GitHub Actions allow you to run cdk deploy and cdk diff and ... on your pull requests to help you review.

This is a fork of youyo/aws-cdk-github-actions that:

• Builds using an environment that more closely resembles Amazon Linux 2023 so it is possible to build binary components using the same libc and deploy them.
• Installs esbuild for faster building.
• Drops support for building Python requirements.
• Adds cargo lambda with ARM target so you can build ARM-based Rust lambdas. The rust version is currently fixed as part of the Docker image to improve build time.
• Uses a pre-built Docker image so that GitHub Actions don't need to re-build it every time.

Supported languages

• TypeScript
• JavaScript

Example usage

on: [push]

jobs:
  aws_cdk:
    runs-on: ubuntu-latest
    steps:
      - name: cdk diff
        uses: birchill/aws-cdk-github-actions@v6.0.1
        with:
          cdk_subcommand: 'diff'
          actions_comment: true
        env:
          AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
          AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
          AWS_DEFAULT_REGION: 'ap-northeast-1'

      - name: cdk deploy
        uses: birchill/aws-cdk-github-actions@v6.0.1
        with:
          cdk_subcommand: 'deploy'
          cdk_stack: 'stack1'
          cdk_args: '--require-approval never'
          actions_comment: false
        env:
          AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
          AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
          AWS_DEFAULT_REGION: 'ap-northeast-1'

      - name: cdk synth
        uses: birchill/aws-cdk-github-actions@v6.0.1
        with:
          cdk_subcommand: 'synth'
          cdk_version: '1.16.2'
          working_dir: 'src'
        env:
          AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
          AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
          AWS_DEFAULT_REGION: 'ap-northeast-1'

With OIDC

on: [push]

jobs:
  aws_cdk:
    runs-on: ubuntu-latest
    steps:
      - name: Configure AWS credentials
        uses: aws-actions/configure-aws-credentials@v3
        with:
          role-to-assume: ${{ secrets.ROLE_ARN }}
          role-session-name: github-actions
          aws-region: ap-northeast-1

      - name: cdk diff
        uses: birchill/aws-cdk-github-actions@v6.0.1
        with:
          cdk_subcommand: 'diff'

Inputs

• cdk_subcommand Required AWS CDK subcommand to execute.
• cdk_version AWS CDK version to install. (default: 'latest')
• cdk_stack AWS CDK stack name to execute. (default: '*')
• working_dir AWS CDK working directory. (default: '.')
• actions_comment Whether or not to comment on pull requests. (default: true)
• debug_log Enable debug-log. (default: false)

Outputs

• status_code Returned status code.

Environment

• AWS_ACCESS_KEY_ID Required unless using configure-aws-credentials
• AWS_SECRET_ACCESS_KEY Required unless using configure-aws-credentials
• GITHUB_TOKEN Required for actions_comment=true

A GitHub token is automatically made available as a secret as GITHUB_TOKEN.

License

MIT

Original author

youyo