-
Notifications
You must be signed in to change notification settings - Fork 0
57 lines (45 loc) · 1.31 KB
/
deploy.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
name: Deployment
on:
workflow_dispatch:
inputs:
ref:
description: "Version to deploy"
required: true
permissions:
id-token: write
contents: write
env:
STACK_NAME: ${{ vars.STACK_NAME }}
AWS_REGION: ${{ vars.AWS_REGION }}
FORCE_COLOR: 3
JSII_SILENCE_WARNING_UNTESTED_NODE_VERSION: 1
API_DOMAIN_NAME: ${{ vars.API_DOMAIN_NAME }}
API_DOMAIN_ROUTE_53_ROLE_ARN: ${{ secrets.API_DOMAIN_ROUTE_53_ROLE_ARN }}
jobs:
deploy:
runs-on: ubuntu-24.04
environment: production
steps:
- uses: actions/checkout@v4
with:
ref: ${{ github.event.inputs.ref }}
- name: Determine released version
id: version
run: |
git fetch --tags
VERSION=`git describe --abbrev=0 --tags --always | tr -d '\n'`
echo "VERSION=$VERSION" >> $GITHUB_ENV
- uses: actions/setup-node@v4
with:
node-version: "22.x"
cache: "npm"
- name: Install dependencies
run: npm ci --no-audit
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: ${{ secrets.AWS_ROLE }}
aws-region: ${{ vars.AWS_REGION }}
- run: npx cdk diff
- name: Deploy solution stack
run: npx cdk deploy --require-approval never