-
Notifications
You must be signed in to change notification settings - Fork 53
61 lines (53 loc) · 2.02 KB
/
apply.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
name: Apply
on:
push:
branches: [ main ]
permissions:
contents: write
pull-requests: write
id-token: write
concurrency:
group: plan-and-apply
cancel-in-progress: false
jobs:
test:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v3
with:
fetch-depth: 0
ref: ${{github.event.pull_request.head.ref}}
repository: ${{github.event.pull_request.head.repo.full_name}}
- name: Run Tests
working-directory: ./application/backend-monorepo-multiservice/code/development-environment
run: ./dev_all.sh
deploy-infrastructure:
runs-on: ubuntu-latest
needs: test
if: github.ref == 'refs/heads/main'
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
steps:
- name: Checkout
uses: actions/checkout@v3
- name: Credential Attributes
id: credential-attributes
run: |
echo "role=$(echo '${{ secrets.STATE_MANAGEMENT_BASE64 }}' | base64 --decode | jq .state_management_role -r)" >> "$GITHUB_OUTPUT"
echo "region=$(echo '${{ secrets.STATE_MANAGEMENT_BASE64 }}' | base64 --decode | jq .state_management_region -r)" >> "$GITHUB_OUTPUT"
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v3
with:
role-to-assume: ${{ steps.credential-attributes.outputs.role }}
aws-region: ${{ steps.credential-attributes.outputs.region }}
role-session-name: "GithubAction"
- name: Save Environment Variables
run: >
echo "AWS_ACCESS_KEY_ID=$AWS_ACCESS_KEY_ID" >> ${PWD}/.env &&
echo "AWS_SECRET_ACCESS_KEY=$AWS_SECRET_ACCESS_KEY" >> ${PWD}/.env &&
echo "AWS_SESSION_TOKEN=$AWS_SESSION_TOKEN" >> ${PWD}/.env &&
echo "STATE_MANAGEMENT_BASE64=${{ secrets.STATE_MANAGEMENT_BASE64 }}" >> ${PWD}/.env &&
echo "CREDENTIALS_BASE64=${{ secrets.CREDENTIALS_BASE64 }}" >> ${PWD}/.env
- name: TERRAFORM APPLY (YOUR DOMAINS AT THE BOTTOM)
run: ./ci.sh apply