-
Notifications
You must be signed in to change notification settings - Fork 0
159 lines (137 loc) · 5.02 KB
/
deploy_to_aws.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
name: Deploy to AWS
on:
push:
branches: [ "main" ]
permissions:
contents: write
jobs:
LoadManifest:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v2
- name: Load YAML and set environment variables
run: |
YAML_CONTENT=$(<manifest.yaml)
# Loop through each key-value pair in the YAML file
while IFS= read -r line; do
# Extract key and value from the line
KEY=$(echo "$line" | awk -F: '{print $1}')
VALUE=$(echo "$line" | awk -F: '{$1=""; print $0}' | xargs)
echo "$KEY=$VALUE" >> $GITHUB_ENV
done <<< "$(echo "$YAML_CONTENT" | sed '/^[[:space:]]*#/d')" # Ignore commented lines
Test:
runs-on: ubuntu-latest
needs: LoadManifest
steps:
- name: Checkout
uses: actions/checkout@v3
with:
fetch-depth: 0
- name: Set up Python 3.11
uses: actions/setup-python@v2
with:
python-version: '3.11'
- name: Install dependencies
run: |
pip install pip-tools
pip install poetry
pip install pytest
python -m piptools compile \
-o requirements.txt \
pyproject.toml
pip install -r requirements.txt
- name: Run Tests
run: |
pytest
Build:
runs-on: ubuntu-latest
needs: Test
steps:
- name: Checkout
uses: actions/checkout@v3
with:
fetch-depth: 0
- name: Bump version and push tag
id: tag_version
uses: mathieudutour/github-tag-action@v6.1
with:
github_token: ${{ secrets.GH_TOKEN }}
- name: Create a GitHub release
uses: ncipollo/release-action@v1
with:
tag: ${{ steps.tag_version.outputs.new_tag }}
name: Release ${{ steps.tag_version.outputs.new_tag }}
body: ${{ steps.tag_version.outputs.changelog }}
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v1
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY}}
aws-secret-access-key: ${{ secrets.AWS_SECRET_KEY }}
aws-region: 'us-east-1'
- name: SonarCloud Scan
uses: sonarsource/sonarcloud-github-action@master
env:
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
- name: Load YAML and set environment variables
run: |
YAML_CONTENT=$(<manifest.yaml)
# Loop through each key-value pair in the YAML file
while IFS= read -r line; do
# Extract key and value from the line
KEY=$(echo "$line" | awk -F: '{print $1}')
VALUE=$(echo "$line" | awk -F: '{$1=""; print $0}' | xargs)
echo "$KEY=$VALUE" >> $GITHUB_ENV
done <<< "$(echo "$YAML_CONTENT" | sed '/^[[:space:]]*#/d')" # Ignore commented lines
- name: Package Lambda Function
run: |
pip install pip-tools
pip install poetry
pip install pytest
python -m piptools compile \
-o requirements.txt \
pyproject.toml
pip install -r requirements.txt -t src/
cd src/
zip -r ../lambda.zip .
- name: Create Artifact Bucket
run: |
aws s3api create-bucket --bucket ${{ env.ENVIRONMENT }}-${{ env.AWS_REGION }}-artifact-bucket
- name: Upload Artifact to S3
run: |
aws s3 cp ./lambda.zip s3://${{ env.ENVIRONMENT }}-${{ env.AWS_REGION }}-artifact-bucket/lambda.zip
Deploy:
runs-on: ubuntu-latest
needs: Build
steps:
- name: Checkout
uses: actions/checkout@v3
with:
fetch-depth: 0
- name: Load YAML and set environment variables
run: |
YAML_CONTENT=$(<manifest.yaml)
# Loop through each key-value pair in the YAML file
while IFS= read -r line; do
# Extract key and value from the line
KEY=$(echo "$line" | awk -F: '{print $1}')
VALUE=$(echo "$line" | awk -F: '{$1=""; print $0}' | xargs)
echo "$KEY=$VALUE" >> $GITHUB_ENV
done <<< "$(echo "$YAML_CONTENT" | sed '/^[[:space:]]*#/d')" # Ignore commented lines
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v1
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY}}
aws-secret-access-key: ${{ secrets.AWS_SECRET_KEY }}
aws-region: 'us-east-1'
- name: Deploy CloudFormation Stack
uses: aws-actions/aws-cloudformation-github-deploy@v1
with:
name: ${{ env.ENVIRONMENT }}-${{ env.AWS_REGION }}-cloud-data-pipeline
template: aws/cloudformation.yaml
capabilities: CAPABILITY_NAMED_IAM
parameter-overrides: |
Environment=${{ env.ENVIROMENT }}
AWSRegion=${{ env.AWS_REGION }}
LambdaArtifactBucket=${{ env.ENVIROMENT }}-${{ env.AWS_REGION }}-artifacts-bucket
LambdaArtifactKey=lambda.zip