Add role for zoom reverse proxy #109
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
on: | |
push: | |
branches: | |
- develop | |
- main | |
jobs: | |
build-deploy: | |
runs-on: ubuntu-latest | |
steps: | |
# Prepare build and deploy environment | |
- uses: actions/checkout@v3 | |
with: | |
submodules: recursive | |
- uses: aws-actions/setup-sam@v2 | |
- uses: aws-actions/configure-aws-credentials@v3 | |
with: | |
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
aws-region: ${{ secrets.AWS_DEFAULT_REGION }} | |
role-to-assume: ${{ secrets.PIPELINE_EXECUTION_ROLE }} | |
role-duration-seconds: 3600 | |
role-skip-session-tagging: true | |
# Set variables | |
- name: Set DynamoDB table name variable | |
run: | | |
if [[ "${{ github.ref_name }}" == "develop" ]]; then | |
export DYNAMODB_TABLE_NAME="${{ secrets.DEVELOP_DYNAMODB_TABLE_NAME }}" | |
elif [[ "${{ github.ref_name }}" == "main" ]]; then | |
export DYNAMODB_TABLE_NAME="${{ secrets.MAIN_DYNAMODB_TABLE_NAME }}" | |
fi | |
sed -i "s/dynamodb_table_name_placeholder/${DYNAMODB_TABLE_NAME}/g" ./docspace-reverse-proxy/index.mjs | |
sed -i "s/dynamodb_table_name_placeholder/${DYNAMODB_TABLE_NAME}/g" ./zoom-reverse-proxy/index.mjs | |
- name: Set viewer request domain name variable | |
run: | | |
if [[ "${{ github.ref_name }}" == "develop" ]]; then | |
export DOMAIN_NAMES="${{ secrets.DEVELOP_DOMAIN_NAMES }}" | |
elif [[ "${{ github.ref_name }}" == "main" ]]; then | |
export DOMAIN_NAMES="${{ secrets.MAIN_DOMAIN_NAMES }}" | |
fi | |
sed -i "s/domain_name_replace_placeholder/${DOMAIN_NAMES}/g" ./docspace-viewer-request/index.mjs | |
- name: Set regions_map and ddb_regions_map variables | |
run: | | |
if [[ "${{ github.ref_name }}" == "develop" ]]; then | |
echo '${{ secrets.DEVELOP_REGIONS_MAP_BASE64 }}' | base64 -d > regions_map.tmp | |
echo '${{ secrets.DEVELOP_DDB_REGIONS_MAP_BASE64 }}' | base64 -d > ddb_regions_map.tmp | |
elif [[ "${{ github.ref_name }}" == "main" ]]; then | |
echo '${{ secrets.MAIN_REGIONS_MAP_BASE64 }}' | base64 -d > regions_map.tmp | |
echo '${{ secrets.MAIN_DDB_REGIONS_MAP_BASE64 }}' | base64 -d > ddb_regions_map.tmp | |
fi | |
awk -v rmap="$(<regions_map.tmp)" '{ gsub(/regionsMap_placeholder/, rmap); print; }' ./docspace-reverse-proxy/index.mjs > temp_index.mjs && mv temp_index.mjs ./docspace-reverse-proxy/index.mjs | |
awk -v rmap="$(<ddb_regions_map.tmp)" '{ gsub(/ddbRegionsMap_placeholder/, rmap); print; }' ./docspace-reverse-proxy/index.mjs > temp_index.mjs && mv temp_index.mjs ./docspace-reverse-proxy/index.mjs | |
awk -v rmap="$(<ddb_regions_map.tmp)" '{ gsub(/ddbRegionsMap_placeholder/, rmap); print; }' ./zoom-reverse-proxy/index.mjs > temp_index.mjs && mv temp_index.mjs ./zoom-reverse-proxy/index.mjs | |
# Build and deploy stack | |
- run: sam build -u --template-file ${GITHUB_REF_NAME}-template.yaml | |
- run: sam deploy --template-file ${GITHUB_REF_NAME}-template.yaml --config-file ${GITHUB_REF_NAME}-config.toml --role-arn ${{ secrets.CLOUDFORMATION_EXECUTION_ROLE }} |