Skip to content
Deploy lambda

feat(infrastructure): setup ci for lambda #23

Sign in to view logs

feat(infrastructure): setup ci for lambda

feat(infrastructure): setup ci for lambda #23

Workflow file for this run

.github/workflows/deploy-lambda.yml at 7a2a0c1
name: Deploy lambda
on:
pull_request:
push:
branches:
- dev
- main
workflow_dispatch:
env:
TERRAFORM_ROOT: terraform/lambda
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
PNPM_VERSION: 8.13.1
jobs:
deploy-staging:
runs-on: ubuntu-latest
name: Deploy lambda to staging
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: ${{ github.ref != 'refs/heads/main' }}
steps:
# https://github.com/actions/virtual-environments/issues/1187
- name: tune linux network
run: sudo ethtool -K eth0 tx off rx off
- name: Checkout repository
uses: actions/checkout@v4
with:
fetch-depth: 0
ref: ${{ github.head_ref }}
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v3
with:
aws-access-key-id: ${{ env.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ env.AWS_SECRET_ACCESS_KEY }}
aws-region: eu-west-2
mask-aws-account-id: true
- name: Setup pnpm
uses: pnpm/action-setup@v2
with:
version: ${{ env.PNPM_VERSION }}
- name: Setup Node
uses: actions/setup-node@v3
with:
node-version-file: .nvmrc
cache: pnpm
- name: Get pnpm store directory
shell: bash
run: |
echo "STORE_PATH=$(pnpm store path --silent)" >> $GITHUB_ENV
- uses: actions/cache@v3
name: Setup pnpm cache
with:
path: ${{ env.STORE_PATH }}
key: ${{ runner.os }}-pnpm-store-${{ hashFiles('**/pnpm-lock.yaml') }}
restore-keys: |
${{ runner.os }}-pnpm-store-
- name: Cache turbo build setup
uses: actions/cache@v4
with:
path: .turbo
key: ${{ runner.os }}-turbo-${{ github.sha }}
restore-keys: |
${{ runner.os }}-turbo-
- uses: pnpm/action-setup@v2
name: Install pnpm
with:
version: ${{ env.PNPM_VERSION }}
run_install: false
- name: Install dependencies
run: pnpm i
- uses: actions/labeler@v4
with:
sync-labels: true
- name: Check commit message
run: pnpm commitlint --from=HEAD^1
- name: format:check
run: pnpm format:check
- name: lint
run: pnpm lint
- name: jest
run: pnpm test
- name: tsc
run: pnpm tsc
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v3
with:
aws-access-key-id: ${{ env.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ env.AWS_SECRET_ACCESS_KEY }}
aws-region: eu-west-2
mask-aws-account-id: true
- name: Step name
uses: aws-actions/aws-secretsmanager-get-secrets@v1
with:
secret-ids: |
TF_VAR_env, env
TF_VAR_env_vars, env_vars
TF_VAR_zone_id, zone_id
TF_VAR_root_domain, root_domain
TF_VAR_sub_domain, sub_dommain
parse-json-secrets: true
- name: Terraform init
id: init
# run: terraform init
run: terraform init -backend-config="region=eu-west-2" -backend-config="bucket=nowplaying-staging-terraform-state" -backend-config="key=vpc/staging.tfstate" -input=false
working-directory: ${{ env.TERRAFORM_ROOT }}
- name: terraform workspace select
run: terraform workspace select -or-create staging
working-directory: ${{ env.TERRAFORM_ROOT }}
- name: Terraform fmt -check
id: fmt
run: terraform fmt -check
working-directory: ${{ env.TERRAFORM_ROOT }}
- name: Terraform validate
id: validate
run: terraform validate
working-directory: ${{ env.TERRAFORM_ROOT }}
- name: Upload Configuration
uses: hashicorp/tfc-workflows-github/actions/upload-configuration@v1.0.0
id: plan-upload
with:
workspace: nowplaying-staging
directory: ${{ env.TERRAFORM_ROOT }}
speculative: true
- name: build lambda
run: ./scripts/build-lambda.sh
- name: Plan
run: terraform plan -out=tfplan -input=false
- name: choice
run: echo "choice"
- name: apply
run: terraform apply -auto-approve tfplan