Skip to content

Merge pull request #533 from asfadmin/dependabot/pip/boto3-1.35.34 #118

Merge pull request #533 from asfadmin/dependabot/pip/boto3-1.35.34

Merge pull request #533 from asfadmin/dependabot/pip/boto3-1.35.34 #118

Workflow file for this run

name: Deploy to AWS
on:
push:
branches:
- prod
- test
concurrency: ${{ github.workflow }}-${{ github.ref }}
jobs:
deploy:
runs-on: ubuntu-latest
strategy:
matrix:
include:
- environment: ingest-prod
private_bucket: grfn-content-prod
public_bucket: grfn-public-prod
distribution_base_url: https://grfn.asf.alaska.edu/door/download
browse_base_url: https://grfn-public-prod.asf.alaska.edu
cmr_base_url: https://cmr.earthdata.nasa.gov
cmr_provider: ASF
deploy_ref: refs/heads/prod
- environment: ingest-test
private_bucket: grfn-content-test
public_bucket: grfn-public-test
distribution_base_url: https://grfn-test.asf.alaska.edu/door/download
browse_base_url: https://grfn-public-test.asf.alaska.edu
cmr_base_url: https://cmr.uat.earthdata.nasa.gov
cmr_provider: ASF
deploy_ref: refs/heads/test
environment:
name: ${{ matrix.environment }}
steps:
- uses: actions/checkout@v4
- uses: aws-actions/configure-aws-credentials@v4
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: ${{ secrets.AWS_REGION }}
- uses: actions/setup-python@v5
with:
python-version: 3.12
- name: install dependencies
if: github.ref == matrix.deploy_ref
shell: bash
run: |
python -m pip install --upgrade pip
python -m pip install -r requirements-invoke.txt -t invoke/src/
python -m pip install -r requirements-verify.txt -t verify/src/
python -m pip install -r requirements-ingest.txt -t ingest/src/
python -m pip install -r requirements-notify.txt -t notify/src/
python -m pip install -r requirements-metadata-to-cmr.txt -t metadata-to-cmr/src/
python -m pip install -r requirements-metadata-construction.txt -t metadata-construction/src/
# crytography on AWS Lambda requires manylinux2014 per https://github.com/ASFHyP3/hyp3/issues/1190
python -m pip install -r requirements-cmr-token.txt --platform manylinux2014_x86_64 --only-binary=:all: -t cmr-token/src/
- name: package and deploy
if: github.ref == matrix.deploy_ref
shell: bash
run: |
aws cloudformation package \
--template-file cloudformation.yaml \
--s3-bucket grfn-build \
--s3-prefix cloudformation \
--output-template-file packaged.yml
aws cloudformation deploy \
--stack-name ${{ matrix.environment }} \
--template-file packaged.yml \
--role-arn ${{ secrets.CLOUDFORMATION_ROLE_ARN }} \
--capabilities CAPABILITY_NAMED_IAM \
--parameter-overrides \
PrivateBucket='${{ matrix.private_bucket }}' \
PublicBucket='${{ matrix.public_bucket }}' \
DistributionBaseUrl='${{ matrix.distribution_base_url }}' \
BrowseBaseUrl='${{ matrix.browse_base_url }}' \
DefaultResponseTopicArn='${{ secrets.DEFAULT_RESPONSE_TOPIC_ARN }}' \
DefaultResponseTopicRegion='${{ secrets.DEFAULT_RESPONSE_TOPIC_REGION }}' \
SdsAccountNumber='${{ secrets.SDS_ACCOUNT_NUMBER }}' \
CmrBaseUrl='${{ matrix.cmr_base_url }}' \
LaunchpadCertificateSecretArn='${{ secrets.LAUNCHPAD_CERTIFICATE_SECRET_ARN }}' \
CmrProvider='${{ matrix.cmr_provider }}'