From 7c6844327156a842e29203651f380f6a9ab8e3e3 Mon Sep 17 00:00:00 2001 From: Daniel Brooks Date: Fri, 16 Aug 2024 08:33:54 -0700 Subject: [PATCH] fix(lambda): adding in lambda deployments --- .github/actions/ecs-codedeploy/test | 0 .github/actions/lambda-codedeploy/action.yml | 67 +++++++++++++++++++ .github/workflows/account-data-deleter.yml | 12 ++-- .../workflows/reuse-build-and-push-lambda.yml | 29 +++++++- 4 files changed, 100 insertions(+), 8 deletions(-) delete mode 100644 .github/actions/ecs-codedeploy/test create mode 100644 .github/actions/lambda-codedeploy/action.yml diff --git a/.github/actions/ecs-codedeploy/test b/.github/actions/ecs-codedeploy/test deleted file mode 100644 index e69de29bb..000000000 diff --git a/.github/actions/lambda-codedeploy/action.yml b/.github/actions/lambda-codedeploy/action.yml new file mode 100644 index 000000000..503ece99e --- /dev/null +++ b/.github/actions/lambda-codedeploy/action.yml @@ -0,0 +1,67 @@ +name: 'Re-usable Lambda Codedeploy Flow' +description: 'Used to code deploy a lambda' +inputs: + codedeploy-app-name: + description: CodeDeploy app name + required: true + codedeploy-group-name: + description: CodeDeploy group name + required: true + function-name: + description: The name of the Lambda Function to deploy to + required: true + s3-bucket: + description: The name of the bucket to deploy from + required: true + s3-key: + description: The name of the s3 key that contains the code to deploy + default: "" + required: false + function-alias: + description: The name of the lambda alias to use + required: false + default: DEPLOYED + +runs: + using: 'composite' + steps: + - name: Codedeploy AWS Lambda + shell: bash + run: | + aws lambda wait function-updated --function-name '${{ inputs.function-name }}' + + s3Key="${{ inputs.s3-key }}" + if [[ -z $s3Key ]]; then + s3Key="${{ github.sha }}.zip" + fi + + aws lambda update-function-code \ + --function-name '${{ inputs.function-name }}' \ + --s3-bucket '${{ inputs.s3-bucket }}' \ + --s3-key "$s3Key" + + aws lambda wait function-updated --function-name '${{ inputs.function-name }}' + + NEW_ENVVARS=$(aws lambda get-function-configuration --function-name '${{ inputs.function-name }}' --query "Environment.Variables | merge(@, \`{\"GIT_SHA\":\"${{ github.sha }}\"}\`)") + aws lambda update-function-configuration --function-name '${{ inputs.function-name }}' --environment "{ \"Variables\": $NEW_ENVVARS }" + aws lambda wait function-updated --function-name '${{ inputs.function-name }}' + + versionId=$(aws lambda publish-version \ + --function-name '${{ inputs.function-name }}' | jq -r .Version) + + currentVersion=$(aws lambda get-alias \ + --function-name '${{ inputs.function-name }}' \ + --name DEPLOYED | jq -r .FunctionVersion) + + app_spec_content_string="{'version':0.0,'Resources':[{'${{ inputs.function-name }}':{'Type':'AWS::Lambda::Function','Properties':{'Name':'${{ inputs.function-name }}','Alias':'${{ inputs.function-alias }}','TargetVersion':'$versionId', 'CurrentVersion': '$currentVersion'}}}]}" + echo "$app_spec_content_string" + app_spec_content_sha256=$(echo -n "$app_spec_content_string" | shasum -a 256 | sed 's/ .*$//') + revision="revisionType=AppSpecContent,appSpecContent={content=\"$app_spec_content_string\",sha256=$app_spec_content_sha256}" + + aws lambda wait function-updated --function-name '${{ inputs.function-name }}' + + aws deploy create-deployment \ + --application-name="${{ inputs.codedeploy-app-name }}" \ + --deployment-group-name="${{ inputs.codedeploy-group-name }}" \ + --description="Triggered build ${{ github.sha }} from Github Actions" \ + --revision="$revision" \ No newline at end of file diff --git a/.github/workflows/account-data-deleter.yml b/.github/workflows/account-data-deleter.yml index 662290b5d..2baa8426e 100644 --- a/.github/workflows/account-data-deleter.yml +++ b/.github/workflows/account-data-deleter.yml @@ -25,9 +25,7 @@ jobs: # Use our re-usable test integrations workflow which will use our docker compose file uses: ./.github/workflows/reuse-test-integrations.yml with: - # Only run the tests for our service scope: account-data-deleter - # Ensure the re-usable workflow is allowed to access the secrets secrets: inherit # It's infrastructure time, run the infrastructure update commands @@ -36,7 +34,6 @@ jobs: with: scope: account-data-deleter-cdk stack-output-path: infrastructure/account-data-deleter/cdktf.out/stacks/account-data-deleter - # Ensure the re-usable workflow is allowed to access the secrets secrets: inherit # Let's try building and conidtionally pushing our docker image to the necessary account. @@ -50,7 +47,6 @@ jobs: sentry-project: account-data-deleter docker-repo-name-pattern: accountdatadeleter-{0}-app terraform-output: ${{needs.infrastructure.outputs.terraform-output}} - # Ensure the re-usable workflow is allowed to access the secrets secrets: inherit events-lambda: @@ -60,7 +56,9 @@ jobs: scope: account-data-deleter-events sentry-project: account-data-deleter s3-bucket-pattern: pocket-accountdatadeleter-{0}-sqs-event-consumer - # Ensure the re-usable workflow is allowed to access the secrets + codedeploy-app-name-pattern: AccountDataDeleter-{0}-Sqs-Event-Consumer-Lambda + codedeploy-group-name-pattern: AccountDataDeleter-{0}-Sqs-Event-Consumer-Lambda + function-name-pattern: AccountDataDeleter-{0}-Sqs-Event-Consumer-Function secrets: inherit batch-delete-lambda: @@ -70,5 +68,7 @@ jobs: scope: account-data-deleter-batch-delete sentry-project: account-data-deleter s3-bucket-pattern: pocket-accountdatadeleter-{0}-batchdeletelambda - # Ensure the re-usable workflow is allowed to access the secrets + codedeploy-app-name-pattern: AccountDataDeleter-{0}-BatchDeleteLambda-Lambda + codedeploy-group-name-pattern: AccountDataDeleter-{0}-BatchDeleteLambda-Lambda + function-name-pattern: AccountDataDeleter-{0}-BatchDeleteLambda-Function secrets: inherit diff --git a/.github/workflows/reuse-build-and-push-lambda.yml b/.github/workflows/reuse-build-and-push-lambda.yml index 800fbba30..41aa5003a 100644 --- a/.github/workflows/reuse-build-and-push-lambda.yml +++ b/.github/workflows/reuse-build-and-push-lambda.yml @@ -10,6 +10,18 @@ on: description: 'Lambda S3 bucket pattern to use. {0} will be replaced with either dev or prod' required: true type: string + codedeploy-app-name-pattern: + description: CodeDeploy app name pattern to use. {0} will be replaced with either Dev or Prod' + required: true + type: string + codedeploy-group-name-pattern: + description: CodeDeploy group name pattern to use. {0} will be replaced with either Dev or Prod' + required: true + type: string + function-name-pattern: + description: The name pattern of the Lambda Function to deploy t. {0} will be replaced with either Dev or Prod' + required: true + type: string sentry-org: description: 'The org name used in sentry. Used to upload source maps' required: false @@ -63,7 +75,13 @@ jobs: sentry-token: ${{secrets.SENTRY_BEARER}} scope: ${{inputs['scope']}} s3-bucket: ${{ format(inputs.s3-bucket-pattern, 'dev') }} - + - name: CodeDeploy Lambda + uses: ./.github/actions/lambda-codedeploy + with: + s3-bucket: ${{ format(inputs.s3-bucket-pattern, 'dev') }} + codedeploy-app-name: ${{ format(inputs.codedeploy-app-name-pattern, 'Dev') }} + codedeploy-group-name: ${{ format(inputs.codedeploy-group-name-pattern, 'Dev') }} + function-name: ${{ format(inputs.function-name-pattern, 'Dev') }} production: if: github.ref == 'refs/heads/main' @@ -84,4 +102,11 @@ jobs: sentry-org: ${{inputs['sentry-org']}} sentry-token: ${{secrets.SENTRY_BEARER}} scope: ${{inputs['scope']}} - s3-bucket: ${{ format(inputs.s3-bucket-pattern, 'prod') }} \ No newline at end of file + s3-bucket: ${{ format(inputs.s3-bucket-pattern, 'prod') }} + - name: CodeDeploy Lambda + uses: ./.github/actions/lambda-codedeploy + with: + s3-bucket: ${{ format(inputs.s3-bucket-pattern, 'prod') }} + codedeploy-app-name: ${{ format(inputs.codedeploy-app-name-pattern, 'Prod') }} + codedeploy-group-name: ${{ format(inputs.codedeploy-group-name-pattern, 'Prod') }} + function-name: ${{ format(inputs.function-name-pattern, 'Prod') }} \ No newline at end of file