Deploy Lambda Functions #203
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Deploy Lambda Functions | |
| on: | |
| push: | |
| branches: | |
| - master | |
| paths: | |
| - 'aws/**' | |
| release: | |
| types: [published] | |
| workflow_dispatch: | |
| env: | |
| WORKING_DIRECTORY: ./aws | |
| NODE_VERSION: 22 | |
| GITHUB_IMAGE_REPO: ghcr.io/bcgov/jasper | |
| jobs: | |
| get-lambdas: | |
| runs-on: ubuntu-latest | |
| outputs: | |
| lambda_dir_list: ${{ steps.convert.outputs.LAMBDA_DIR_LIST }} | |
| permissions: | |
| contents: read | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 | |
| - name: Get Lambda directories | |
| id: lambdas | |
| shell: bash | |
| working-directory: ${{ env.WORKING_DIRECTORY }} | |
| run: | | |
| dirs=$(find lambdas -mindepth 2 -maxdepth 2 -type d | sed 's|lambdas/||' | paste -sd ';' -) # Space-separated | |
| echo "LAMBDA_DIRS=$dirs" >> $GITHUB_ENV | |
| - name: Convert FOLDERS to JSON array | |
| id: convert | |
| shell: bash | |
| working-directory: ${{ env.WORKING_DIRECTORY }} | |
| run: | | |
| LAMBDA_DIR_LIST=$(echo "${LAMBDA_DIRS}" | jq -R 'split(";")' -c) | |
| echo "LAMBDA_DIR_LIST=$LAMBDA_DIR_LIST" >> $GITHUB_OUTPUT | |
| - name: Build Lambdas codebase | |
| uses: ./.github/workflows/actions/build-lambdas | |
| with: | |
| working_directory: ${{ env.WORKING_DIRECTORY }} | |
| node_version: ${{ env.NODE_VERSION }} | |
| deploy2gchr: | |
| needs: get-lambdas | |
| environment: lz-dev | |
| outputs: | |
| image_tag: ${{ steps.version.outputs.IMAGE_TAG }} | |
| permissions: | |
| id-token: write | |
| packages: write | |
| runs-on: ubuntu-latest | |
| strategy: | |
| matrix: | |
| lambda: ${{ fromJSON(needs.get-lambdas.outputs.lambda_dir_list) }} | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 | |
| - name: Log in to the GHCR | |
| uses: docker/login-action@c94ce9fb468520275223c153574b00df6fe4bcc9 # v3.7.0 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Get Image Tag | |
| id: version | |
| run: | | |
| if [[ "${{ github.event_name }}" == "release" ]]; then | |
| VERSION="${{ github.event.release.tag_name }}" | |
| echo "IMAGE_TAG=${VERSION#v}" >> $GITHUB_OUTPUT | |
| else | |
| echo "IMAGE_TAG=$(git rev-parse --short HEAD)" >> $GITHUB_OUTPUT | |
| fi | |
| - name: Parse Resource and Lambda Name | |
| id: parse | |
| run: | | |
| echo "Lambda: ${{ matrix.lambda }}" | |
| RESOURCE="${{ matrix.lambda }}" | |
| LAMBDA="${{ matrix.lambda }}" | |
| echo "RESOURCE=${RESOURCE%%/*}" >> $GITHUB_ENV | |
| echo "LAMBDA=${LAMBDA##*/}" >> $GITHUB_ENV | |
| - name: Setup Image Metadata | |
| id: meta | |
| uses: docker/metadata-action@c299e40c65443455700f0fdfc63efafe5b349051 # v5.10.0 | |
| with: | |
| images: | | |
| ${{ env.GITHUB_IMAGE_REPO }}/${{ env.RESOURCE }}.${{ env.LAMBDA }} | |
| tags: | | |
| type=raw,value=${{ steps.version.outputs.IMAGE_TAG }} | |
| type=raw,value=latest,enable=${{ github.event_name == 'release' }} | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@8d2750c68a42422c14e847fe6c8ac0403b4cbd6f # v3.12.0 | |
| with: | |
| driver: docker | |
| - name: Build ${{ matrix.lambda }} image | |
| uses: docker/build-push-action@10e90e3645eae34f1e60eeb005ba3a3d33f178e8 # v6.19.2 | |
| with: | |
| push: true | |
| file: ./docker/aws/Dockerfile.release | |
| context: ./aws | |
| tags: ${{ steps.meta.outputs.tags }} | |
| labels: ${{ steps.meta.outputs.labels }} | |
| provenance: false | |
| build-args: | | |
| TARGET_FUNCTION=${{ matrix.lambda }} | |
| NODE_VERSION=${{ env.NODE_VERSION }} | |
| deploy2dev: | |
| name: Deploy to DEV | |
| needs: [get-lambdas, deploy2gchr] | |
| env: | |
| ENVIRONMENT: lz-dev | |
| permissions: | |
| id-token: write | |
| packages: write | |
| runs-on: ubuntu-latest | |
| environment: lz-dev | |
| strategy: | |
| matrix: | |
| lambda: ${{ fromJSON(needs.get-lambdas.outputs.lambda_dir_list) }} | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 | |
| - name: Deploy to ${{ env.ENVIRONMENT }} | |
| uses: ./.github/workflows/actions/deploy-lambda | |
| with: | |
| environment: ${{ env.ENVIRONMENT }} | |
| aws_account: ${{ vars.AWS_ACCOUNT }} | |
| region: ${{ vars.AWS_REGION }} | |
| app_name: ${{ vars.APP_NAME }} | |
| aws_role_arn: ${{ vars.AWS_ROLE_ARN }} | |
| ghcr_token: ${{ secrets.GITHUB_TOKEN }} | |
| github_image_repo: ${{ env.GITHUB_IMAGE_REPO }} | |
| lambda: ${{ matrix.lambda }} | |
| image_tag: ${{ needs.deploy2gchr.outputs.image_tag }} | |
| deploy2test: | |
| name: Deploy to TEST | |
| needs: [get-lambdas, deploy2gchr, deploy2dev] | |
| env: | |
| ENVIRONMENT: lz-test | |
| permissions: | |
| id-token: write | |
| packages: write | |
| runs-on: ubuntu-latest | |
| environment: lz-test | |
| strategy: | |
| matrix: | |
| lambda: ${{ fromJSON(needs.get-lambdas.outputs.lambda_dir_list) }} | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 | |
| - name: Deploy to ${{ env.ENVIRONMENT }} | |
| uses: ./.github/workflows/actions/deploy-lambda | |
| with: | |
| environment: ${{ env.ENVIRONMENT }} | |
| aws_account: ${{ vars.AWS_ACCOUNT }} | |
| region: ${{ vars.AWS_REGION }} | |
| app_name: ${{ vars.APP_NAME }} | |
| aws_role_arn: ${{ vars.AWS_ROLE_ARN }} | |
| ghcr_token: ${{ secrets.GITHUB_TOKEN }} | |
| github_image_repo: ${{ env.GITHUB_IMAGE_REPO }} | |
| lambda: ${{ matrix.lambda }} | |
| image_tag: ${{ needs.deploy2gchr.outputs.image_tag }} | |
| deploy2prod: | |
| name: Deploy to PROD | |
| if: ${{ github.event_name != 'release' || !github.event.release.prerelease }} | |
| needs: [get-lambdas, deploy2gchr, deploy2dev, deploy2test] | |
| env: | |
| ENVIRONMENT: lz-prod | |
| permissions: | |
| id-token: write | |
| packages: write | |
| runs-on: ubuntu-latest | |
| environment: lz-prod | |
| strategy: | |
| matrix: | |
| lambda: ${{ fromJSON(needs.get-lambdas.outputs.lambda_dir_list) }} | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 | |
| - name: Deploy to ${{ env.ENVIRONMENT }} | |
| uses: ./.github/workflows/actions/deploy-lambda | |
| with: | |
| environment: ${{ env.ENVIRONMENT }} | |
| aws_account: ${{ vars.AWS_ACCOUNT }} | |
| region: ${{ vars.AWS_REGION }} | |
| app_name: ${{ vars.APP_NAME }} | |
| aws_role_arn: ${{ vars.AWS_ROLE_ARN }} | |
| ghcr_token: ${{ secrets.GITHUB_TOKEN }} | |
| github_image_repo: ${{ env.GITHUB_IMAGE_REPO }} | |
| lambda: ${{ matrix.lambda }} | |
| image_tag: ${{ needs.deploy2gchr.outputs.image_tag }} |