Skip to content

Workflow file for this run

name: Deploy lambdas to S3 and ECR
on:
push:
branches:
- ci_deploy_lambdas
paths:
- '.github/workflows/deploy-lambdas.yml'
- 'lambdas/**'
jobs:
deploy-lambda-s3:
strategy:
matrix:
path: []

Check failure on line 15 in .github/workflows/deploy-lambdas.yml

View workflow run for this annotation

GitHub Actions / Deploy lambdas to S3 and ECR

Invalid workflow file

The workflow is not valid. .github/workflows/deploy-lambdas.yml (Line: 15, Col: 15): Matrix vector 'path' does not contain any values
# - access_counts
# - es/indexer
# - pkgevents
# - pkgpush
# - pkgselect
# - preview
# - s3hash
# - s3select
# - status_reports
# - tabular_preview
# - transcode
runs-on: ubuntu-latest
# These permissions are needed to interact with GitHub's OIDC Token endpoint.
permissions:
id-token: write
contents: read
steps:
- uses: actions/checkout@v4
- name: Build zip
run: |
BUILDER_IMAGE=quiltdata/lambda:build-3.8
docker pull "$BUILDER_IMAGE"
touch ./out.zip
docker run --rm \
--entrypoint /build_zip.sh \
-v "$PWD/lambdas/${{ matrix.path }}":/lambda/function:z \
-v "$PWD/lambdas/shared":/lambda/shared:z \
-v "$PWD/out.zip":/out.zip:z \
-v "$PWD/lambdas/build_zip.sh":/build_zip.sh:z \
"$BUILDER_IMAGE"
- name: Configure AWS credentials from Prod account
uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: arn:aws:iam::730278974607:role/github/GitHub-Quilt
aws-region: us-east-1
- name: Upload zips to Prod S3
run: |
s3_key="$(basename ${{ matrix.path }})/${{ github.sha }}.zip"
./lambdas/upload_zip.sh ./out.zip "$AWS_REGION" "$s3_key"
- name: Configure AWS credentials from GovCloud account
uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: arn:aws-us-gov:iam::313325871032:role/github/GitHub-Quilt
aws-region: us-gov-east-1
- name: Upload zips to GovCloud S3
run: |
s3_key="$(basename ${{ matrix.path }})/${{ github.sha }}.zip"
./lambdas/upload_zip.sh ./out.zip "$AWS_REGION" "$s3_key"
deploy-lambda-ecr:
strategy:
matrix:
path:
- molecule
# - thumbnail
runs-on: ubuntu-latest
# These permissions are needed to interact with GitHub's OIDC Token endpoint.
permissions:
id-token: write
contents: read
steps:
- uses: actions/checkout@v4
- name: Build Docker image
working-directory: ./lambdas/${{ matrix.path }}
run: |
image_name=quiltdata/lambdas/${{ matrix.path }}:${{ github.sha }}
docker buildx build --pull --platform=linux/amd64 -t "$image_name" -f Dockerfile ..
- name: Configure AWS credentials from Prod account
uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: arn:aws:iam::730278974607:role/github/GitHub-Quilt
aws-region: us-west-2
- name: Push Docker image to Prod ECR
run: ./lambdas/upload_ecr.sh 730278974607 quiltdata/lambdas/${{ matrix.path }}:${{ github.sha }}
# - name: Configure AWS credentials from GovCloud account
# uses: aws-actions/configure-aws-credentials@v4
# with:
# role-to-assume: arn:aws-us-gov:iam::313325871032:role/github/GitHub-Quilt
# aws-region: us-gov-east-1
# - name: Push Docker image to GovCloud ECR
# run: ./lambdas/upload_ecr.sh 313325871032 quiltdata/lambdas/${{ matrix.path }}:${{ github.sha }}