From f9baf95295f78ffcddc829ed90ce906ad53c0fb9 Mon Sep 17 00:00:00 2001 From: Jun-te Kim Date: Fri, 18 Jul 2025 15:07:50 +0000 Subject: [PATCH] dynamic tagging --- .../workflows/actions/lambda-deploy/action.yml | 18 +++++++++++++++++- .../actions/terraform-deploy/action.yml | 6 +++++- .github/workflows/lambda_main.yml | 4 ++++ deployment/database/variables.tf | 2 +- .../extractor_and_loader_lambda.tf | 5 +---- .../lambda_example_and_config.tf | 2 +- 6 files changed, 29 insertions(+), 8 deletions(-) diff --git a/.github/workflows/actions/lambda-deploy/action.yml b/.github/workflows/actions/lambda-deploy/action.yml index c755e79..d1328ae 100644 --- a/.github/workflows/actions/lambda-deploy/action.yml +++ b/.github/workflows/actions/lambda-deploy/action.yml @@ -23,6 +23,12 @@ inputs: aws-region: description: "AWS region" required: true + git-sha: + description: "Git commit SHA" + required: true + git-ref: + description: "Git ref name" + required: true runs: using: "composite" @@ -47,11 +53,19 @@ runs: aws-access-key-id: ${{ inputs.aws-access-key-id }} aws-secret-access-key: ${{ inputs.aws-secret-access-key }} aws-region: ${{ inputs.aws-region }} + - name: Set Docker image tag + id: set_tag + run: | + SHORT_SHA=$(echo "${{ inputs.git-sha }}" | cut -c1-7) + BRANCH=$(echo "${{ inputs.git-ref }}" | tr '/' '-') + TAG="${BRANCH}-${SHORT_SHA}" + echo "IMAGE_TAG=${TAG}" >> $GITHUB_ENV + echo "tag=$TAG" >> $GITHUB_OUTPUT - name: Build and push Docker image shell: bash run: | - IMAGE_URI=${{ steps.login-ecr.outputs.registry }}/${{ inputs.lambda_name }}:latest + IMAGE_URI=${{ steps.login-ecr.outputs.registry }}/${{ inputs.lambda_name }}:${{ steps.set_tag.outputs.tag }} echo "Building Docker image for ${{ inputs.lambda_name }}..." docker build -t $IMAGE_URI -f ${{ inputs.dockerfile_path }} . @@ -65,5 +79,7 @@ runs: aws-access-key-id: ${{ inputs.aws-access-key-id }} aws-secret-access-key: ${{ inputs.aws-secret-access-key }} aws-region: ${{ inputs.aws-region }} + lambda-image-tag: ${{ steps.set_tag.outputs.tag }} + diff --git a/.github/workflows/actions/terraform-deploy/action.yml b/.github/workflows/actions/terraform-deploy/action.yml index 1f3ded5..a978024 100644 --- a/.github/workflows/actions/terraform-deploy/action.yml +++ b/.github/workflows/actions/terraform-deploy/action.yml @@ -14,6 +14,9 @@ inputs: aws-region: description: "AWS region" required: true + lambda-image-tag: + description: "Tag of the Lambda image (e.g., GitHub SHA)" + required: false runs: using: "composite" @@ -38,7 +41,8 @@ runs: - name: Terraform Plan working-directory: ${{ inputs.working_directory }} shell: bash - run: terraform plan -out=tfplan + run: terraform plan -out=tfplan -var="lambda_image_tag=${{ inputs.lambda-image-tag }}" + - name: Terraform Apply working-directory: ${{ inputs.working_directory }} diff --git a/.github/workflows/lambda_main.yml b/.github/workflows/lambda_main.yml index c9cf6a8..39b9e25 100644 --- a/.github/workflows/lambda_main.yml +++ b/.github/workflows/lambda_main.yml @@ -41,6 +41,8 @@ jobs: aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} aws-region: ${{ secrets.AWS_REGION }} + git-sha: ${{ github.sha }} + git-ref: ${{ github.ref_name }} extractor-and-loader: runs-on: ubuntu-latest @@ -62,4 +64,6 @@ jobs: aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} aws-region: ${{ secrets.AWS_REGION }} + git-sha: ${{ github.sha }} + git-ref: ${{ github.ref_name }} diff --git a/deployment/database/variables.tf b/deployment/database/variables.tf index a237b6c..fd38c81 100644 --- a/deployment/database/variables.tf +++ b/deployment/database/variables.tf @@ -14,4 +14,4 @@ variable allocated_storage { description = "The allocated storage in gigabytes" type = number default = 20 -} \ No newline at end of file +} diff --git a/deployment/lambda/extractor_and_loader/extractor_and_loader_lambda.tf b/deployment/lambda/extractor_and_loader/extractor_and_loader_lambda.tf index 91b5755..455a192 100644 --- a/deployment/lambda/extractor_and_loader/extractor_and_loader_lambda.tf +++ b/deployment/lambda/extractor_and_loader/extractor_and_loader_lambda.tf @@ -58,7 +58,7 @@ resource "aws_lambda_function" "extractor_and_loader" { function_name = "extractor-and-loader" role = data.aws_iam_role.lambda_exec_role.arn package_type = "Image" - image_uri = "${data.aws_ecr_repository.extractor_and_loader.repository_url}:latest" + image_uri = "${data.aws_ecr_repository.extractor_and_loader.repository_url}:${var.lambda_image_tag}" timeout = 30 } @@ -69,6 +69,3 @@ resource "aws_lambda_event_source_mapping" "extractor_and_loader_trigger" { batch_size = 1 } - -# TODO: Seperate lambda jobs from ecr creation. This is because we need to -# Create the ecr, then push images, then lambda jobs can be made \ No newline at end of file diff --git a/deployment/lambda/lambda_example/lambda_example_and_config.tf b/deployment/lambda/lambda_example/lambda_example_and_config.tf index 1fbd5ad..4f87771 100644 --- a/deployment/lambda/lambda_example/lambda_example_and_config.tf +++ b/deployment/lambda/lambda_example/lambda_example_and_config.tf @@ -57,7 +57,7 @@ resource "aws_lambda_function" "lambda_example" { function_name = "lambda-example" role = data.aws_iam_role.lambda_exec_role.arn package_type = "Image" - image_uri = "${data.aws_ecr_repository.lambda_example.repository_url}:latest" + image_uri = "${data.aws_ecr_repository.lambda_example.repository_url}:${var.lambda_image_tag}" timeout = 10 }