Skip to content
Checks and PR stack deploy

Upgrades to AL2023 runtime #48

Sign in to view logs

Upgrades to AL2023 runtime

Upgrades to AL2023 runtime #48

Workflow file for this run

.github/workflows/checks.yml at f6bfdfb
name: Checks and PR stack deploy
on:
push:
branches:
- main
pull_request:
jobs:
cloudformation-check:
runs-on: ubuntu-latest
container:
image: us-central1-docker.pkg.dev/phurl-public-docker/github-actions/actions-cfn-lint:latest
timeout-minutes: 10
steps:
- uses: actions/checkout@v2
- name: Lint CloudFormation templates
run: |
cfn-lint --version
cfn-lint --include-checks I --info -t template.yaml
go-check:
runs-on: ubuntu-latest
timeout-minutes: 10
steps:
- uses: actions/checkout@v2
- name: Set up Go
uses: actions/setup-go@v2
with:
go-version: 1.21
- name: Get tools
run: |
go install honnef.co/go/tools/cmd/staticcheck@latest
curl -sfL https://raw.githubusercontent.com/securego/gosec/master/install.sh | sh -s -- -b $(go env GOPATH)/bin v2.18.2
- name: Run Staticcheck
run: |
staticcheck -f stylish ./...
working-directory: ingest-fn
- name: Run Gosec
run: |
gosec -exclude=G304 -verbose text ./...
working-directory: ingest-fn
- name: Run tests
run: |
go test -v
working-directory: ingest-fn
deploy-pr-stack:
if: github.event_name == 'pull_request'
runs-on: ubuntu-latest
permissions:
id-token: write
contents: read
timeout-minutes: 15
needs:
- cloudformation-check
- go-check
steps:
- run: sleep 5
- uses: actions/checkout@v2
- uses: aws-actions/[email protected]
with:
role-to-assume: ${{ secrets.ACTIONS_ROLE_ARN }}
role-duration-seconds: 900
aws-region: eu-west-1
- name: Place SAM config
run: |
cp .ci/samconfig.toml.template samconfig.toml
sed -i -e "s|stack_name = \"{}\"|stack_name = \"GITHUB-Phuurl-img-site-PR-${PRNUM}\"|g" samconfig.toml
sed -i -e "s|s3_bucket = \"{}\"|s3_bucket = \"${SAM_BUCKET}\"|g" samconfig.toml
sed -i -e "s|s3_prefix = \"{}\"|s3_prefix = \"GITHUB-Phuurl-img-site-PR-${PRNUM}\"|g" samconfig.toml
sed -i -e "s|parameter_overrides = \"{}\"|parameter_overrides = \"UploadBucketName=\\\\\"github-phuurl-img-site-pr-upload-${PRNUM}\\\\\" EmailNotificationEnabled=\\\\\"false\\\\\" NotificationEmail=\\\\\"x\\\\\" SiteName=\\\\\"GITHUB-Phuurl-img-site-PR-${PRNUM}\\\\\" NoDomain=\\\\\"true\\\\\" Domain=\\\\\"x\\\\\" CertArn=\\\\\"x\\\\\" CloudFrontRedirectFunctionName=\\\\\"GITHUB_Phuurl_img_site_PR_${PRNUM}_index_redirect_func\\\\\" CloudFrontCachePolicyName=\\\\\"GITHUB-Phuurl-img-site-PR-${PRNUM}-cache-policy\\\\\" CreateUploadIamUser=\\\\\"false\\\\\"\"|g" samconfig.toml
sed -i -e "s|tags = \"{}\"|tags = \"project=\\\\\"github\\\\\" repo=\\\\\"img-site\\\\\" pr=\\\\\"${PRNUM}\\\\\"\"|g" samconfig.toml
cat samconfig.toml
env:
PRNUM: ${{ github.event.number }}
SAM_BUCKET: ${{ secrets.SAM_BUCKET }}
- name: SAM build
run: |
sed -i -e "s|linux-arm64|linux-amd64|g" ingest-fn/Makefile
sam build
- name: Slack notify
run: |
curl -X POST -H 'Content-type: application/json' --data "{\"text\": \":shipit: PR deployment for \`Phuurl/img-site/#${PRNUM}\`\"}" ${SLACK_WEBHOOK}
env:
PRNUM: ${{ github.event.number }}
SLACK_WEBHOOK: ${{ secrets.SLACK_PR_DEPLOYMENT_WEBHOOK }}
continue-on-error: true
- name: SAM deploy
run: |
sam deploy --role-arn ${DEPLOY_ROLE} --config-env ci
env:
DEPLOY_ROLE: ${{ secrets.DEPLOY_ROLE_ARN }}
- name: Upload static assets
run: |
HostingBucketName=$(aws cloudformation describe-stacks --stack-name "GITHUB-Phuurl-img-site-PR-${PRNUM}" --query "Stacks[0].Outputs[?OutputKey=='HostingBucketName'].OutputValue" --output text --region eu-west-1)
aws s3 cp error.html s3://${HostingBucketName}/
aws s3 cp robots.txt s3://${HostingBucketName}/
env:
PRNUM: ${{ github.event.number }}
- name: Upload input images
run: |
UploadBucketName=$(aws cloudformation describe-stacks --stack-name "GITHUB-Phuurl-img-site-PR-${PRNUM}" --query "Stacks[0].Outputs[?OutputKey=='UploadBucketName'].OutputValue" --output text --region eu-west-1)
aws s3 cp ingest-fn/.test-resources/500x500.png s3://${UploadBucketName}/
aws s3 cp ingest-fn/.test-resources/500x500.jpg s3://${UploadBucketName}/
env:
PRNUM: ${{ github.event.number }}