-
Notifications
You must be signed in to change notification settings - Fork 0
139 lines (129 loc) · 4.85 KB
/
deploy.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
name: Deploy
# https://github.com/hashicorp-education/learn-terraform-github-actions/blob/main/.github/workflows/terraform-apply.yml
on:
push:
branches:
- main
concurrency:
group: ${{ github.ref_name }}
cancel-in-progress: false
env:
DOCKER_BUILDKIT: 1
FORCE_COLOR: 1
jobs:
terraform:
name: Terraform
runs-on: ubuntu-22.04
permissions:
contents: read
env:
TF_CLOUD_ORGANIZATION: rhyek
TF_API_TOKEN: ${{ secrets.TF_API_TOKEN }}
TF_WORKSPACE: 'bank-bots-dev'
CONFIG_DIRECTORY: './infra'
outputs:
ecr_repository_scrape_txs_url: ${{ steps.terraform-outputs.outputs.ecr_repository_scrape_txs_url }}
iam_lambda_role_arn: ${{ steps.terraform-outputs.outputs.iam_lambda_role_arn }}
playwright_traces_s3_bucket_id: ${{ steps.terraform-outputs.outputs.playwright_traces_s3_bucket_id }}
steps:
- name: Checkout
uses: actions/checkout@v3
- name: Upload Configuration
uses: hashicorp/tfc-workflows-github/actions/upload-configuration@v1.0.0
id: apply-upload
with:
workspace: ${{ env.TF_WORKSPACE }}
directory: ${{ env.CONFIG_DIRECTORY }}
- name: Create Apply Run
uses: hashicorp/tfc-workflows-github/actions/create-run@v1.0.0
id: apply-run
with:
workspace: ${{ env.TF_WORKSPACE }}
configuration_version: ${{ steps.apply-upload.outputs.configuration_version_id }}
- name: Apply
uses: hashicorp/tfc-workflows-github/actions/apply-run@v1.0.0
if: fromJSON(steps.apply-run.outputs.payload).data.attributes.actions.IsConfirmable
id: apply
with:
run: ${{ steps.apply-run.outputs.run_id }}
comment: 'Apply Run from GitHub Actions CI ${{ github.sha }}'
- uses: dnsbty/get-terraform-outputs-action@v1.1
id: terraform-outputs
with:
api-token: ${{ secrets.TF_API_TOKEN }}
workspace-id: ws-pftgvrxWKzhd2z9z
outputs: |
ecr_repository_scrape_txs_url
iam_lambda_role_arn
playwright_traces_s3_bucket_id
deploy-scrape-txs:
name: Deploy Scrape Bank Transactions function
runs-on: ubuntu-22.04
needs: terraform
defaults:
run:
working-directory: ./projects/scrape-txs
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v2
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: ${{ vars.AWS_DEFAULT_REGION }}
- name: Set build/deploy params
run: |
echo "ECR_REPO_URL=${{ needs.terraform.outputs.ecr_repository_scrape_txs_url }}" >> $GITHUB_ENV
echo "LAMBDA_ROLE_ARN=${{ needs.terraform.outputs.iam_lambda_role_arn }}" >> $GITHUB_ENV
echo "PLAYWRIGHT_TRACES_S3_BUCKET_ID=${{ needs.terraform.outputs.playwright_traces_s3_bucket_id }}" >> $GITHUB_ENV
echo "IMAGE_TAG=$(echo $GITHUB_SHA | cut -c1-7)" >> $GITHUB_ENV
- name: Expose GitHub Runtime
uses: crazy-max/ghaction-github-runtime@v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Build, tag, and push Docker image
run: ./build/build.sh
- name: Install Serverless
run: |
curl -o- -L https://slss.io/install | bash
echo "$HOME/.serverless/bin" >> $GITHUB_PATH
- name: Deploy with Serverless
env:
DATABASE_URL: ${{ secrets.DATABASE_URL }}
MAILER_SMTP_ACCOUNT: ${{ secrets.MAILER_SMTP_ACCOUNT }}
MAILER_SMTP_PASSWORD: ${{ secrets.MAILER_SMTP_PASSWORD }}
MAILER_ME: ${{ secrets.MAILER_ME }}
run: serverless deploy
deploy-update-ynab:
name: Deploy Update YNAB function
runs-on: ubuntu-22.04
needs: terraform
defaults:
run:
working-directory: ./projects/update-ynab
steps:
- name: Checkout
uses: actions/checkout@v4
- uses: actions/setup-go@v5
with:
go-version: '^1.22.1'
- name: Build
run: make build
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v2
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: ${{ vars.AWS_DEFAULT_REGION }}
- name: Set deploy params
run: |
echo "LAMBDA_ROLE_ARN=${{ needs.terraform.outputs.iam_lambda_role_arn }}" >> $GITHUB_ENV
- name: Install Serverless
run: |
curl -o- -L https://slss.io/install | bash
echo "$HOME/.serverless/bin" >> $GITHUB_PATH
- name: Deploy with Serverless
env:
DATABASE_URL: ${{ secrets.DATABASE_URL }}
run: serverless deploy