-
Notifications
You must be signed in to change notification settings - Fork 0
133 lines (123 loc) · 4.4 KB
/
deploy.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
name: Deploy
# https://github.com/hashicorp-education/learn-terraform-github-actions/blob/main/.github/workflows/terraform-apply.yml
on:
push:
branches:
- main
concurrency:
group: ${{ github.ref }}
cancel-in-progress: true
env:
DOCKER_BUILDKIT: 1
FORCE_COLOR: 1
jobs:
terraform:
name: Terraform
runs-on: ubuntu-22.04
permissions:
contents: read
env:
TF_CLOUD_ORGANIZATION: rhyek
TF_API_TOKEN: ${{ secrets.TF_API_TOKEN }}
TF_WORKSPACE: 'bank-bots-dev'
CONFIG_DIRECTORY: './infra'
outputs:
ecr_repository_scrape_txs_url: ${{ steps.terraform-outputs.outputs.ecr_repository_scrape_txs_url }}
iam_lambda_role_arn: ${{ steps.terraform-outputs.outputs.iam_lambda_role_arn }}
steps:
- name: Checkout
uses: actions/checkout@v3
- name: Upload Configuration
uses: hashicorp/tfc-workflows-github/actions/[email protected]
id: apply-upload
with:
workspace: ${{ env.TF_WORKSPACE }}
directory: ${{ env.CONFIG_DIRECTORY }}
- name: Create Apply Run
uses: hashicorp/tfc-workflows-github/actions/[email protected]
id: apply-run
with:
workspace: ${{ env.TF_WORKSPACE }}
configuration_version: ${{ steps.apply-upload.outputs.configuration_version_id }}
- name: Apply
uses: hashicorp/tfc-workflows-github/actions/[email protected]
if: fromJSON(steps.apply-run.outputs.payload).data.attributes.actions.IsConfirmable
id: apply
with:
run: ${{ steps.apply-run.outputs.run_id }}
comment: 'Apply Run from GitHub Actions CI ${{ github.sha }}'
- uses: dnsbty/[email protected]
id: terraform-outputs
with:
api-token: ${{ secrets.TF_API_TOKEN }}
workspace-id: ws-pftgvrxWKzhd2z9z
outputs: |
ecr_repository_scrape_txs_url
iam_lambda_role_arn
deploy-scrape-txs:
name: Deploy Scrape Bank Transactions function
runs-on: ubuntu-22.04
needs: terraform
defaults:
run:
working-directory: ./projects/scrape-txs
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v2
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: ${{ vars.AWS_DEFAULT_REGION }}
- name: Set build/deploy params
run: |
echo "ECR_REPO_URL=${{ needs.terraform.outputs.ecr_repository_scrape_txs_url }}" >> $GITHUB_ENV
echo "LAMBDA_ROLE_ARN=${{ needs.terraform.outputs.iam_lambda_role_arn }}" >> $GITHUB_ENV
echo "IMAGE_TAG=$(echo $GITHUB_SHA | cut -c1-7)" >> $GITHUB_ENV
- name: Expose GitHub Runtime
uses: crazy-max/ghaction-github-runtime@v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Build, tag, and push Docker image
run: ./build/build.sh
- name: Install Serverless
run: |
curl -o- -L https://slss.io/install | bash
echo "$HOME/.serverless/bin" >> $GITHUB_PATH
- name: Deploy with Serverless
env:
DATABASE_URL: ${{ secrets.DATABASE_URL }}
run: serverless deploy
deploy-update-ynab:
name: Deploy Update YNAB function
runs-on: ubuntu-22.04
needs: terraform
defaults:
run:
working-directory: ./projects/update-ynab
steps:
- name: Checkout
uses: actions/checkout@v4
- uses: actions/setup-go@v5
with:
go-version: '^1.22.1'
- name: Build
run: make build
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v2
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: ${{ vars.AWS_DEFAULT_REGION }}
- name: Set deploy params
run: |
echo "LAMBDA_ROLE_ARN=${{ needs.terraform.outputs.iam_lambda_role_arn }}" >> $GITHUB_ENV
- name: Install Serverless
run: |
curl -o- -L https://slss.io/install | bash
echo "$HOME/.serverless/bin" >> $GITHUB_PATH
- name: Deploy with Serverless
env:
DATABASE_URL: ${{ secrets.DATABASE_URL }}
run: serverless deploy