Skip to content

deploy

deploy #17

Workflow file for this run

name: deploy
on:
workflow_run:
workflows:
- check
types:
- completed
branches:
- dev
# Ensures that only one deploy task per branch/environment will run at a time.
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: false
jobs:
cdk-deploy:
if: ${{ github.event.workflow_run.conclusion == 'success' }}
permissions:
id-token: write
contents: read
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v3
- name: Install AWS CLI
run: sudo snap install aws-cli --classic
- name: Install AWS CDK CLI
run: npm install -g aws-cdk
- name: Install python dependencies
run: pip install -r requirements.txt -r requirements-dev.txt
- name: Assume AWS Role
uses: aws-actions/configure-aws-credentials@v4
with:
aws-region: us-east-1
role-to-assume: 'arn:aws:iam::804034162148:role/sagebase-github-oidc-openchallenges-deploy'
role-session-name: ${{ github.repository_owner }}-${{ github.event.repository.name }}-${{ github.run_id }}
role-duration-seconds: 1200
- name: CDK deploy
run: cdk deploy --all --require-approval never
env:
ENV: ${{ github.head_ref || github.ref_name }}
SECRETS: "ssm"