Skip to content

Commit

Permalink
Update CICD paths and archive assets
Browse files Browse the repository at this point in the history
  • Loading branch information
@san99tiago
san99tiago committed Sep 16, 2023
1 parent ea1f186 commit 5b5c8e0
Showing 1 changed file with 8 additions and 16 deletions.
24 changes: 8 additions & 16 deletions .github/workflows/deploy.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -88,11 +88,13 @@ jobs:
source .venv/bin/activate
cdk synth
- name: Archive CDK Synth results
- name: Archive CDK Synth results (no assets)
uses: actions/upload-artifact@v3
with:
name: cdk-synth-folder
path: ./cdk.out
path: !
./cdk.out
!./cdk.out/asset.*
retention-days: 1

iac-checkov:
Expand All @@ -108,19 +110,15 @@ jobs:
name: cdk-synth-folder
path: ./cdk-synth-output-folder

- name: Display structure of downloaded files
run: ls -R
- name: Display files in the output folder
run: ls -lrta
working-directory: ./cdk-synth-output-folder

- name: Tree Debug
run: |
tree .
- name: Run Checkov action
id: checkov
uses: bridgecrewio/checkov-action@v12
with:
directory: cdk-synth-output-folder/.cdk.out/
directory: cdk-synth-output-folder/
framework: cloudformation
soft_fail: true # optional: do not return an error code if there are failed checks
skip_check: CKV_AWS_2 # optional: skip a specific check_id. can be comma separated list
Expand Down Expand Up @@ -157,8 +155,7 @@ jobs:
node-version: "20"

- name: Install CDK
run: |
npm install -g aws-cdk
run: npm install -g aws-cdk

# # MY OLD AUTH CONFIG (NOW WITH GITHUB OIDC TOKEN)
# - name: Configure AWS credentials
Expand All @@ -175,11 +172,6 @@ jobs:
role-to-assume: arn:aws:iam::${{ secrets.AWS_ACCOUNT_ID }}:role/${{ secrets.AWS_DEPLOY_ROLE }}
role-session-name: myGitHubActions

# Sample STS get caller identity for tests
- name: sts get-caller-identity
run: |
aws sts get-caller-identity
# NOTE: for now no manual approvals are required
- name: Deploy to AWS
run: |
Expand Down

0 comments on commit 5b5c8e0

Please sign in to comment.