Skip to content

transition from serverless framework to terraform #14

transition from serverless framework to terraform

transition from serverless framework to terraform #14

Workflow file for this run

name: deploy-probot-terraform
on:
pull_request:
workflow_dispatch:
push:
branches:
- "pull-request/[0-9]+"
- "main"
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
permissions:
id-token: write
contents: read
jobs:
deploy:
name: Deploy Probot Application
runs-on: ubuntu-latest
steps:
- name: Get AWS credentials
uses: aws-actions/configure-aws-credentials@v3
with:
role-to-assume: ${{ vars.SERVERLESS_AWS_ROLE_ARN }}
aws-region: ${{ vars.AWS_REGION }}
- name: Checkout code
uses: actions/checkout@v4
- name: Setup Node.js
uses: actions/setup-node@v4
with:
node-version: '18'
- name: Install npm dependencies
run: npm ci
- name: Test Probot
run: npm run test
- name: Build Probot
run: npm run build
- name: Set deployment version
if: github.ref == 'refs/heads/main'
run: |
echo "DEPLOY_VERSION=$(date +%Y%m%d-%H%M%S)-$(git rev-parse --short HEAD)" >> $GITHUB_ENV
- name: Package Lambda functions
run: |
cd dist
zip -r ../probot-${{ env.DEPLOY_VERSION }}.zip .
cd ..
zip -r authorizer-${{ env.DEPLOY_VERSION }}.zip dist/authorizer.js
- name: Copy release draft template
run: cp src/plugins/ReleaseDrafter/draft_template.njk dist/plugins/ReleaseDrafter
- name: Upload to S3
if: github.ref == 'refs/heads/main'
run: |
aws s3 cp probot-${{ env.DEPLOY_VERSION }}.zip s3://rapidsai-serverless-deployments/serverless/ops-bot/prod/
aws s3 cp authorizer-${{ env.DEPLOY_VERSION }}.zip s3://rapidsai-serverless-deployments/serverless/ops-bot/prod/
- name: Setup Terraform
uses: hashicorp/setup-terraform@v3
with:
terraform_version: "1.9.2"
- name: Terraform Format Check
working-directory: terraform
run: terraform fmt -check
- name: Terraform Init
working-directory: terraform
run: terraform init
- name: Terraform Validate
working-directory: terraform
run: terraform validate
- name: Terraform Plan
working-directory: terraform
run: |
terraform plan -out=tfplan -var="deployment_version=${{ env.DEPLOY_VERSION }}"
terraform show -no-color tfplan > plan.txt
PLAN_ENCODED=$(base64 -w 0 plan.txt)
echo "PLAN_ENCODED=$PLAN_ENCODED" >> $GITHUB_ENV
env:
TF_VAR_app_id: ${{ secrets.APP_ID }}
TF_VAR_webhook_secret: ${{ secrets.WEBHOOK_SECRET }}
TF_VAR_private_key: ${{ secrets.PRIVATE_KEY }}
TF_VAR_gputester_pat: ${{ secrets.GPUTESTER_PAT }}
- name: Update PR with Plan
if: github.event_name == 'pull_request'
uses: actions/github-script@v7
with:
github-token: ${{ secrets.JAWE_PAT }}
script: |
const planDecoded = Buffer.from(process.env.PLAN_ENCODED, 'base64').toString('utf-8');
const output = `#### Terraform Plan 📝
<details>
<summary>Show Plan</summary>
\`\`\`hcl
${planDecoded}
\`\`\`
</details>
`;
github.rest.issues.createComment({
issue_number: context.issue.number,
owner: context.repo.owner,
repo: context.repo.repo,
body: output
})
- name: Terraform Plan Status
if: steps.plan.outcome == 'failure'
run: exit 1
- name: Terraform Apply
if: github.ref == 'refs/heads/main' && github.event_name != 'pull_request'
working-directory: terraform
run: terraform apply -auto-approve tfplan