Bump aws-actions/configure-aws-credentials from 5 to 6 (#502) #433
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Deploy Main to Dev Env | |
| on: | |
| # Triggers the workflow on push or pull request events but only for the "main" branch | |
| push: | |
| branches: | |
| - main | |
| paths-ignore: | |
| - 'infra-l2-dynamo/**' | |
| - 'infra-l2-kms/**' | |
| - 'test-harness/**' | |
| # Allows you to run this workflow manually from the Actions tab | |
| workflow_dispatch: | |
| permissions: | |
| id-token: write | |
| contents: read | |
| env: # Only adding the variables in that are required for | |
| AWS_REGION: eu-west-2 | |
| jobs: | |
| deploy-to-dev: | |
| name: Validate & Deploy SAM template to Dev Environment | |
| runs-on: ubuntu-latest | |
| defaults: | |
| run: | |
| working-directory: ./deploy/ | |
| steps: | |
| - name: Check out repository code | |
| uses: actions/checkout@v6 | |
| - name: Setup SAM CLI | |
| uses: aws-actions/setup-sam@v3 | |
| with: | |
| use-installer: true | |
| - name: Assume temporary AWS role | |
| uses: aws-actions/configure-aws-credentials@v6 | |
| with: | |
| role-to-assume: ${{ secrets.DEV_RETURN_GH_ACTIONS_ROLE_ARN }} | |
| aws-region: ${{ env.AWS_REGION }} | |
| - name: SAM Validate | |
| run: sam validate --region ${{ env.AWS_REGION }} -t template.yaml | |
| - name: SAM Build | |
| run: sam build -t template.yaml | |
| - name: Deploy SAM app | |
| uses: govuk-one-login/devplatform-upload-action@v3.14.0 | |
| with: | |
| artifact-bucket-name: ${{ secrets.DEV_RETURN_ARTIFACT_SOURCE_BUCKET_NAME }} | |
| signing-profile-name: ${{ secrets.DEV_RETURN_SIGNING_PROFILE_NAME }} | |
| working-directory: deploy | |
| template-file: .aws-sam/build/template.yaml |