name: Fast Api Backend Deploy on: push: branches: [ dev, prod ] jobs: deploy: runs-on: ubuntu-latest steps: - name: Checkout code uses: actions/checkout@v3 - name: Set up Python uses: actions/setup-python@v2 with: python-version: 3.10.12 - name: Install Serverless and plugins run: | npm install -g serverless npm install -g serverless-python-requirements npm install -g serverless-domain-manager - name: Install dependencies run: | python -m pip install --upgrade pip - name: AWS credentials for dev if: github.ref == 'refs/heads/dev' uses: aws-actions/configure-aws-credentials@v1 with: aws-access-key-id: ${{ secrets.DEV_AWS_ACCESS_KEY_ID }} aws-secret-access-key: ${{ secrets.DEV_AWS_SECRET_ACCESS_KEY }} aws-region: eu-west-2 - name: AWS credentials for prod if: github.ref == 'refs/heads/prod' uses: aws-actions/configure-aws-credentials@v1 with: aws-access-key-id: ${{ secrets.PROD_AWS_ACCESS_KEY_ID }} aws-secret-access-key: ${{ secrets.PROD_AWS_SECRET_ACCESS_KEY }} aws-region: eu-west-2 - name: Set domain name id: set_domain run: echo "::set-output name=domain::${{ secrets[format('{0}_DOMAIN_NAME', github.ref_name)] }}" - name: Set EPC auth token id: set_auth_token run: echo "::set-output name=auth_token::${{ secrets[format('{0}_EPC_AUTH_TOKEN', github.ref_name)] }}" # Store port, name and host in github secrets - name: Set DB credentials id: set_db_credentials run: | echo "::set-output name=db_host::${{ secrets[format('{0}_DB_HOST', github.ref_name)] }}" echo "::set-output name=db_port::${{ secrets[format('{0}_DB_PORT', github.ref_name)] }}" echo "::set-output name=db_name::${{ secrets[format('{0}_DB_NAME', github.ref_name)] }}" # - name: Build Lambda Layer # run: | # cd backend # pip install -r requirements/lambda.txt -t python # zip -r layer.zip python # # - name: Publish Lambda Layer # run: | # LAYER_ARN=$(aws lambda publish-layer-version --layer-name LambdaDependenciesLayer --zip-file fileb://backend/layer.zip | jq -r '.LayerVersionArn') # aws ssm put-parameter --name "/${{ github.ref_name }}/LambdaDependenciesLayerArn" --value "$LAYER_ARN" --type String --overwrite - name: Deploy to AWS Lambda via Serverless env: API_KEY: ${{ secrets.FASTAPI_API_KEY }} ENVIRONMENT: ${{ github.ref_name }} SECRET_KEY: ${{ secrets.NEXTAUTH_SECRET }} PLAN_TRIGGER_BUCKET: 'retrofit-plan-inputs-${{ github.ref_name }}' DOMAIN_NAME: ${{ steps.set_domain.outputs.domain }} EPC_AUTH_TOKEN: ${{ steps.set_auth_token.outputs.auth_token }} DB_HOST: ${{ steps.set_db_credentials.outputs.db_host }} DB_PORT: ${{ steps.set_db_credentials.outputs.db_port }} DB_NAME: ${{ steps.set_db_credentials.outputs.db_name }} run: | # Fetch database credentials from AWS Secrets Manager SECRET_VALUE=$(aws secretsmanager get-secret-value --secret-id dev/assessment_model/db_credentials --query SecretString) DB_USERNAME=$(echo "$SECRET_VALUE" | jq -r '. | fromjson | .db_assessment_model_username') DB_PASSWORD=$(echo "$SECRET_VALUE" | jq -r '. | fromjson | .db_assessment_model_password') # Set the database credentials as environment variables export DB_USERNAME export DB_PASSWORD # Deploy to AWS Lambda via Serverless sls deploy --stage ${{ github.ref_name }} --verbose