feat(infrastructure): setup ci for lambda #12

Workflow file for this run

.github/workflows/deploy-lambda.yml at 5ba3694

	name: Deploy lambda
	on:
	pull_request:
	push:
	branches:
	- dev
	- main
	workflow_dispatch:
	env:
	TERRAFORM_ROOT: terraform/lambda
	PNPM_VERSION: 8.13.1
	TF_CLOUD_ORGANIZATION: "luke-h1"
	TF_API_TOKEN: ${{ secrets.TF_API_TOKEN }}
	jobs:
	deploy-staging:
	runs-on: ubuntu-latest
	name: Deploy lambda to staging
	concurrency:
	group: ${{ github.workflow }}-${{ github.ref }}
	cancel-in-progress: ${{ github.ref != 'refs/heads/main' }}

	steps:
	# https://github.com/actions/virtual-environments/issues/1187
	- name: tune linux network
	run: sudo ethtool -K eth0 tx off rx off

	- name: Checkout repository
	uses: actions/checkout@v4
	with:
	fetch-depth: 0
	ref: ${{ github.head_ref }}

	- name: Setup pnpm
	uses: pnpm/action-setup@v2
	with:
	version: ${{ env.PNPM_VERSION }}

	- name: Setup Node
	uses: actions/setup-node@v3
	with:
	node-version-file: .nvmrc
	cache: pnpm

	- name: Get pnpm store directory
	shell: bash
	run: \|
	echo "STORE_PATH=$(pnpm store path --silent)" >> $GITHUB_ENV

	- uses: actions/cache@v3
	name: Setup pnpm cache
	with:
	path: ${{ env.STORE_PATH }}
	key: ${{ runner.os }}-pnpm-store-${{ hashFiles('**/pnpm-lock.yaml') }}
	restore-keys: \|
	${{ runner.os }}-pnpm-store-

	- name: Cache turbo build setup
	uses: actions/cache@v4
	with:
	path: .turbo
	key: ${{ runner.os }}-turbo-${{ github.sha }}
	restore-keys: \|
	${{ runner.os }}-turbo-

	- uses: pnpm/action-setup@v2
	name: Install pnpm
	with:
	version: ${{ env.PNPM_VERSION }}
	run_install: false

	- name: Install dependencies
	run: pnpm i

	- uses: actions/labeler@v4
	with:
	sync-labels: true

	- name: Check commit message
	run: pnpm commitlint --from=HEAD^1

	- name: format:check
	run: pnpm format:check

	- name: lint
	run: pnpm lint

	- name: jest
	run: pnpm test

	- name: tsc
	run: pnpm tsc

	- name: build lambda
	working-directory: apps/lambda
	run: pnpm build

	# - name: Configure AWS Credentials
	# uses: aws-actions/configure-aws-credentials@v3
	# with:
	# aws-access-key-id: ${{ env.AWS_ACCESS_KEY_ID }}
	# aws-secret-access-key: ${{ env.AWS_SECRET_ACCESS_KEY }}
	# aws-region: eu-west-2
	# mask-aws-account-id: true

	- name: Terraform init
	id: init
	# run: terraform init
	run: terraform init -backend-config="region=eu-west-2" -backend-config="bucket=nowplaying-staging-terraform-state" -backend-config="key=vpc/staging.tfstate" -input=false
	working-directory: ${{ env.TERRAFORM_ROOT }}

	- name: Terraform fmt -check
	id: fmt
	run: terraform fmt -check
	working-directory: ${{ env.TERRAFORM_ROOT }}

	- name: Terraform validate
	id: validate
	run: terraform validate
	working-directory: ${{ env.TERRAFORM_ROOT }}

	- name: Upload Configuration
	uses: hashicorp/tfc-workflows-github/actions/upload-configuration@v1.0.0
	id: plan-upload
	with:
	workspace: nowplaying-staging
	directory: ${{ env.TERRAFORM_ROOT }}
	speculative: true

	- name: Create Plan Run
	uses: hashicorp/tfc-workflows-github/actions/create-run@v1.0.0
	id: plan-run
	with:
	workspace: nowplaying-staging
	configuration_version: ${{ steps.plan-upload.outputs.configuration_version_id }}
	plan_only: true


	- name: Update PR
	uses: actions/github-script@v6
	id: plan-outcome
	with:
	github-token: ${{ secrets.GITHUB_TOKEN }}
	script: \|
	// 1. Retrieve existing bot comments for the PR
	const { data: comments } = await github.rest.issues.listComments({
	owner: context.repo.owner,
	repo: context.repo.repo,
	issue_number: context.issue.number,
	});
	const botComment = comments.find(comment => {
	return comment.user.type === 'Bot' && comment.body.includes('Terraform Cloud Plan Output')
	});
	const output = `#### Terraform Cloud Plan Output
	\`\`\`
	Plan: ${{ steps.plan-output.outputs.add }} to add, ${{ steps.plan-output.outputs.change }} to change, ${{ steps.plan-output.outputs.destroy }} to destroy.
	\`\`\`
	[Terraform Cloud Plan](${{ steps.plan-run.outputs.run_link }})
	`;
	// 3. Delete previous comment so PR timeline makes sense
	if (botComment) {
	github.rest.issues.deleteComment({
	owner: context.repo.owner,
	repo: context.repo.repo,
	comment_id: botComment.id,
	});
	}
	github.rest.issues.createComment({
	issue_number: context.issue.number,
	owner: context.repo.owner,
	repo: context.repo.repo,
	body: output
	});

	- name: Terraform Plan Status
	if: steps.plan.outcome == 'failure'
	run: exit 1

	- uses: trstringer/manual-approval@v1
	with:
	secret: ${{ github.TOKEN }}
	approvers: luke-h1

	- name: Upload Configuration
	uses: hashicorp/tfc-workflows-github/actions/upload-configuration@v1.0.0
	id: apply-upload
	with:
	workspace: nowplaying-staging
	directory: ${{ env.TERRAFORM_ROOT }}

	- name: Create Apply Run
	uses: hashicorp/tfc-workflows-github/actions/create-run@v1.0.0
	id: apply-run
	with:
	workspace: nowplaying-staging
	configuration_version: ${{ steps.apply-upload.outputs.configuration_version_id }}

	- name: Apply
	uses: hashicorp/tfc-workflows-github/actions/apply-run@v1.0.0
	if: fromJSON(steps.apply-run.outputs.payload).data.attributes.actions.IsConfirmable
	id: apply
	with:
	run: ${{ steps.apply-run.outputs.run_id }}
	comment: "Apply Run from GitHub Actions CI ${{ github.sha }}"

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

feat(infrastructure): setup ci for lambda #12

Workflow file

feat(infrastructure): setup ci for lambda #12

Jobs

Run details

Workflow file for this run