Image #13
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: CI | |
concurrency: | |
group: ${{ github.ref }} | |
cancel-in-progress: ${{ github.event_name == 'pull_request' }} | |
on: | |
pull_request: {} | |
push: | |
branches: | |
- main | |
env: | |
AWS_ROLE_NAME: ${{ secrets.AWS_ROLE_NAME }} | |
BUCKET_NAME: ${{ secrets.BUCKET_NAME }} | |
FUNCTION_NAME: ${{ secrets.FUNCTION_NAME }} | |
jobs: | |
deployment: | |
# runs-on: ubuntu-latest | |
runs-on: self-hosted | |
# environment and permissions are required when using the role-to-assume | |
# function of aws-actions/configure-aws-credentials | |
# More informations on: https://github.com/aws-actions/configure-aws-credentials | |
environment: dev | |
permissions: | |
contents: read | |
id-token: write | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: actions/setup-node@v4 | |
with: | |
node-version-file: '.nvmrc' | |
- name: Configure AWS credentials | |
# if: github.ref == 'refs/heads/main' | |
# uses: aws-actions/[email protected] | |
# with: | |
# role-to-assume: ${{ env.AWS_ROLE_NAME }} | |
# aws-region: us-east-2 | |
# role-session-name: HttpDcrLambdaCiUsEast2 | |
# role-duration-seconds: 1200 | |
# mask-aws-account-id: 'true' | |
# | |
# **** **** | |
# **** IMPORTANT **** with a 'self-hosted' runner you have to do => 'aws sso login' | |
# **** **** | |
uses: aws-actions/configure-aws-credentials@v4 | |
with: | |
aws-region: eu-west-3 | |
- name: install dependencies | |
run: yarn | |
# building the target bundle and then copying the package.json | |
# to be able to install the node_modules in the dist files to be | |
# zipped afterward to land in s3 for the lambda function to update its code on | |
# note: we use production and frozen-lockfile to avoid undefined behaviors of | |
# dependencies updates and we only install runtime required dependencies | |
- name: build | |
run: | | |
yarn build | |
cp package.json dist/package.json | |
cd dist | |
yarn --production --frozen-lockfile | |
- name: zip | |
run: | | |
cd dist && zip -r ../build.zip * | |
- name: Send to S3 | |
if: github.ref == 'refs/heads/main' | |
run: | | |
aws s3 cp ./build.zip s3://${{ env.BUCKET_NAME }}/lambda-dcr-http.zip \ | |
--storage-class REDUCED_REDUNDANCY \ | |
--acl private \ | |
--no-progress | |
- name: Deploy Lambda function | |
if: github.ref == 'refs/heads/main' | |
run: | | |
aws lambda update-function-code \ | |
--function-name ${{ env.FUNCTION_NAME }} \ | |
--s3-bucket ${{ env.BUCKET_NAME }} \ | |
--s3-key lambda-dcr-http.zip \ | |
--publish |