Merge pull request #8376 from govuk-one-login/revert-8369-ATO-2438-qu… #213
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: "SP - Build and deploy API Account Data" | |
| on: | |
| push: | |
| branches: | |
| - main | |
| paths-ignore: | |
| - "ci/cloudformation/auth/**" | |
| - "ci/cloudformation/account-management/**" | |
| - "ci/cloudformation/stubs/**" | |
| - "ci/cloudformation/utils/**" | |
| - "template.yaml" | |
| - "docs/**" | |
| - "**/README.md" | |
| - "integration-tests/**" | |
| - "delivery-receipts-integration-tests/**" | |
| - "local-running/**" | |
| - "notifications/**" | |
| - "quality-gate.manifest.json" | |
| - "frontend-api/**" | |
| - "account-management-api/**" | |
| - "account-management-integration-tests/**" | |
| - "test-services-api/**" | |
| - "utils/**" | |
| - "ipv-api/**" | |
| - "oidc-api/**" | |
| - "ticf-cri-stub/**" | |
| - "interventions-api-stub/**" | |
| env: | |
| AWS_REGION: eu-west-2 | |
| JAVA_VERSION: 17 | |
| JAVA_DISTRIBUTION: corretto | |
| RAIN_VERSION: v1.23.0 | |
| RAIN_ARCH: linux-amd64 | |
| jobs: | |
| deploy: | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 60 | |
| permissions: | |
| id-token: write | |
| contents: read | |
| steps: | |
| - name: Checkout repo | |
| uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 | |
| - name: Set up SAM cli | |
| uses: aws-actions/setup-sam@d78e1a4a9656d3b223e59b80676a797f20093133 # v2 | |
| with: | |
| use-installer: true | |
| version: 1.159.1 | |
| - name: Set up AWS creds | |
| uses: aws-actions/configure-aws-credentials@ec61189d14ec14c8efccab744f656cffd0e33f37 # v6.1.0 | |
| with: | |
| role-to-assume: ${{ secrets.GH_ACTIONS_AD_ROLE_ARN }} | |
| aws-region: ${{ env.AWS_REGION }} | |
| - name: Set up JDK 17 | |
| uses: actions/setup-java@be666c2fcd27ec809703dec50e508c2fdc7f6654 #v5.2.0 | |
| with: | |
| java-version: ${{ env.JAVA_VERSION }} | |
| distribution: ${{ env.JAVA_DISTRIBUTION }} | |
| cache: gradle | |
| - name: Set up Gradle | |
| uses: gradle/actions/setup-gradle@50e97c2cd7a37755bbfafc9c5b7cafaece252f6e # v4 | |
| with: | |
| gradle-version: wrapper | |
| cache-read-only: false | |
| - name: Gradle build | |
| run: | | |
| ./gradlew --no-daemon --parallel :account-data-api:buildZip | |
| - name: Install Rain | |
| env: | |
| VERSION: ${{ env.RAIN_VERSION }} | |
| ARCH: ${{ env.RAIN_ARCH }} | |
| run: | | |
| wget -q "https://github.com/aws-cloudformation/rain/releases/download/${VERSION}/rain-${VERSION}_${ARCH}.zip" | |
| unzip "rain-${VERSION}_${ARCH}.zip" | |
| chmod +x "rain-${VERSION}_${ARCH}/rain" | |
| mv "rain-${VERSION}_${ARCH}/rain" /usr/local/bin/rain | |
| - name: Generate ad template | |
| run: "./scripts/merge-templates.sh" | |
| env: | |
| TEMPLATE_SOURCE_DIR: ci/cloudformation/account-data | |
| TEMPLATE_FILE: ad-template.yaml | |
| - name: SAM build | |
| run: | | |
| sam validate --lint -t ad-template.yaml | |
| sam build --parallel -t ad-template.yaml | |
| - name: Extract PR number and commit message | |
| id: version_info | |
| run: | | |
| HEAD_MESSAGE=$(git log -1 --format=%s) | |
| SHORT_SHA=$(git rev-parse --short HEAD) | |
| if [[ "$HEAD_MESSAGE" =~ \(#([0-9]+)\) ]]; then | |
| VERSION="#${BASH_REMATCH[1]} - ${HEAD_MESSAGE}" | |
| else | |
| VERSION="${SHORT_SHA}${HEAD_MESSAGE:+: $HEAD_MESSAGE}" | |
| fi | |
| echo "version=${VERSION}" >> "$GITHUB_OUTPUT" | |
| - name: Deploy SAM app | |
| uses: govuk-one-login/devplatform-upload-action@b7bc01ed6e0b61d54f42e7f3d12dd3fdbb0f172a # v3.13.0 | |
| with: | |
| artifact-bucket-name: ${{ secrets.ARTIFACT_SOURCE_AD_BUCKET_NAME }} | |
| signing-profile-name: ${{ secrets.SIGNING_PROFILE_NAME }} | |
| working-directory: .aws-sam/build | |
| version: ${{ steps.version_info.outputs.version }} |