diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 37586b1..6c3218e 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -9,6 +9,12 @@ concurrency: group: ${{ github.workflow }}-${{ github.ref }} cancel-in-progress: true +env: + AWS_CFN_TEMPLATE: template.yml + AWS_REGION: ${{ vars.AWS_REGION }} + AWS_ROLE_ARN: ${{ vars.AWS_ROLE_ARN_DEV }} + ENV_FILE: ${{ secrets.ENV_CI }} + jobs: build: name: 'Build' @@ -29,6 +35,10 @@ jobs: - name: Install Dependencies run: npm ci + - name: 'Create .env File' + run: | + echo "${{ env.ENV_FILE }}" > .env + - name: Build run: npm run build @@ -51,8 +61,12 @@ jobs: - name: Install Dependencies run: npm ci + - name: 'Create .env File' + run: | + echo "${{ env.ENV_FILE }}" > .env + - name: Run Unit Tests - run: npm run test.unit + run: npm run test:ci scan: name: 'Scan' @@ -73,5 +87,34 @@ jobs: - name: Install Dependencies run: npm ci + - name: 'Create .env File' + run: | + echo "${{ env.ENV_FILE }}" > .env + - name: Run Linter run: npm run lint + + validate-template: + name: 'Validate CloudFormation Template' + + runs-on: ubuntu-latest + timeout-minutes: 3 + + permissions: + id-token: write + contents: read + + steps: + - name: Checkout + uses: actions/checkout@v4 + + - name: Configure AWS Credentials + uses: aws-actions/configure-aws-credentials@v4 + with: + role-to-assume: ${{ env.AWS_ROLE_ARN }} + aws-region: ${{ env.AWS_REGION }} + + - name: Validate AWS CloudFormation Template + run: |- + aws cloudformation validate-template \ + --template-body file://${{ env.AWS_CFN_TEMPLATE }}