On Ingest, option to write to customer's Dynamo table #128
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Deploy | |
| on: | |
| push: | |
| branches: [ master ] | |
| workflow_dispatch: | |
| inputs: | |
| environment: | |
| type: choice | |
| description: 'Environment' | |
| required: true | |
| default: 'staging' | |
| options: | |
| - production | |
| - staging | |
| lambdaRuntime: | |
| type: choice | |
| description: 'Lambda Runtime' | |
| required: true | |
| default: 'jvm' | |
| options: | |
| - jvm | |
| - native | |
| concurrency: | |
| group: deploy-${{ github.event.inputs.environment || 'staging' }} | |
| jobs: | |
| build: | |
| # Do not skip if this was dispatched explicitly | |
| # For push to master: | |
| # - Skip deploy if this is a release commit | |
| # - Skip deploy if [skip deploy] is supplied | |
| if: "github.event_name != 'push' || (!contains(github.event.head_commit.message, '[release]') && !contains(github.event.head_commit.message, '[skip deploy]'))" | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v3 | |
| - name: Setup Java | |
| uses: actions/setup-java@v4 | |
| with: | |
| distribution: graalvm | |
| java-version: 21 | |
| cache: 'maven' | |
| - uses: actions/setup-node@v3 | |
| with: | |
| node-version-file: '.nvmrc' | |
| - name: Install dependencies | |
| run: | | |
| sudo apt-get update | |
| sudo apt-get install -y wget scour ghostscript fuse | |
| wget -nv -O /usr/local/bin/convert https://github.com/ImageMagick/ImageMagick/releases/download/7.1.1-26/ImageMagick--clang-x86_64.AppImage | |
| chmod a+x /usr/local/bin/convert | |
| convert -version | |
| scour --version | |
| - name: Import GPG private key | |
| run: | | |
| echo "${{ secrets.GPG_PRIVATE_KEY }}" | gpg --batch --yes --no-tty --import | |
| KEY_ID=$(gpg --list-secret-keys --keyid-format LONG | grep sec | awk '{print $2}' | cut -d'/' -f2) | |
| echo "default-key $KEY_ID" >> ~/.gnupg/gpg.conf | |
| echo "use-agent" >> ~/.gnupg/gpg.conf | |
| export GPG_TTY=$(tty) | |
| - name: Set up Maven settings.xml | |
| run: | | |
| mkdir -p ~/.m2 | |
| cat <<EOF > ~/.m2/settings.xml | |
| <settings xmlns="http://maven.apache.org/SETTINGS/1.0.0" | |
| xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" | |
| xsi:schemaLocation="http://maven.apache.org/SETTINGS/1.0.0 https://maven.apache.org/xsd/settings-1.0.0.xsd"> | |
| <servers> | |
| <server> | |
| <id>ossrh</id> | |
| <username>${{ secrets.OSSRH_USERNAME }}</username> | |
| <password>${{ secrets.OSSRH_TOKEN }}</password> | |
| </server> | |
| </servers> | |
| </settings> | |
| EOF | |
| - name: Add profile credentials to ~/.aws/credentials | |
| run: | | |
| aws configure set aws_access_key_id ${{ secrets.AWS_ACCESS_KEY_ID }} --profile dataspray | |
| aws configure set aws_secret_access_key ${{ secrets.AWS_SECRET_ACCESS_KEY }} --profile dataspray | |
| aws configure set region ${{ secrets.AWS_DEFAULT_REGION }} --profile dataspray | |
| - name: Maven build | |
| timeout-minutes: 60 | |
| env: | |
| NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} | |
| GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }} | |
| JRELEASER_GITHUB_TOKEN: ${{ secrets.JRELEASER_GITHUB_TOKEN }} | |
| run: make action-deploy-${{ github.event.inputs.lambdaRuntime || 'jvm' }}-${{ github.event.inputs.environment || 'staging' }} |