set up changed #57
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI/CD Node.js → Lambda Docker + Terraform | |
| on: | |
| push: | |
| branches: [ main ] | |
| pull_request: | |
| branches: [ main ] | |
| jobs: | |
| build-deploy-test: | |
| runs-on: ubuntu-latest | |
| permissions: | |
| id-token: write | |
| contents: read | |
| env: | |
| AWS_REGION: ${{ secrets.AWS_REGION }} | |
| AWS_ROLE_ARN: ${{ secrets.AWS_ROLE_ARN }} | |
| DB_NAME: ${{ secrets.DB_NAME }} | |
| DB_USER: ${{ secrets.DB_USER }} | |
| DB_PASSWORD: ${{ secrets.DB_PASSWORD }} | |
| TF_VAR_vpc_cidr: "10.0.0.0/16" | |
| TF_VAR_public_subnet_cidr_a: "10.0.1.0/24" | |
| TF_VAR_public_subnet_cidr_b: "10.0.2.0/24" | |
| TF_VAR_private_subnet_cidr_a: "10.0.10.0/24" | |
| TF_VAR_private_subnet_cidr_b: "10.0.11.0/24" | |
| TF_VAR_instance_type: "t3.micro" | |
| TF_VAR_public_key: ${{ secrets.EC2_PUBLIC_KEY }} | |
| TF_VAR_db_username: ${{ secrets.DB_USER }} | |
| TF_VAR_db_password: ${{ secrets.DB_PASSWORD }} | |
| TF_VAR_db_name: ${{ secrets.DB_NAME }} | |
| ECR_REPO_URI: ${{ secrets.ECR_REPO_URI }} | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v3 | |
| - name: Setup AWS credentials via OIDC | |
| uses: aws-actions/configure-aws-credentials@v2 | |
| with: | |
| role-to-assume: ${{ secrets.AWS_ROLE_ARN }} | |
| aws-region: ${{ secrets.AWS_REGION }} | |
| - name: Login to ECR | |
| uses: aws-actions/amazon-ecr-login@v1 | |
| - name: Build Docker image | |
| run: | | |
| docker build -t crud-lambda . | |
| docker tag crud-lambda:latest ${{ secrets.ECR_REPO_URI }}:latest | |
| - name: Push Docker image to ECR | |
| run: docker push ${{ secrets.ECR_REPO_URI }}:latest | |
| - name: Setup Terraform | |
| uses: hashicorp/setup-terraform@v2 | |
| with: | |
| terraform_version: 1.15.0-alpha20251203 | |
| - name: Terraform Init | |
| run: terraform -chdir=./terraform init | |
| - name: Terraform Plan | |
| run: terraform -chdir=./terraform plan -out=tfplan -input=false | |
| - name: Terraform Apply | |
| run: terraform -chdir=./terraform apply -input=false tfplan | |
| - name: Set API_URL from Terraform output | |
| run: echo "API_URL=$(terraform -chdir=./terraform output -raw api_url)" >> $GITHUB_ENV | |
| - name: Install dependencies | |
| run: npm install | |
| - name: Run integration tests | |
| env: | |
| API_URL: ${{ env.API_URL }} | |
| run: npm test |