Skip to content
Deploy to AWS

Deploy to AWS #12

Sign in to view logs

Deploy to AWS

Deploy to AWS #12

Workflow file for this run

.github/workflows/deploy.yml at 360ec58
name: Deploy to AWS
on:
workflow_dispatch:
inputs:
environment:
description: 'Environment to deploy to'
required: true
default: 'production'
type: choice
options:
- production
build_lambda:
description: 'Build fresh Lambda ZIP'
required: true
default: false
type: boolean
show_diff:
description: 'Show CDK diff before deployment'
required: true
default: true
type: boolean
artifact_name:
description: 'Lambda artifact name (leave empty for latest)'
required: false
default: ''
type: string
source_branch:
description: 'Branch to download artifact from'
required: false
default: 'master'
type: string
env:
AWS_REGION: eu-central-1
jobs:
deploy:
runs-on: ${{ inputs.build_lambda && 'ubuntu-24.04-arm' || 'ubuntu-latest' }}
environment: ${{ inputs.environment }}
permissions:
id-token: write # Required for OIDC authentication
contents: read # Required to checkout code
actions: read # Required to download artifacts
env:
NUGET_PACKAGES: ${{ format('{0}/.nuget/packages', github.workspace) }}
steps:
- uses: actions/checkout@v4
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: ${{ secrets.AWS_ROLE_ARN }}
role-session-name: github-actions-badge-smith-deploy
aws-region: ${{ env.AWS_REGION }}
- name: Setup .NET
uses: actions/setup-dotnet@v4
with:
dotnet-version: '9.0.x'
- name: Setup Node.js
uses: actions/setup-node@v4
with:
node-version: '22'
- name: "Cache NuGet packages"
uses: actions/cache@v4
with:
path: ${{ format('{0}/.nuget/packages', github.workspace) }}
key: nuget-${{ hashFiles('**/Directory.Packages.props') }}-${{ hashFiles('**/*.csproj') }}-${{ hashFiles('**/packages.lock.json') }}
restore-keys: |
nuget-
- name: Install AWS CDK
run: npm install -g aws-cdk
- name: Set up Docker Buildx
if: inputs.build_lambda
uses: docker/setup-buildx-action@v3
- name: Build Lambda ZIP for ARM64
if: inputs.build_lambda
run: |
./scripts/build-lambda.sh --target zip --rid linux-arm64 --clean --verbose
- name: Download Lambda artifact
if: ${{ !inputs.build_lambda }}
uses: dawidd6/action-download-artifact@v6
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
workflow: ci-cd.yml
branch: ${{ inputs.source_branch }}
name: ${{ inputs.artifact_name != '' && inputs.artifact_name || 'lambda-zip-latest' }}
path: artifacts/
- name: Restore .NET dependencies
run: dotnet restore
- name: Build CDK project
run: dotnet build build/BadgeSmith.CDK --configuration Release
- name: CDK synth
working-directory: build
run: cdk synth --all
- name: CDK diff
if: inputs.show_diff
working-directory: build
run: |
echo "🔍 CDK Diff - Infrastructure changes:"
cdk diff --all || true
continue-on-error: true
- name: CDK deploy
working-directory: build
run: |
echo "🚀 Deploying BadgeSmith to ${{ inputs.environment }}..."
cdk deploy --all --require-approval never
- name: Get deployment outputs
working-directory: build
run: |
echo "📋 Deployment outputs:"
cdk ls --long || true
- name: Health check
run: |
echo "🏥 Running health check..."
# Add health check logic here
# Example: curl -f $API_GATEWAY_URL/health
echo "✅ Health check passed"
- name: Deployment summary
run: |
echo "## 🎉 Deployment Complete!" >> $GITHUB_STEP_SUMMARY
echo "- **Environment**: ${{ inputs.environment }}" >> $GITHUB_STEP_SUMMARY
echo "- **Lambda build**: ${{ inputs.build_lambda && 'Fresh build' || format('Used artifact: {0}', inputs.artifact_name != '' && inputs.artifact_name || 'lambda-zip-latest') }}" >> $GITHUB_STEP_SUMMARY
echo "- **CDK diff**: ${{ inputs.show_diff && 'Shown' || 'Skipped' }}" >> $GITHUB_STEP_SUMMARY
echo "- **Commit**: ${{ github.sha }}" >> $GITHUB_STEP_SUMMARY