Deploy Application #73

Workflow file for this run

	name: Deploy Application

	on:
	push:
	branches: [main]
	paths:
	- '.github/workflows/deploy.yml'
	- '.github/workflows/push-container.yml'
	- 'src/**'
	- 'container/**'
	- 'template.yml'
	- 'package.json'
	workflow_dispatch:

	env:
	AWS_REGISTRY_URI: ${{ secrets.AWS_ACCOUNT_ID }}.dkr.ecr.us-east-1.amazonaws.com
	AWS_REGION: us-east-1
	AWS_ROLE_TO_ASSUME: arn:aws:iam::${{ secrets.AWS_ACCOUNT_ID }}:role/coderunner-pipeline-role
	REPOSITORY_NAME: coderunner
	CLOUDFORMATION_ROLE_ARN: arn:aws:iam::254837279431:role/coderunner-cloudformation-role
	CODEBASE_S3BUCKET: coderunner-codebase

	jobs:
	unit-test:
	runs-on: ubuntu-latest
	steps:
	- uses: actions/setup-node@v4
	- uses: actions/checkout@v4

	- name: Run tests
	run: \|
	npm ci
	npm run test

	- name: Upload coverage reports to Codecov
	uses: codecov/codecov-action@v4
	with:
	directory: ./tests/coverage/
	token: ${{ secrets.CODECOV_TOKEN }}

	push-container:
	needs: [unit-test]
	uses: ./.github/workflows/push-container.yml
	secrets:
	AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
	AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
	AWS_ACCOUNT_ID: ${{ secrets.AWS_ACCOUNT_ID }}

	deploy:
	runs-on: ubuntu-latest
	needs: [push-container]
	steps:
	- uses: actions/checkout@v4

	- uses: aws-actions/setup-sam@v2
	with:
	use-installer: true

	- name: Configure AWS Credentials
	uses: aws-actions/configure-aws-credentials@v4
	with:
	role-to-assume: ${{ env.AWS_ROLE_TO_ASSUME }}
	aws-region: ${{ env.AWS_REGION }}
	aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
	aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}

	- name: Set REPOSITORY_URI
	run: \|
	REPOSITORY_URI=$AWS_REGISTRY_URI/$REPOSITORY_NAME
	echo "REPOSITORY_URI=$REPOSITORY_URI" >> "$GITHUB_ENV"

	- name: Install dependencies
	run: \|
	rm package-lock.json
	docker run \
	-v $(pwd):/var/task \
	-w /var/task \
	--entrypoint /bin/bash \
	amazon/aws-lambda-nodejs:20 \
	-c "npm i --production"

	- name: Build and Upload Package
	run: \|
	zip --symlinks -r coderunner-latest.zip ./*
	aws s3 cp coderunner-latest.zip s3://${{ env.CODEBASE_S3BUCKET }}/coderunner-latest.zip

	- name: Deploy template.yml
	run: \|
	sam deploy --stack-name coderunner-dev \
	--no-fail-on-empty-changeset \
	--s3-bucket ${{ env.CODEBASE_S3BUCKET }} \
	--image-repositories CodeRunnerFunction=$REPOSITORY_URI \
	--capabilities CAPABILITY_IAM \
	--role-arn ${CLOUDFORMATION_ROLE_ARN} \
	--parameter-overrides \
	ImageUri=${{ env.REPOSITORY_URI }}:${{ github.run_id }}

	delete-outdated-image:
	runs-on: ubuntu-latest
	needs: [deploy]
	steps:
	- uses: aws-actions/setup-sam@v2
	with:
	use-installer: true

	- name: Configure AWS Credentials
	uses: aws-actions/configure-aws-credentials@v4
	with:
	role-to-assume: ${{ env.AWS_ROLE_TO_ASSUME }}
	aws-region: ${{ env.AWS_REGION }}
	aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
	aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}

	- name: Delete images from ECR Repository
	run: \|
	IMAGE_ID=$(aws ecr describe-images \
	--repository-name $REPOSITORY_NAME \
	--query "sort_by(imageDetails, &imagePushedAt) \| reverse(@) \| [1:].{imageId:imageTags[0]}")

	for row in $(echo "${IMAGE_ID}" \| jq -r '.[] \| @base64'); do
	_jq() {
	echo ${row} \| base64 --decode \| jq -r ${1}
	}
	aws ecr batch-delete-image \
	--repository-name $REPOSITORY_NAME \
	--image-ids imageTag=$(_jq '.imageId')
	done

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Deploy Application #73

Workflow file

Deploy Application #73

Jobs

Run details

Workflow file for this run