Merge pull request #40 from RockefellerArchiveCenter/development #6
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Deploy | |
| on: | |
| push: | |
| branches: | |
| - base | |
| jobs: | |
| deploy: | |
| runs-on: ubuntu-latest | |
| environment: | |
| name: ${{ github.ref_name }} | |
| env: | |
| LAMBDA_NAME: digitization_tasks | |
| LAMBDA_HANDLER_CODE: src/handle_new_digitization_transactions.py | |
| BASENAME: handle_new_digitization_transactions.py | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Configure Python | |
| uses: actions/setup-python@v5 | |
| with: | |
| python-version: '3.11' | |
| - name: Export secrets to environment variables | |
| uses: oNaiPs/[email protected] | |
| with: | |
| secrets: ${{ toJSON(secrets) }} | |
| - name: Install requirements | |
| run: | | |
| mkdir package | |
| python -m pip install --upgrade pip | |
| pip install -r requirements.txt --target ./package | |
| cd package | |
| zip -r ../${LAMBDA_NAME}.zip . | |
| cd .. | |
| - name: Make zip file | |
| run: | | |
| cp ${{ env.LAMBDA_HANDLER_CODE }} ${{ env.BASENAME }} | |
| zip ${{ env.LAMBDA_NAME }}.zip ${{ env.BASENAME }} | |
| - name: Configure AWS Credentials | |
| uses: aws-actions/[email protected] | |
| with: | |
| aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY }} | |
| aws-secret-access-key: ${{ secrets.AWS_SECRET_KEY }} | |
| aws-region: ${{ secrets.AWS_REGION }} | |
| role-to-assume: ${{ secrets.AWS_DEPLOY_ROLE }} | |
| role-skip-session-tagging: true | |
| role-duration-seconds: 900 | |
| - name: Upload file to S3 | |
| run: aws s3 cp $LAMBDA_NAME.zip s3://$LAMBDA_BUCKET_NAME/$LAMBDA_NAME.zip | |
| - name: Upload file to CloudFormation S3 | |
| run: aws s3 cp digitization_tasks_template.yaml s3://$AWS_CLOUDFORMATION_BUCKET_NAME/$LAMBDA_NAME/ | |
| - name: Deploy lambda package | |
| run: aws lambda update-function-code | |
| --function-name arn:aws:lambda:$AWS_REGION:${{ secrets.AWS_ACCOUNT_ID }}:function:$LAMBDA_NAME | |
| --zip-file fileb://$LAMBDA_NAME.zip |