Update pipeline to cache poetry dependencies #38
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: FastAPI CI/CD Pipeline | |
| on: | |
| push: | |
| branches: ["terraform"] | |
| pull_request: | |
| branches: ["terraform"] | |
| concurrency: | |
| group: ${{ github.ref }} | |
| cancel-in-progress: true | |
| # These permissions are needed to interact with GitHub's OIDC Token endpoint. | |
| jobs: | |
| build: | |
| runs-on: ubuntu-latest | |
| permissions: | |
| id-token: write # This is required for requesting the JWT | |
| contents: read # This is required for actions/checkout | |
| environment: dev | |
| defaults: | |
| run: | |
| working-directory: "backend" | |
| steps: | |
| - name: Configure AWS Credentials For GitHub Actions | |
| uses: aws-actions/configure-aws-credentials@v2 | |
| with: | |
| role-to-assume: ${{ vars.AWS_ASSUME_ROLE_ARN }} | |
| role-session-name: github-actions | |
| aws-region: ap-southeast-2 | |
| - name: Setup SAM CLI | |
| uses: aws-actions/setup-sam@v2 | |
| with: | |
| use-installer: true | |
| - name: Checkout code | |
| uses: actions/checkout@v3 | |
| - name: Install poetry | |
| run: pipx install poetry | |
| - uses: actions/setup-python@v4 | |
| with: | |
| python-version: '3.10' | |
| cache: 'poetry' | |
| - run: poetry install | |
| - name: Poetry export | |
| run: poetry export -f requirements.txt --without-hashes > requirements.txt | |
| - run: > | |
| sam build --use-container | |
| - name: sam deploy | |
| # Prevent prompts and failure when the stack is unchanged | |
| run: > | |
| sam deploy | |
| --no-confirm-changeset | |
| --no-fail-on-empty-changeset | |
| --stack-name fastapi-backend-lambda | |
| --parameter-overrides "LambdaSecurityGroupId=${{ vars.LAMBDA_SG_ID }} LambdaSubnet1Id=${{ vars.LAMBDA_SUBNET_1_ID }} LambdaSubnet2Id=${{ vars.LAMBDA_SUBNET_2_ID }} SecretKeyArn=${{ vars.SECRET_ARN }} DBSecretArn=${{ vars.DB_SECRET_ARN }} DBEndpoint=${{ vars.DB_ENDPOINT }}" | |
| --on-failure DELETE |