|
1 | | -name: Deploy CFN on PR |
| 1 | +name: Validate and Deploy Python CDK |
2 | 2 |
|
3 | 3 | permissions: |
4 | 4 | id-token: write |
5 | 5 | contents: read |
6 | | - |
| 6 | + |
7 | 7 | on: |
8 | 8 | pull_request: |
9 | 9 | types: [opened, synchronize, reopened] |
10 | 10 |
|
11 | 11 | jobs: |
12 | | - deploy-cloudformation: |
| 12 | + deploy: |
13 | 13 | runs-on: ubuntu-latest |
| 14 | + |
14 | 15 | steps: |
15 | | - - name: Checkout repo |
| 16 | + - name: Checkout PR branch |
16 | 17 | uses: actions/checkout@v4 |
| 18 | + with: |
| 19 | + ref: ${{ github.head_ref }} |
| 20 | + |
| 21 | + - name: Set up Python |
| 22 | + uses: actions/setup-python@v5 |
| 23 | + with: |
| 24 | + python-version: '3.11' |
| 25 | + |
| 26 | + - name: Install AWS CDK CLI |
| 27 | + run: npm install -g aws-cdk |
17 | 28 |
|
18 | 29 | - name: Configure AWS credentials (OIDC) |
19 | 30 | uses: aws-actions/configure-aws-credentials@v4 |
20 | 31 | with: |
21 | 32 | role-to-assume: arn:aws:iam::${{ secrets.AWS_ACCOUNT_ID }}:role/Github |
22 | 33 | aws-region: us-east-1 |
23 | 34 |
|
24 | | - - name: Deploy dummy CloudFormation stack |
| 35 | + - name: Set up Python virtual environment |
| 36 | + run: python -m venv .venv |
| 37 | + |
| 38 | + - name: Install dependencies |
| 39 | + run: | |
| 40 | + source .venv/bin/activate |
| 41 | + pip install --upgrade pip |
| 42 | + pip install -r requirements.txt |
| 43 | +
|
| 44 | + - name: CDK synth |
| 45 | + run: | |
| 46 | + source .venv/bin/activate |
| 47 | + cdk synth |
| 48 | +
|
| 49 | + - name: CDK deploy |
25 | 50 | run: | |
26 | | - echo " |
27 | | - Resources: |
28 | | - DummyBucket: |
29 | | - Type: AWS::S3::Bucket |
30 | | - " > dummy-template.yaml |
31 | | - aws cloudformation deploy \ |
32 | | - --template-file dummy-template.yaml \ |
33 | | - --stack-name dummy-github-action-stack \ |
34 | | - --capabilities CAPABILITY_NAMED_IAM |
| 51 | + source .venv/bin/activate |
| 52 | + cdk deploy --all --require-approval=never |
0 commit comments