-
-
Notifications
You must be signed in to change notification settings - Fork 2
139 lines (139 loc) · 4.49 KB
/
deploy.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
name: Deploy
on:
push:
branches: [ main ]
tags:
- v*
pull_request:
env:
IMAGE_NAME: 'lambda-sharp'
PROJECT_ID: ${{ secrets.AWS_ACCOUNT_ID }}
jobs:
build:
runs-on: ubuntu-22.04
steps:
- uses: actions/checkout@v4
- name: Setup .NET Core SDK
uses: actions/setup-dotnet@v4
with:
dotnet-version: '8.0.x'
- name: .NET Restore
run: dotnet restore
- name: Build
run: dotnet build --no-restore
build-push-docker:
runs-on: ubuntu-22.04
if: ${{ github.event_name == 'push' }}
permissions:
id-token: write # This is required for requesting the JWT
contents: read
steps:
- uses: actions/checkout@v4
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v4 # More information on this action can be found below in the 'AWS Credentials' section
with:
role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }}
role-session-name: ${{ secrets.AWS_ROLE_SESSION_NAME }}
aws-region: 'ap-southeast-1'
- name: Login to Amazon ECR
id: login-ecr
uses: aws-actions/amazon-ecr-login@v2
with:
registries: ${{ secrets.AWS_ACCOUNT_ID }}
- name: Extract metadata (tags, labels) for Docker
id: meta
uses: docker/metadata-action@v5
with:
images: ${{ env.ECR_REGISTRY }}/${{ env.IMAGE_NAME }}
env:
ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }}
- name: Build and push Docker images
uses: docker/build-push-action@v6
with:
context: src/SimpleAPI
push: true
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
terraform-deploy:
name: 'Terraform Deploy'
needs: build-push-docker
if: github.ref == 'refs/heads/main' && github.event_name == 'push'
runs-on: ubuntu-22.04
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Setup Terraform
uses: hashicorp/setup-terraform@v3
with:
cli_config_credentials_token: ${{ secrets.TF_API_TOKEN }}
- name: Terraform Format
id: fmt
run: terraform fmt -check
working-directory: ./terraform
- name: Terraform Init
id: init
run: terraform init
working-directory: ./terraform
- name: Terraform Validate
id: validate
run: terraform validate -no-color
working-directory: ./terraform
- name: Terraform Apply
working-directory: ./terraform
run: terraform apply -auto-approve
terraform-test:
name: 'Terraform Test'
needs: build
if: github.event_name == 'pull_request'
runs-on: ubuntu-22.04
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Setup Terraform
uses: hashicorp/setup-terraform@v3
with:
cli_config_credentials_token: ${{ secrets.TF_API_TOKEN }}
- name: Terraform Format
id: fmt
run: terraform fmt -check
working-directory: ./terraform
- name: Terraform Init
id: init
run: terraform init
working-directory: ./terraform
- name: Terraform Validate
id: validate
run: terraform validate -no-color
working-directory: ./terraform
- name: Terraform Plan
id: plan
run: terraform plan -no-color
continue-on-error: true
working-directory: ./terraform
- name: Update Pull Request
uses: actions/[email protected]
if: github.event_name == 'pull_request'
env:
PLAN: "terraform\n${{ steps.plan.outputs.stdout }}"
with:
github-token: ${{ secrets.GITHUB_TOKEN }}
script: |
const output = `#### Terraform Format and Style 🖌\`${{ steps.fmt.outcome }}\`
#### Terraform Initialization ⚙️\`${{ steps.init.outcome }}\`
#### Terraform Plan 📖\`${{ steps.plan.outcome }}\`
#### Terraform Validation 🤖\`${{ steps.validate.outcome }}\`
<details><summary>Show Plan</summary>
\`\`\`\n
${process.env.PLAN}
\`\`\`
</details>
*Pusher: @${{ github.actor }}, Action: \`${{ github.event_name }}\`*`;
github.rest.issues.createComment({
issue_number: context.issue.number,
owner: context.repo.owner,
repo: context.repo.repo,
body: output
})
- name: Terraform Plan Status
if: steps.plan.outcome == 'failure'
run: exit 1