-
Notifications
You must be signed in to change notification settings - Fork 0
179 lines (152 loc) · 5.42 KB
/
deploy-to-lambda.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
name: Deploy Lambda Function
on:
workflow_call:
inputs:
aws_account_id:
required: true
description: Destination AWS Account
type: string
lambda_function_name:
required: true
description: Name of the target Lambda Function
type: string
runs-on:
required: false
description: 'Platform to execute on. Default ["self-hosted", "cere-io-large"]'
type: string
default: '["self-hosted", "cere-network-large"]'
aws_region:
required: false
description: Target AWS region. Defaults "us-west-2"
default: us-west-2
type: string
build_files:
required: false
default: false
description: Build static files?
type: boolean
build_container:
required: false
description: Base image to build
type: string
install_dependencies_command:
required: false
type: string
install_packages_command:
required: false
description: Command to install packages
type: string
build_command:
required: false
description: Build command
type: string
path_to_application_files_to_upload:
required: false
default: ''
description: Path to files to upload
type: string
client_path:
required: false
default: ''
type: string
secrets:
NPM_TOKEN:
required: false
jobs:
build:
if: "${{ inputs.build_files }}"
name: Build Lambda Function
runs-on: "${{ fromJSON(inputs.runs-on) }}"
container:
image: "${{ inputs.build_container }}"
timeout-minutes: 10
steps:
- uses: actions/checkout@v3
- name: Install system packages
run: >
apt-get update;
apt-get install -y zip;
${{ inputs.install_dependencies_command }}
- name: Get npm cache directory
id: npm-cache-dir
working-directory: "${{ inputs.client_path }}"
run: echo "npm_cache_dir=$(npm config get cache)" >> "$GITHUB_ENV"
- name: Restore cache
uses: actions/cache@v3
id: npm-cache
with:
path: ${{ github.workspace }}/${{ inputs.client_path }}/${{ env.npm_cache_dir }}
key: ${{ runner.os }}-node-${{ hashFiles('${{ inputs.client_path }}//package-lock.json') }}
restore-keys: |
${{ runner.os }}-node-
- name: Install packages
working-directory: "${{ github.workspace }}/${{ inputs.client_path }}"
run: "${{ inputs.install_packages_command }}"
env:
NPM_TOKEN: "${{secrets.NPM_TOKEN}}"
- name: Build
working-directory: "${{ github.workspace }}/${{ inputs.client_path }}"
env:
CI: false
NPM_TOKEN: "${{secrets.NPM_TOKEN}}"
run: "${{ inputs.build_command }}"
- name: Zip artifact
working-directory: "${{ github.workspace }}/${{ inputs.client_path }}/${{ inputs.path_to_application_files_to_upload }}"
run: |
zip -qq -r "${{ inputs.lambda_function_name }}.zip" ./
- name: Prepare artifact
uses: actions/upload-artifact@v3
with:
name: ${{ inputs.lambda_function_name }}
path: "${{ github.workspace }}/${{ inputs.client_path }}/${{ inputs.path_to_application_files_to_upload }}/${{ inputs.lambda_function_name }}.zip"
archive:
if: "${{ ! inputs.build_files }}"
name: Prepare Artifact
runs-on: "${{ fromJSON(inputs.runs-on) }}"
timeout-minutes: 5
steps:
- uses: actions/checkout@v3
- name: Zip artifact
working-directory: "${{ github.workspace }}/${{ inputs.client_path }}/${{ inputs.path_to_application_files_to_upload }}"
run: |
zip -qq -r "${{ inputs.lambda_function_name }}.zip" ./
- name: Prepare artifact
uses: actions/upload-artifact@v3
with:
name: ${{ inputs.lambda_function_name }}
path: "${{ github.workspace }}/${{ inputs.client_path }}/${{ inputs.path_to_application_files_to_upload }}/${{ inputs.lambda_function_name }}.zip"
deploy:
name: Deploy Lambda Function
needs:
- build
- archive
if: always() && (needs.build.result == 'success' || needs.archive.result == 'success')
runs-on: "${{ fromJSON(inputs.runs-on) }}"
timeout-minutes: 10
permissions:
contents: read
id-token: write
steps:
- name: Restore artifact
uses: actions/download-artifact@v3
with:
name: ${{ inputs.lambda_function_name }}
path: lambda
- name: Configure aws credentials
uses: aws-actions/configure-aws-credentials@v2
with:
role-skip-session-tagging: true
role-to-assume: "arn:aws:iam::${{ inputs.aws_account_id }}:role/github"
role-session-name: "${{ github.event.repository.name }}"
aws-region: "${{ inputs.aws_region }}"
- name: Upload files
run: |
aws s3 mv \
lambda/${{ inputs.lambda_function_name }}.zip \
"s3://cere-deployments-${{ inputs.aws_account_id }}/lambda/${{ inputs.lambda_function_name }}.zip"
- name: Deploy Function
run: |
aws lambda update-function-code \
--function-name "${{ inputs.lambda_function_name }}" \
--s3-bucket "cere-deployments-${{ inputs.aws_account_id }}" \
--s3-key "lambda/${{ inputs.lambda_function_name }}.zip"