Merge pull request #1 from chrispsheehan/lambda-api-infra

feat: lambda api infra

Author: chrispsheehan

.github/workflows/build.yml

@@ -8,12 +8,12 @@ on:
         required: true
         type: string
     outputs:
-      web_bucket:
-        description: "Bucket containing static website files"
-        value: ${{ jobs.infra.outputs.web_bucket_name }}
       lambda_bucket:
         description: "Bucket containing lambda zips"
         value: ${{ jobs.infra.outputs.lambda_bucket_name }}
+      lambda_version:
+        description: "Valid lambda version"
+        value: ${{ inputs.version }}
 
 concurrency: # only run one instance of workflow at any one time
   group: ${{ github.workflow }}-${{inputs.environment}}

.github/workflows/deploy.yml

@@ -28,7 +28,7 @@ permissions:
   contents: write
 
 env:
-  TF_VAR_deploy_version: ${{ inputs.lambda_version }}
+  TF_VAR_lambda_version: ${{ inputs.lambda_version }}
   AWS_OIDC_ROLE_ARN: arn:aws:iam::${{ vars.AWS_ACCOUNT_ID }}:role/aws-serverless-github-deploy-${{ inputs.environment }}-github-oidc-role
 
 jobs:
@@ -61,3 +61,18 @@ jobs:
         with:
           aws_oidc_role_arn: ${{ env.AWS_OIDC_ROLE_ARN }}
           just_action: check-version
+
+  api:
+    needs:
+      - oidc
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          ref: ${{ inputs.infra_version }}
+
+      - name: Deploy API
+        uses: chrispsheehan/terragrunt-aws-oidc-action@0.4.0
+        with:
+          aws_oidc_role_arn: ${{ env.AWS_OIDC_ROLE_ARN }}
+          tg_directory: infra/live/${{ inputs.environment }}/aws/api

.github/workflows/destroy.yml

@@ -19,11 +19,11 @@ permissions:
   contents: write
 
 env:
-  TF_VAR_deploy_version: this
+  TF_VAR_lambda_version: this
   AWS_OIDC_ROLE_ARN: arn:aws:iam::${{ vars.AWS_ACCOUNT_ID }}:role/aws-serverless-github-deploy-${{ inputs.environment }}-github-oidc-role
 
 jobs:
-  backend:
+  api:
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v4
@@ -32,12 +32,12 @@ jobs:
         uses: chrispsheehan/terragrunt-aws-oidc-action@0.4.0
         with:
           aws_oidc_role_arn: ${{ env.AWS_OIDC_ROLE_ARN }}
-          tg_directory: infra/live/${{ inputs.environment }}/aws/jobs
+          tg_directory: infra/live/${{ inputs.environment }}/aws/api
           tg_action: destroy
 
   build:
     needs:
-      - backend
+      - api
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v4

.github/workflows/dev_deploy.yml

@@ -14,18 +14,11 @@ jobs:
       environment: dev
       version: ${{ github.sha }}
 
-  get:
-    needs: build
-    uses: ./.github/workflows/get_build.yml
-    with:
-      environment: dev
-      version: ${{ github.sha }}
-
   dev:
     uses: ./.github/workflows/deploy.yml
-    needs: get
+    needs: build
     with:
       environment: dev
       infra_version: ${{ github.sha }}
-      lambda_bucket: ${{ needs.get.outputs.lambda_bucket }}
-      lambda_version: ${{ needs.get.outputs.lambda_version }}
+      lambda_bucket: ${{ needs.build.outputs.lambda_bucket }}
+      lambda_version: ${{ needs.build.outputs.lambda_version }}

README.md

@@ -1 +1,17 @@
-# aws-serverless-github-deploy
+# aws-serverless-github-deploy
+
+## setup roles for ci
+
+```sh
+just tg ci aws/oidc apply
+just tg dev aws/oidc apply
+just tg prod aws/oidc apply
+```
+
+## local plan some infra
+
+Given a terragrunt file is found at `infra/live/dev/aws/api/terragrunt.hcl`
+
+```sh
+just tg dev aws/api plan
+```

infra/live/ci/aws/code_bucket/terragrunt.hcl

@@ -3,5 +3,5 @@ include {
 }
 
 terraform {
-  source = "../../../../modules/aws/code_bucket"
+  source = "../../../../modules//aws//code_bucket"
 }

infra/live/dev/aws/api/terragrunt.hcl

@@ -0,0 +1,7 @@
+include {
+  path = find_in_parent_folders("root.hcl")
+}
+
+terraform {
+  source = "../../../../modules//aws//api"
+}

infra/live/dev/aws/code_bucket/terragrunt.hcl

@@ -3,5 +3,5 @@ include {
 }
 
 terraform {
-  source = "../../../../modules/aws/code_bucket"
+  source = "../../../../modules//aws//code_bucket"
 }

infra/live/global_vars.hcl

@@ -4,7 +4,8 @@ locals {
     "s3:*",
     "iam:*",
     "lambda:*",
-    "logs:*"
+    "logs:*",
+    "apigateway:*"
   ]
 }
 

infra/live/prod/aws/api/terragrunt.hcl

@@ -0,0 +1,7 @@
+include {
+  path = find_in_parent_folders("root.hcl")
+}
+
+terraform {
+  source = "../../../../modules//aws//api"
+}