Migrate to Terraform (#86) #224
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: CI | |
# Controls when the action will run. Triggers the workflow on push or pull request | |
# events but only for the master branch | |
on: | |
push: | |
branches: | |
- "serverless" | |
workflow_dispatch: | |
permissions: | |
id-token: write # This is required for requesting the JWT | |
contents: read # This is required for actions/checkout | |
jobs: | |
# Run unit tests, flake8 and safety checks | |
test: | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v2 | |
with: | |
ref: serverless | |
# Check out the schema repo to package up the JSON schema with lambda function | |
- name: Checkout schema repo | |
uses: actions/checkout@v2 | |
with: | |
repository: materials-data-facility/data-schemas | |
ref: automate | |
path: schemas | |
- name: Set up Python | |
uses: actions/setup-python@v2 | |
with: | |
python-version: '3.10' | |
- name: Install dependencies | |
run: | | |
python -m pip install --upgrade pip wheel | |
pip install -r aws/requirements.txt | |
pip install boto3 | |
# Avoid vulnerable setuptools pulled in by one of our dependencies | |
pip install --upgrade setuptools | |
pip list | |
- name: Check for vulnerabilities in libraries | |
run: | | |
pip install safety | |
pip freeze | safety check | |
- name: Test with pytest | |
run: | | |
pip install -r aws/tests/requirements-test.txt | |
pip list | |
PYTHONPATH=aws/ python -m pytest aws/tests | |
# Build docker images for each of the lambda functions and publish to docker hub | |
publish: | |
strategy: | |
fail-fast: false | |
matrix: | |
# Loop over each lambda function | |
lambda: ["auth", "submit", "status"] | |
needs: test | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v2 | |
with: | |
ref: serverless | |
# Check out the schema repo to package up the JSON schemae with function | |
- name: Checkout schema repo | |
uses: actions/checkout@v2 | |
with: | |
repository: materials-data-facility/data-schemas | |
ref: automate | |
path: aws/schemas | |
- name: Configure AWS credentials | |
uses: aws-actions/configure-aws-credentials@v4 | |
with: | |
role-to-assume: arn:aws:iam::557062710055:role/MDF-ConnectGithubActionsRole | |
role-session-name: mdfconnect-backend-deployer | |
aws-region: us-east-1 | |
- name: Login to Amazon ECR | |
id: login-ecr | |
uses: aws-actions/[email protected] | |
- name: Set up QEMU | |
uses: docker/[email protected] | |
- name: Set up Docker Buildx | |
uses: docker/[email protected] | |
- name: Build and push | |
uses: docker/build-push-action@v5 | |
with: | |
context: ./aws | |
platforms: linux/amd64 | |
provenance: false | |
push: true | |
tags: ${{ steps.login-ecr.outputs.registry }}/mdf-lambdas/${{ matrix.lambda }}:test | |
file: ./aws/Dockerfile | |
build-args: LAMBDA_SCRIPT=${{ matrix.lambda }} |