feat(lambda): convert to swift #42
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Deploy staging | |
| on: | |
| workflow_dispatch: | |
| pull_request: | |
| types: [opened, synchronize, edited, reopened] | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.ref }} | |
| cancel-in-progress: true | |
| env: | |
| TF_VAR_env: staging | |
| TF_VAR_root_domain: lhowsam.com | |
| TF_VAR_sub_domain: nowplaying.lhowsam.com | |
| TF_VAR_private_key: ${{ secrets.STAGING_PRIVATE_KEY }} | |
| TF_VAR_certificate_body: ${{ secrets.STAGING_CERTIFICATE_BODY }} | |
| TF_VAR_certificate_chain: ${{ secrets.LIVE_CERTIFICATE_CHAIN }} | |
| TF_VAR_deployed_by: ${{ github.actor }} | |
| TF_VAR_git_sha: ${{ github.sha }} | |
| TURBO_TOKEN: ${{ secrets.TURBO_TOKEN }} | |
| TURBO_TEAM: luke-h1-project | |
| LOG_LEVEL: 'info' | |
| permissions: write-all | |
| jobs: | |
| deploy: | |
| name: Deploy to staging | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| ref: ${{ github.head_ref }} | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Load secrets | |
| id: load_secrets | |
| uses: 1password/load-secrets-action@v3 | |
| with: | |
| export-env: false | |
| env: | |
| OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }} | |
| SPOTIFY_CLIENT_ID: op://ci-cd/lho-lambda/SPOTIFY_CLIENT_ID | |
| SPOTIFY_CLIENT_SECRET: op://ci-cd/lho-lambda/SPOTIFY_CLIENT_SECRET | |
| SPOTIFY_REFRESH_TOKEN: op://ci-cd/lho-lambda/SPOTIFY_REFRESH_TOKEN | |
| API_KEY: op://ci-cd/lho-lambda/API_KEY | |
| - name: Set Terraform variables | |
| run: | | |
| echo "TF_VAR_spotify_client_id=${{ steps.load_secrets.outputs.SPOTIFY_CLIENT_ID }}" >> $GITHUB_ENV | |
| echo "TF_VAR_spotify_client_secret=${{ steps.load_secrets.outputs.SPOTIFY_CLIENT_SECRET }}" >> $GITHUB_ENV | |
| echo "TF_VAR_spotify_refresh_token=${{ steps.load_secrets.outputs.SPOTIFY_REFRESH_TOKEN }}" >> $GITHUB_ENV | |
| echo "TF_VAR_api_key=${{ steps.load_secrets.outputs.API_KEY }}" >> $GITHUB_ENV | |
| - name: Ensure rebased with main | |
| run: ./scripts/ensure-rebased.sh | |
| - name: Install | |
| uses: ./.github/actions/install | |
| - name: Validate | |
| uses: ./.github/actions/validate | |
| - name: Build Lambda functions | |
| run: ./scripts/build-lambda.sh | |
| - name: Package Lambda | |
| run: ./scripts/package-lambda.sh | |
| - name: Package Authorizer | |
| run: ./scripts/package-authorizer.sh | |
| - name: fetch latest commits | |
| run: git fetch && git pull | |
| - name: Deploy | |
| uses: ./.github/actions/deploy | |
| with: | |
| environment: staging | |
| aws-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| # - name: Get versions | |
| # id: lambda-version | |
| # run: | | |
| # echo "::set-output name=LAMBDA_VERSION::$(./scripts/version.sh get)" | |
| # echo "::set-output name=AUTHORIZER_VERSION::$(./scripts/version.sh get)" | |
| - uses: actions/github-script@v7 | |
| with: | |
| script: | | |
| github.rest.issues.createComment({ | |
| issue_number: context.issue.number, | |
| owner: context.repo.owner, | |
| repo: context.repo.repo, | |
| body: '* [Lambda version](https://nowplaying-${{env.TF_VAR_env}}.lhowsam.com) - `${{ steps.lambda-version.outputs.LAMBDA_VERSION }}`\n* [Authorizer version](https://nowplaying-${{env.TF_VAR_env}}.lhowsam.com) - `${{ steps.lambda-version.outputs.AUTHORIZER_VERSION }}`' | |
| }) |