feat: use amplify user pool #101
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| on: | |
| workflow_dispatch: | |
| push: | |
| paths: # don't deploy on renovate merge, so deps files are not included | |
| - "resources/**" | |
| - "src/**" | |
| branches: | |
| - main | |
| name: "Deploy Ions and API" | |
| concurrency: | |
| group: "deployment" | |
| cancel-in-progress: false | |
| jobs: | |
| test-code: | |
| name: "Test code" | |
| runs-on: ubuntu-latest | |
| permissions: | |
| id-token: write | |
| contents: read | |
| steps: | |
| - name: "Checkout" | |
| uses: actions/checkout@v3 | |
| - name: "Configure AWS credentials" | |
| uses: aws-actions/configure-aws-credentials@v3 | |
| with: | |
| role-to-assume: arn:aws:iam::118776085668:role/github-actions-ions-testing | |
| aws-region: eu-central-1 | |
| - name: "Setup Java" | |
| uses: actions/setup-java@v3 | |
| with: | |
| distribution: 'temurin' # preinstalled | |
| java-version-file: ./.java-version | |
| - name: "Setup Clojure" | |
| uses: DeLaGuardo/setup-clojure@12.1 | |
| with: | |
| cli: 'latest' | |
| - name: "Cache Clojure dependencies" | |
| uses: actions/cache@v3 | |
| with: | |
| path: | | |
| ~/.m2/repository | |
| ~/.gitlibs | |
| ~/.deps.clj | |
| key: cljdeps-${{ hashFiles('deps.edn') }} | |
| restore-keys: cljdeps- | |
| - name: "Provide credentials to maven" | |
| uses: s4u/maven-settings-action@v2.8.0 | |
| with: | |
| servers: '[{"id": "cognitect-dev-tools", "username": "${{ secrets.DEV_TOOLS_USERNAME }}", "password": "${{ secrets.DEV_TOOLS_PASSWORD }}"}]' | |
| - name: "Run format check" | |
| run: clojure -M:format check | |
| - name: "Run tests" | |
| run: clojure -M:test | |
| - name: "Upload coverage reports to Codecov" | |
| uses: codecov/codecov-action@v3 | |
| with: | |
| token: ${{ secrets.CODECOV_TOKEN }} | |
| files: ./target/coverage/codecov.json | |
| fail_ci_if_error: true | |
| check-cdk-synth: | |
| name: "Check CDK synth" | |
| runs-on: ubuntu-latest | |
| permissions: | |
| id-token: write | |
| contents: read | |
| steps: | |
| - name: "Checkout" | |
| uses: actions/checkout@v3 | |
| - name: "Configure AWS credentials" | |
| uses: aws-actions/configure-aws-credentials@v3 | |
| with: | |
| role-to-assume: arn:aws:iam::118776085668:role/github-actions-ions-testing | |
| aws-region: eu-central-1 | |
| - name: "Setup Java" | |
| uses: actions/setup-java@v3 | |
| with: | |
| distribution: 'temurin' # preinstalled | |
| java-version-file: ./.java-version | |
| - name: "Setup Clojure" | |
| uses: DeLaGuardo/setup-clojure@12.1 | |
| with: | |
| cli: 'latest' | |
| - name: "Cache Clojure dependencies" | |
| uses: actions/cache@v3 | |
| with: | |
| path: | | |
| ~/.m2/repository | |
| ~/.gitlibs | |
| ~/.deps.clj | |
| key: cljdeps-${{ hashFiles('deps.edn') }} | |
| restore-keys: cljdeps- | |
| - name: "Provide credentials to maven" | |
| uses: s4u/maven-settings-action@v2.8.0 | |
| with: | |
| servers: '[{"id": "cognitect-dev-tools", "username": "${{ secrets.DEV_TOOLS_USERNAME }}", "password": "${{ secrets.DEV_TOOLS_PASSWORD }}"}]' | |
| - name: "Setup Node" | |
| uses: actions/setup-node@v3 | |
| with: | |
| node-version: 18 | |
| - name: "Setup CDK" | |
| run: npm install -g aws-cdk | |
| - name: "Run CDK synth" | |
| run: cdk synth --strict | |
| deploy-ions: | |
| name: "Deploy Ions" | |
| needs: | |
| - test-code | |
| - check-cdk-synth | |
| runs-on: ubuntu-latest | |
| permissions: | |
| id-token: write | |
| contents: read | |
| steps: | |
| - name: "Checkout" | |
| uses: actions/checkout@v3 | |
| - name: "Setup borkdude/jet" | |
| run: bash <(curl -s https://raw.githubusercontent.com/borkdude/jet/master/install) | |
| - name: "Configure AWS credentials" | |
| uses: aws-actions/configure-aws-credentials@v3 | |
| with: | |
| role-to-assume: arn:aws:iam::118776085668:role/github-actions-ions-deployment | |
| aws-region: eu-central-1 | |
| - name: "Setup Java" | |
| uses: actions/setup-java@v3 | |
| with: | |
| distribution: 'temurin' # preinstalled | |
| java-version-file: ./.java-version | |
| - name: "Setup Clojure" | |
| uses: DeLaGuardo/setup-clojure@12.1 | |
| with: | |
| cli: 'latest' | |
| - name: "Cache Clojure dependencies" | |
| uses: actions/cache@v3 | |
| with: | |
| path: | | |
| ~/.m2/repository | |
| ~/.gitlibs | |
| ~/.deps.clj | |
| key: cljdeps-${{ hashFiles('deps.edn') }} | |
| restore-keys: cljdeps- | |
| - name: "Push code to AWS CodeDeploy" | |
| run: set -E && echo "PUSH_RESULT=$(clojure -M:ion-dev '{:op :push}' | tail -6 | jet --no-pretty)" >> $GITHUB_ENV | |
| - name: "Display push result" | |
| run: echo "$PUSH_RESULT" | |
| - name: "Extract deploy command" | |
| run: set -E && echo "DEPLOY_COMMAND=$(echo "$PUSH_RESULT" | jet --query ':deploy-command println')" >> $GITHUB_ENV | |
| - name: "Deploy revision to Datomic via AWS Step Functions" | |
| run: set -E && echo "DEPLOY_RESULT=$(eval "$DEPLOY_COMMAND" | tail -6 | jet --no-pretty)" >> $GITHUB_ENV | |
| - name: "Display deploy result" | |
| run: echo "$DEPLOY_RESULT" | |
| - name: "Extract status command" | |
| run: set -E && echo "STATUS_COMMAND=$(echo "$DEPLOY_RESULT" | jet --query ':status-command println')" >> $GITHUB_ENV | |
| - name: "Wait until any final status is reached" | |
| run: | | |
| while | |
| state=$(eval "$STATUS_COMMAND" | tail -1) | |
| echo "$state" | jet --query ':deploy-status println' | grep -x -F 'RUNNING' | |
| do | |
| echo "running: $state" | |
| sleep 1 | |
| done | |
| echo "finished: $state" | |
| apply-migrations: | |
| name: "Apply migrations" | |
| needs: deploy-ions | |
| runs-on: ubuntu-latest | |
| permissions: | |
| id-token: write | |
| contents: read | |
| steps: | |
| - name: "Checkout" | |
| uses: actions/checkout@v3 | |
| - name: "Configure AWS credentials" | |
| uses: aws-actions/configure-aws-credentials@v3 | |
| with: | |
| role-to-assume: arn:aws:iam::118776085668:role/github-actions-ions-testing | |
| aws-region: eu-central-1 | |
| - name: "Setup Java" | |
| uses: actions/setup-java@v3 | |
| with: | |
| distribution: 'temurin' # preinstalled | |
| java-version-file: ./.java-version | |
| - name: "Setup Clojure" | |
| uses: DeLaGuardo/setup-clojure@12.1 | |
| with: | |
| cli: 'latest' | |
| - name: "Cache Clojure dependencies" | |
| uses: actions/cache@v3 | |
| with: | |
| path: | | |
| ~/.m2/repository | |
| ~/.gitlibs | |
| ~/.deps.clj | |
| key: cljdeps-${{ hashFiles('deps.edn') }} | |
| restore-keys: cljdeps- | |
| - name: "Provide credentials to maven" | |
| uses: s4u/maven-settings-action@v2.8.0 | |
| with: | |
| servers: '[{"id": "cognitect-dev-tools", "username": "${{ secrets.DEV_TOOLS_USERNAME }}", "password": "${{ secrets.DEV_TOOLS_PASSWORD }}"}]' | |
| - name: "Run migrate" | |
| run: clojure -M:migrate | |
| call-deploy-cdk: | |
| name: "Update API" | |
| needs: apply-migrations | |
| uses: ./.github/workflows/deploy-cdk.yml |