Definitely the first commit #158

	name: CD

	on:
	push:
	branches:
	- main
	paths:
	- 'infrastructure/**'
	- 'src/**'
	- 'scripts/**'
	- 'public/**'
	- 'templates/**'
	- 'Cargo.toml'
	- '.github/workflows/cd.yml'

	env:
	TF_VAR_AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
	TF_VAR_AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
	TF_VAR_STRIPE_API_KEY: ${{ secrets.STRIPE_API_KEY }}


	jobs:
	deploy:
	name: Deploy
	runs-on: ubuntu-latest
	steps:
	- uses: actions/checkout@v2
	- uses: opentofu/setup-opentofu@v1
	with:
	tofu_version: 1.6.0
	tofu_wrapper: false
	- name: Install Rust
	uses: actions-rs/toolchain@v1
	with:
	toolchain: stable
	override: true
	- uses: Swatinem/rust-cache@v2
	with:
	cache-all-crates: "true"
	- name: Build Lambda functions
	run: python3 ./scripts/build.py
	- name: Configure AWS Credentials
	uses: aws-actions/configure-aws-credentials@v2
	with:
	aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
	aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
	aws-region: "eu-west-1"
	- name: Init Tofu
	run: tofu -chdir=infrastructure init
	- name: Plan Tofu
	env:
	TF_VAR_GITHUB_CLIENT_SECRET: ${{ secrets.GH_CLIENT_SECRET }}
	run: tofu -chdir=infrastructure plan
	- name: Apply Tofu
	id: apply
	env:
	TF_VAR_GITHUB_CLIENT_SECRET: ${{ secrets.GH_CLIENT_SECRET }}
	run: tofu -chdir=infrastructure apply -auto-approve
	- name: Deploy frotnend resources
	run: \|
	CLIENT_BUCKET=$(tofu -chdir=infrastructure output -raw frontend_bucket_name)
	aws s3 sync ./public s3://$CLIENT_BUCKET/

Provide feedback