From 645787e1177858a62e461295366c1f5aeeed0e9b Mon Sep 17 00:00:00 2001 From: Phil Asmar Date: Mon, 6 May 2024 15:23:22 -0400 Subject: [PATCH] ci: Add AWS CI workflow for running unit and integ tests --- .github/workflows/aws-ci.yml | 46 ++++++++++++++++++++++++++++++++++++ 1 file changed, 46 insertions(+) create mode 100644 .github/workflows/aws-ci.yml diff --git a/.github/workflows/aws-ci.yml b/.github/workflows/aws-ci.yml new file mode 100644 index 0000000..87f74a0 --- /dev/null +++ b/.github/workflows/aws-ci.yml @@ -0,0 +1,46 @@ +name: AWS CI + +on: + workflow_dispatch: + pull_request: + branches: + - main + - dev + - 'feature/**' + +permissions: + id-token: write + +jobs: + run-ci: + runs-on: ubuntu-latest + steps: + - name: Configure AWS Credentials + uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502 #v4 + with: + role-to-assume: ${{ secrets.CI_MAIN_TESTING_ACCOUNT_ROLE_ARN }} + role-duration-seconds: 7200 + aws-region: us-west-2 + - name: Invoke Load Balancer Lambda + id: lambda + shell: pwsh + run: | + aws lambda invoke response.json --function-name "${{ secrets.CI_TESTING_LOAD_BALANCER_LAMBDA_NAME }}" --cli-binary-format raw-in-base64-out --payload '{"Roles": "${{ secrets.CI_TEST_RUNNER_ACCOUNT_ROLES }}", "ProjectName": "${{ secrets.CI_TESTING_CODE_BUILD_PROJECT_NAME }}", "Branch": "${{ github.sha }}"}' + $roleArn=$(cat ./response.json) + "roleArn=$($roleArn -replace '"', '')" >> $env:GITHUB_OUTPUT + - name: Configure Test Runner Credentials + uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502 #v4 + with: + role-to-assume: ${{ steps.lambda.outputs.roleArn }} + role-duration-seconds: 7200 + aws-region: us-west-2 + - name: Run Tests on AWS + id: codebuild + uses: aws-actions/aws-codebuild-run-build@v1 + with: + project-name: ${{ secrets.CI_TESTING_CODE_BUILD_PROJECT_NAME }} + - name: CodeBuild Link + shell: pwsh + run: | + $buildId = "${{ steps.codebuild.outputs.aws-build-id }}" + echo $buildId \ No newline at end of file