This repository has been archived by the owner on Sep 24, 2024. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 1
/
action.yaml
77 lines (75 loc) · 2.6 KB
/
action.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
name: perform pulumi action
description: pulumi preview and up for moj cross account deployment
inputs:
stack:
description: the stack to perform action on
required: true
pulumi-action:
description: the pulumi action to perform
required: true
backend-url:
description: url to login to, including relevant config profile
required: true
landing-arn:
description: full arn of landing role to assume
required: true
refresh:
description: y or n indicates whether the pulumi actions is ran with the refresh flag
required: true
aws-config-path:
description: path to the relevant aws config in the repo
requried: false
pulumi-passphrase:
description: pulumi passphrase
required: false
runs:
using: composite
steps:
- name: Check out repository
uses: actions/checkout@v3
with:
fetch-depth: 1
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v1
with:
aws-region: eu-west-1
role-to-assume: ${{ inputs.landing-arn }}
- name: Upgrade AWS CLI & add aws config
shell: bash
run: |
curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip"
unzip awscliv2.zip
sudo ./aws/install --update
aws --version
mkdir ~/.aws/
cp $(if [ ! -s ${{ inputs.aws-config-path }} ];then echo "${{ inputs.aws-config-path }}"; else echo "${{ github.action_path }}/default-aws-config"; fi) ~/.aws/config
- name: setup python
uses: actions/setup-python@v2
with:
python-version: "3.9"
- name: Remove existing Pulumi installations
shell: bash
run: |
rm -rf $HOME/.pulumi
- name: Install Pulumi CLI
uses: pulumi/setup-pulumi@v2
with:
pulumi-version: ^3.0.0
- name: Install Python dependencies
shell: bash
run: |
python -m pip install --upgrade pip
if [ -f requirements.txt ]; then pip install --upgrade -r requirements.txt; fi
- name: login to pulumi backend
shell: bash
run: |
pulumi login '${{ inputs.backend-url }}'
- name: perform pulumi action
shell: bash
env:
PULUMI_CONFIG_PASSPHRASE: ""
INFRA_CREATOR_ROLE_NAME: "github-actions-infrastructure"
run: |
pulumi stack select -c ${{ inputs.stack }}
pulumi config set aws:skipCredentialsValidation true
pulumi ${{ inputs.pulumi-action }} $(if [ ${{ inputs.refresh }} = y ]; then echo "--refresh"; fi) $(if [ ${{ inputs.pulumi-action }} = up ] || [ ${{ inputs.pulumi-action }} = destroy ] ;then echo "--yes"; fi)