refactor ListAccounts to use EventBridge #54
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Feature Branch | |
| on: | |
| workflow_dispatch: | |
| push: | |
| branches: | |
| - feature/* | |
| - fix/* | |
| jobs: | |
| build: | |
| runs-on: ubuntu-latest | |
| permissions: | |
| id-token: write | |
| contents: read | |
| steps: | |
| - name: Setup job workspace | |
| uses: ServerlessOpsIO/gha-setup-workspace@v1 | |
| - name: Setup Python environment | |
| uses: ServerlessOpsIO/gha-setup-python@v1 | |
| with: | |
| python_version: '3.13' | |
| - name: Run tests | |
| run: pipenv run test-unit | |
| - name: Assume AWS credentials | |
| uses: ServerlessOpsIO/gha-assume-aws-credentials@v1 | |
| with: | |
| build_aws_account_id: ${{ secrets.AWS_CICD_ACCOUNT_ID }} | |
| - name: Install AWS SAM | |
| uses: aws-actions/setup-sam@v2 | |
| - name: Validate template | |
| run: sam validate --lint | |
| - name: Validate artifact (validate stackset) | |
| run: sam validate --lint -t stacksets/cross-account-iam-role/template.yaml | |
| - name: Synethsize StackSet templates | |
| run: | | |
| for _f in $(find . -type f -name 'stacksets.yaml'); do | |
| _dir="$(dirname $_f)/" \ | |
| yq \ | |
| -i \ | |
| '(.. | select(has("localTemplateFile")) | .localTemplateFile) |= load_str(strenv(_dir) + .)' \ | |
| $_f; | |
| done | |
| - name: Build deployment artifact | |
| run: sam build | |
| - name: Upload SAM artifact (Build Account) | |
| id: upload-sam-stackset-build-template | |
| shell: bash | |
| run: | | |
| sam package \ | |
| --template stacksets.yaml \ | |
| --s3-bucket aws-sam-cli-sourcebucket-225989329251-us-east-1 \ | |
| --s3-prefix ${{ env.GITHUB_REPOSITORY_OWNER_PART_SLUG_URL }}/${{ env.GITHUB_REPOSITORY_NAME_PART_SLUG_URL }}/${{ env.GITHUB_REF_SLUG_URL }} \ | |
| --region us-east-1 \ | |
| --output-template-file packaged-stacksets.yaml | |
| - name: Store artifacts | |
| uses: ServerlessOpsIO/gha-store-artifacts@v1 | |
| with: | |
| use_aws_sam: true | |
| deploy: | |
| needs: | |
| - build | |
| environment: production | |
| runs-on: ubuntu-latest | |
| permissions: | |
| id-token: write | |
| contents: read | |
| steps: | |
| - name: Setup job workspace | |
| uses: ServerlessOpsIO/gha-setup-workspace@v1 | |
| with: | |
| checkout_artifact: true | |
| - name: Assume AWS credentials | |
| uses: ServerlessOpsIO/gha-assume-aws-credentials@v1 | |
| with: | |
| build_aws_account_id: ${{ secrets.AWS_CICD_ACCOUNT_ID }} | |
| deploy_aws_account_id: ${{ secrets.DEPLOYMENT_ACCOUNT_ID }} | |
| - name: Deploy via AWS SAM | |
| uses: ServerlessOpsIO/gha-deploy-aws-sam@v1 | |
| with: | |
| aws_account_id: ${{ secrets.DEPLOYMENT_ACCOUNT_ID }} | |
| vars_json: ${{ toJson(vars) }} | |
| env_json: ${{ toJson(env) }} | |
| secrets_json: ${{ toJson(secrets) }} |