fix(lambda): adding in lambda deployments

Pocket · Aug 16, 2024 · 7c68443 · 7c68443
1 parent e7dfec2
commit 7c68443
Show file tree

Hide file tree

Showing 4 changed files with 100 additions and 8 deletions.
diff --git a/.github/actions/ecs-codedeploy/test b/.github/actions/ecs-codedeploy/test
diff --git a/.github/actions/lambda-codedeploy/action.yml b/.github/actions/lambda-codedeploy/action.yml
@@ -0,0 +1,67 @@
+name: 'Re-usable Lambda Codedeploy Flow'
+description: 'Used to code deploy a lambda'
+inputs:
+  codedeploy-app-name:
+    description: CodeDeploy app name
+    required: true
+  codedeploy-group-name:
+    description: CodeDeploy group name
+    required: true
+  function-name:
+    description: The name of the Lambda Function to deploy to
+    required: true
+  s3-bucket:
+    description: The name of the bucket to deploy from
+    required: true
+  s3-key:
+    description: The name of the s3 key that contains the code to deploy
+    default: ""
+    required: false
+  function-alias:
+    description: The name of the lambda alias to use
+    required: false
+    default: DEPLOYED
+
+runs:
+  using: 'composite'
+  steps:  
+    - name: Codedeploy AWS Lambda
+      shell: bash
+      run: |
+        aws lambda wait function-updated --function-name '${{ inputs.function-name }}'
+
+        s3Key="${{ inputs.s3-key }}"
+        if [[ -z $s3Key ]]; then
+            s3Key="${{ github.sha }}.zip"
+        fi
+
+        aws lambda update-function-code \
+            --function-name '${{ inputs.function-name }}' \
+            --s3-bucket '${{ inputs.s3-bucket }}' \
+            --s3-key "$s3Key"
+
+        aws lambda wait function-updated --function-name '${{ inputs.function-name }}'
+
+        NEW_ENVVARS=$(aws lambda get-function-configuration --function-name '${{ inputs.function-name }}' --query "Environment.Variables | merge(@, \`{\"GIT_SHA\":\"${{ github.sha }}\"}\`)")
+        aws lambda update-function-configuration --function-name '${{ inputs.function-name }}' --environment "{ \"Variables\": $NEW_ENVVARS }"
+        aws lambda wait function-updated --function-name '${{ inputs.function-name }}'
+
+        versionId=$(aws lambda publish-version \
+            --function-name '${{ inputs.function-name }}' | jq -r .Version)
+
+        currentVersion=$(aws lambda get-alias \
+            --function-name '${{ inputs.function-name }}' \
+            --name DEPLOYED | jq -r .FunctionVersion)
+
+        app_spec_content_string="{'version':0.0,'Resources':[{'${{ inputs.function-name }}':{'Type':'AWS::Lambda::Function','Properties':{'Name':'${{ inputs.function-name }}','Alias':'${{ inputs.function-alias }}','TargetVersion':'$versionId', 'CurrentVersion': '$currentVersion'}}}]}"
+        echo "$app_spec_content_string"
+        app_spec_content_sha256=$(echo -n "$app_spec_content_string" | shasum -a 256 | sed 's/ .*$//')
+        revision="revisionType=AppSpecContent,appSpecContent={content=\"$app_spec_content_string\",sha256=$app_spec_content_sha256}"
+
+        aws lambda wait function-updated --function-name '${{ inputs.function-name }}'
+
+        aws deploy create-deployment \
+          --application-name="${{ inputs.codedeploy-app-name }}" \
+          --deployment-group-name="${{ inputs.codedeploy-group-name }}" \
+          --description="Triggered build ${{ github.sha }} from Github Actions" \
+          --revision="$revision"
diff --git a/.github/workflows/account-data-deleter.yml b/.github/workflows/account-data-deleter.yml
@@ -25,9 +25,7 @@ jobs:
     # Use our re-usable test integrations workflow which will use our docker compose file
     uses: ./.github/workflows/reuse-test-integrations.yml
     with:
-      # Only run the tests for our service
       scope: account-data-deleter
-    # Ensure the re-usable workflow is allowed to access the secrets
     secrets: inherit
 
   # It's infrastructure time, run the infrastructure update commands
@@ -36,7 +34,6 @@ jobs:
     with:
       scope: account-data-deleter-cdk
       stack-output-path: infrastructure/account-data-deleter/cdktf.out/stacks/account-data-deleter
-    # Ensure the re-usable workflow is allowed to access the secrets
     secrets: inherit
 
   # Let's try building and conidtionally pushing our docker image to the necessary account.
@@ -50,7 +47,6 @@ jobs:
       sentry-project: account-data-deleter
       docker-repo-name-pattern: accountdatadeleter-{0}-app
       terraform-output: ${{needs.infrastructure.outputs.terraform-output}}
-    # Ensure the re-usable workflow is allowed to access the secrets
     secrets: inherit
 
   events-lambda:
@@ -60,7 +56,9 @@ jobs:
       scope: account-data-deleter-events
       sentry-project: account-data-deleter
       s3-bucket-pattern: pocket-accountdatadeleter-{0}-sqs-event-consumer
-    # Ensure the re-usable workflow is allowed to access the secrets
+      codedeploy-app-name-pattern: AccountDataDeleter-{0}-Sqs-Event-Consumer-Lambda
+      codedeploy-group-name-pattern: AccountDataDeleter-{0}-Sqs-Event-Consumer-Lambda
+      function-name-pattern: AccountDataDeleter-{0}-Sqs-Event-Consumer-Function
     secrets: inherit
 
   batch-delete-lambda:
@@ -70,5 +68,7 @@ jobs:
       scope: account-data-deleter-batch-delete
       sentry-project: account-data-deleter
       s3-bucket-pattern: pocket-accountdatadeleter-{0}-batchdeletelambda
-    # Ensure the re-usable workflow is allowed to access the secrets
+      codedeploy-app-name-pattern: AccountDataDeleter-{0}-BatchDeleteLambda-Lambda
+      codedeploy-group-name-pattern: AccountDataDeleter-{0}-BatchDeleteLambda-Lambda
+      function-name-pattern: AccountDataDeleter-{0}-BatchDeleteLambda-Function
     secrets: inherit
diff --git a/.github/workflows/reuse-build-and-push-lambda.yml b/.github/workflows/reuse-build-and-push-lambda.yml
@@ -10,6 +10,18 @@ on:
         description: 'Lambda S3 bucket pattern to use. {0} will be replaced with either dev or prod'
         required: true
         type: string
+      codedeploy-app-name-pattern:
+        description: CodeDeploy app name pattern to use. {0} will be replaced with either Dev or Prod'
+        required: true
+        type: string
+      codedeploy-group-name-pattern:
+        description: CodeDeploy group name pattern to use. {0} will be replaced with either Dev or Prod'
+        required: true
+        type: string
+      function-name-pattern:
+        description: The name pattern of the Lambda Function to deploy t. {0} will be replaced with either Dev or Prod'
+        required: true
+        type: string
       sentry-org:
         description: 'The org name used in sentry. Used to upload source maps'
         required: false
@@ -63,7 +75,13 @@ jobs:
             sentry-token: ${{secrets.SENTRY_BEARER}}
             scope: ${{inputs['scope']}}
             s3-bucket: ${{ format(inputs.s3-bucket-pattern, 'dev') }}
-
+        - name: CodeDeploy Lambda
+          uses: ./.github/actions/lambda-codedeploy
+          with:
+            s3-bucket: ${{ format(inputs.s3-bucket-pattern, 'dev') }}
+            codedeploy-app-name: ${{ format(inputs.codedeploy-app-name-pattern, 'Dev') }}
+            codedeploy-group-name: ${{ format(inputs.codedeploy-group-name-pattern, 'Dev') }}
+            function-name: ${{ format(inputs.function-name-pattern, 'Dev') }}
 
     production:
       if: github.ref == 'refs/heads/main'
@@ -84,4 +102,11 @@ jobs:
             sentry-org: ${{inputs['sentry-org']}}
             sentry-token: ${{secrets.SENTRY_BEARER}}
             scope: ${{inputs['scope']}}
-            s3-bucket: ${{ format(inputs.s3-bucket-pattern, 'prod') }}
+            s3-bucket: ${{ format(inputs.s3-bucket-pattern, 'prod') }}
+        - name: CodeDeploy Lambda
+          uses: ./.github/actions/lambda-codedeploy
+          with:
+            s3-bucket: ${{ format(inputs.s3-bucket-pattern, 'prod') }}
+            codedeploy-app-name: ${{ format(inputs.codedeploy-app-name-pattern, 'Prod') }}
+            codedeploy-group-name: ${{ format(inputs.codedeploy-group-name-pattern, 'Prod') }}
+            function-name: ${{ format(inputs.function-name-pattern, 'Prod') }}