Create Dev Environment #14
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: "Create Dev Environment" | |
| on: | |
| workflow_dispatch: | |
| defaults: | |
| run: | |
| shell: bash | |
| env: | |
| AWS_REGION: ca-central-1 | |
| OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }} | |
| WORKFLOW: true | |
| permissions: | |
| id-token: write | |
| contents: write | |
| pull-requests: write | |
| jobs: | |
| terragrunt-apply-common: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 | |
| - uses: ./.github/actions/setup-terraform | |
| with: | |
| role_to_assume: arn:aws:iam::800095993820:role/notification-terraform-apply | |
| role_session_name: NotifyTerraformDevAppply | |
| - name: Install 1Pass CLI | |
| run: | | |
| curl -o 1pass.deb https://downloads.1password.com/linux/debian/amd64/stable/1password-cli-amd64-latest.deb | |
| sudo dpkg -i 1pass.deb | |
| - name: terragrunt apply common | |
| run: | | |
| op read op://4eyyuwddp6w4vxlabrr2i2duxm/"TFVars - Dev"/notesPlain > /var/tmp/dev.tfvars | |
| cd env/dev/common | |
| terragrunt apply --var-file /var/tmp/dev.tfvars --terragrunt-non-interactive -auto-approve | |
| terragrunt-apply-ecr: | |
| if: | | |
| always() && | |
| !contains(needs.*.result, 'failure') && | |
| !contains(needs.*.result, 'cancelled') | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 | |
| - name: Configure credentials to CDS public ECR using OIDC | |
| uses: aws-actions/configure-aws-credentials@master | |
| with: | |
| role-to-assume: arn:aws:iam::800095993820:role/notification-api-apply | |
| role-session-name: NotifyApiGitHubActions | |
| aws-region: "us-east-1" | |
| - name: Install ECR Credential Helper | |
| run: | | |
| sudo apt update && sudo apt install -y amazon-ecr-credential-helper | |
| - name: Login to Amazon ECR | |
| id: login-ecr | |
| run: | | |
| # Get the ECR login password and use it to log in to the ECR registry | |
| result=$(aws ecr get-login-password --region ca-central-1 | docker --config ${GITHUB_WORKSPACE}/${GITHUB_RUN_ID} login --username AWS --password-stdin 800095993820.dkr.ecr.ca-central-1.amazonaws.com) | |
| # Print the login result for debugging | |
| echo "Login Result: $result" | |
| echo $AWS_PROFILE | |
| - name: setup-terraform | |
| uses: ./.github/actions/setup-terraform | |
| with: | |
| role_to_assume: arn:aws:iam::800095993820:role/notification-terraform-apply | |
| role_session_name: NotifyTerraformDevAppply | |
| - name: Install 1Pass CLI | |
| run: | | |
| curl -o 1pass.deb https://downloads.1password.com/linux/debian/amd64/stable/1password-cli-amd64-latest.deb | |
| sudo dpkg -i 1pass.deb | |
| - name: terragrunt apply ECR | |
| run: | | |
| cd /var/tmp/notification-admin/ | |
| docker build -t 800095993820.dkr.ecr.ca-central-1.amazonaws.com/admin:bootstrap -f /var/tmp/notification-admin/ci/Dockerfile.lambda . | |
| docker push 800095993820.dkr.ecr.ca-central-1.amazonaws.com/admin:bootstrap |