-
Notifications
You must be signed in to change notification settings - Fork 478
47 lines (43 loc) · 1.63 KB
/
aws-ci.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
name: AWS CI
on:
workflow_dispatch:
pull_request:
branches:
- main
- dev
- 'feature/**'
permissions:
id-token: write
jobs:
run-ci:
runs-on: ubuntu-latest
steps:
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502 #v4
with:
role-to-assume: ${{ secrets.CI_MAIN_TESTING_ACCOUNT_ROLE_ARN }}
role-duration-seconds: 7200
aws-region: us-west-2
- name: Invoke Load Balancer Lambda
id: lambda
shell: pwsh
run: |
aws lambda invoke response.json --function-name "${{ secrets.CI_TESTING_LOAD_BALANCER_LAMBDA_NAME }}" --cli-binary-format raw-in-base64-out --payload '{"Roles": "${{ secrets.CI_TEST_RUNNER_ACCOUNT_ROLES }}", "ProjectName": "${{ secrets.CI_TESTING_CODE_BUILD_PROJECT_NAME }}", "Branch": "${{ github.sha }}"}'
$roleArn=$(cat ./response.json)
"roleArn=$($roleArn -replace '"', '')" >> $env:GITHUB_OUTPUT
- name: Configure Test Runner Credentials
uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502 #v4
with:
role-to-assume: ${{ steps.lambda.outputs.roleArn }}
role-duration-seconds: 7200
aws-region: us-west-2
- name: Run Tests on AWS
id: codebuild
uses: aws-actions/aws-codebuild-run-build@v1
with:
project-name: ${{ secrets.CI_TESTING_CODE_BUILD_PROJECT_NAME }}
- name: CodeBuild Link
shell: pwsh
run: |
$buildId = "${{ steps.codebuild.outputs.aws-build-id }}"
echo $buildId