From 5cec94a8ce4bbd90eeb96a8c610a90bf9bbc217f Mon Sep 17 00:00:00 2001 From: Maxime David Date: Sat, 15 Mar 2025 10:41:21 +0000 Subject: [PATCH 01/19] fix: regions are now configurable --- .github/workflows/autobuild.yml | 4 ++-- .github/workflows/aws-deploy.yml | 8 ++++---- .github/workflows/aws-publish-artifact-to-ecr.yml | 6 +++--- .github/workflows/aws-publish-artifact-to-s3.yml | 6 +++--- .github/workflows/test.yml | 2 +- 5 files changed, 13 insertions(+), 13 deletions(-) diff --git a/.github/workflows/autobuild.yml b/.github/workflows/autobuild.yml index 7866de86f2..f9b881c9d3 100644 --- a/.github/workflows/autobuild.yml +++ b/.github/workflows/autobuild.yml @@ -17,7 +17,7 @@ jobs: architecture: [x86_64, arm64] uses: ./.github/workflows/push-to-s3.yml with: - region: 'us-east-1' + region: ${{ secrets.AWS_PROD_REGION }} architecture: ${{ matrix.architecture }} secrets: role: ${{ secrets.AWS_ROLE_TO_ASSUME }} @@ -30,7 +30,7 @@ jobs: architecture: [x86_64, arm64] uses: ./.github/workflows/push-to-ecr.yml with: - region: 'us-east-1' + region: ${{ secrets.AWS_PROD_REGION }} architecture: ${{ matrix.architecture }} secrets: role: ${{ secrets.AWS_ROLE_TO_ASSUME }} diff --git a/.github/workflows/aws-deploy.yml b/.github/workflows/aws-deploy.yml index 07c0550e30..d71bfec14a 100644 --- a/.github/workflows/aws-deploy.yml +++ b/.github/workflows/aws-deploy.yml @@ -11,8 +11,8 @@ on: description: 'region on which you want to deploy' type: choice options: - - eu-west-1 - - us-east-1 + - dev + - prod required: true lambdaPerfEnv: description: 'environment on which you want to deploy' @@ -62,10 +62,10 @@ jobs: with: role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }} role-session-name: GitHub_Action_LambdaPerf_Session - aws-region: ${{ inputs.region }} + aws-region: ${{ inputs.region == 'DEV' && secrets.DEV_REGION || inputs.region == 'PROD' && secrets.PROD_REGION }} - name: deploy env: - AWS_REGION: ${{ inputs.region }} + AWS_REGION: ${{ inputs.region == 'DEV' && secrets.DEV_REGION || inputs.region == 'PROD' && secrets.PROD_REGION }} LAMBDA_PERF_ENV: ${{ inputs.lambdaPerfEnv }} SKIP_SNAPSTART: ${{ (inputs.region == 'eu-west-1') && secrets.SKIP_SNAPSTART_DEV || 'false' }} GITHUB_AUTH_TOKEN: ${{ secrets.GH_AUTH_TOKEN }} diff --git a/.github/workflows/aws-publish-artifact-to-ecr.yml b/.github/workflows/aws-publish-artifact-to-ecr.yml index 8d1ba92036..d0d98e1372 100644 --- a/.github/workflows/aws-publish-artifact-to-ecr.yml +++ b/.github/workflows/aws-publish-artifact-to-ecr.yml @@ -11,8 +11,8 @@ on: description: 'region on which you want to deploy' type: choice options: - - eu-west-1 - - us-east-1 + - dev + - prod required: true architecture: description: 'architecture' @@ -26,7 +26,7 @@ jobs: trigger-push-to-ecr: uses: ./.github/workflows/push-to-ecr.yml with: - region: ${{ inputs.region }} + region: ${{ inputs.region == 'DEV' && secrets.DEV_REGION || inputs.region == 'PROD' && secrets.PROD_REGION }} architecture: ${{ inputs.architecture }} secrets: role: ${{ secrets.AWS_ROLE_TO_ASSUME }} diff --git a/.github/workflows/aws-publish-artifact-to-s3.yml b/.github/workflows/aws-publish-artifact-to-s3.yml index 541b35b389..6bd0d4e1a3 100644 --- a/.github/workflows/aws-publish-artifact-to-s3.yml +++ b/.github/workflows/aws-publish-artifact-to-s3.yml @@ -11,8 +11,8 @@ on: description: 'region on which you want to deploy' type: choice options: - - eu-west-1 - - us-east-1 + - dev + - prod required: true architecture: description: 'architecture' @@ -26,7 +26,7 @@ jobs: trigger-push-to-s3: uses: ./.github/workflows/push-to-s3.yml with: - region: ${{ inputs.region }} + region: ${{ inputs.region == 'DEV' && secrets.DEV_REGION || inputs.region == 'PROD' && secrets.PROD_REGION }} architecture: ${{ inputs.architecture }} secrets: role: ${{ secrets.AWS_ROLE_TO_ASSUME }} diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index b9dabff8ba..aa436ffae2 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -41,7 +41,7 @@ jobs: architecture: [x86_64, arm64] uses: ./.github/workflows/push-to-s3.yml with: - region: 'us-east-1' + region: ${{ secrets.AWS_DEV_REGION }} architecture: ${{ matrix.architecture }} secrets: role: ${{ secrets.AWS_ROLE_TO_ASSUME }} From 713a96795b86b46a2cbcb1ebc2e37b04e400e781 Mon Sep 17 00:00:00 2001 From: Maxime David Date: Sat, 15 Mar 2025 10:43:50 +0000 Subject: [PATCH 02/19] fix: region --- .github/workflows/aws-publish-artifact-to-s3.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.github/workflows/aws-publish-artifact-to-s3.yml b/.github/workflows/aws-publish-artifact-to-s3.yml index 6bd0d4e1a3..64312d8216 100644 --- a/.github/workflows/aws-publish-artifact-to-s3.yml +++ b/.github/workflows/aws-publish-artifact-to-s3.yml @@ -24,9 +24,11 @@ on: jobs: trigger-push-to-s3: + env: + AWS_REGION: ${{ inputs.region == 'DEV' && secrets.DEV_REGION || inputs.region == 'PROD' && secrets.PROD_REGION }} uses: ./.github/workflows/push-to-s3.yml with: - region: ${{ inputs.region == 'DEV' && secrets.DEV_REGION || inputs.region == 'PROD' && secrets.PROD_REGION }} + region: ${{ env.REGION }} architecture: ${{ inputs.architecture }} secrets: role: ${{ secrets.AWS_ROLE_TO_ASSUME }} From 1b825b38bd61bc0d4c44ab45ab603d58bf1c869c Mon Sep 17 00:00:00 2001 From: Maxime David Date: Sat, 15 Mar 2025 10:45:20 +0000 Subject: [PATCH 03/19] fix: region --- .../workflows/aws-publish-artifact-to-s3.yml | 29 ++++++++++++++----- 1 file changed, 21 insertions(+), 8 deletions(-) diff --git a/.github/workflows/aws-publish-artifact-to-s3.yml b/.github/workflows/aws-publish-artifact-to-s3.yml index 64312d8216..eb413a36bc 100644 --- a/.github/workflows/aws-publish-artifact-to-s3.yml +++ b/.github/workflows/aws-publish-artifact-to-s3.yml @@ -24,12 +24,25 @@ on: jobs: trigger-push-to-s3: - env: - AWS_REGION: ${{ inputs.region == 'DEV' && secrets.DEV_REGION || inputs.region == 'PROD' && secrets.PROD_REGION }} - uses: ./.github/workflows/push-to-s3.yml - with: - region: ${{ env.REGION }} - architecture: ${{ inputs.architecture }} - secrets: - role: ${{ secrets.AWS_ROLE_TO_ASSUME }} + runs-on: ubuntu-latest + steps: + - name: Set Region Variable + id: set-region + run: | + if [[ "${{ inputs.region }}" == "DEV" ]]; then + echo "REGION=${{ secrets.DEV_REGION }}" >> $GITHUB_ENV + elif [[ "${{ inputs.region }}" == "PROD" ]]; then + echo "REGION=${{ secrets.PROD_REGION }}" >> $GITHUB_ENV + else + echo "Invalid region: ${{ inputs.region }}" + exit 1 + fi + + - name: Trigger Push to S3 + uses: ./.github/workflows/push-to-s3.yml + with: + region: ${{ env.REGION }} + architecture: ${{ inputs.architecture }} + secrets: + role: ${{ secrets.AWS_ROLE_TO_ASSUME }} \ No newline at end of file From 11e314b5e14da7ad4bb38b4174a21e62ca349792 Mon Sep 17 00:00:00 2001 From: Maxime David Date: Sat, 15 Mar 2025 10:49:24 +0000 Subject: [PATCH 04/19] fix: region --- .github/workflows/aws-publish-artifact-to-s3.yml | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) diff --git a/.github/workflows/aws-publish-artifact-to-s3.yml b/.github/workflows/aws-publish-artifact-to-s3.yml index eb413a36bc..f7f9d78676 100644 --- a/.github/workflows/aws-publish-artifact-to-s3.yml +++ b/.github/workflows/aws-publish-artifact-to-s3.yml @@ -23,26 +23,35 @@ on: required: true jobs: - trigger-push-to-s3: + compute-region: runs-on: ubuntu-latest + outputs: + region: ${{ steps.set-region.outputs.REGION }} # Expose REGION as job output steps: - name: Set Region Variable id: set-region run: | if [[ "${{ inputs.region }}" == "DEV" ]]; then echo "REGION=${{ secrets.DEV_REGION }}" >> $GITHUB_ENV + echo "REGION=${{ secrets.DEV_REGION }}" >> $GITHUB_OUTPUT elif [[ "${{ inputs.region }}" == "PROD" ]]; then echo "REGION=${{ secrets.PROD_REGION }}" >> $GITHUB_ENV + echo "REGION=${{ secrets.PROD_REGION }}" >> $GITHUB_OUTPUT else echo "Invalid region: ${{ inputs.region }}" exit 1 fi + trigger-push-to-s3: + needs: compute-region + runs-on: ubuntu-latest + steps: - name: Trigger Push to S3 uses: ./.github/workflows/push-to-s3.yml with: - region: ${{ env.REGION }} + region: ${{ needs.compute-region.outputs.region }} architecture: ${{ inputs.architecture }} secrets: role: ${{ secrets.AWS_ROLE_TO_ASSUME }} + \ No newline at end of file From 48e53510be0cfa698a3c09a9988559677508d760 Mon Sep 17 00:00:00 2001 From: Maxime David Date: Sat, 15 Mar 2025 10:54:24 +0000 Subject: [PATCH 05/19] fix: region --- .../workflows/aws-publish-artifact-to-s3.yml | 52 +++++-------------- 1 file changed, 14 insertions(+), 38 deletions(-) diff --git a/.github/workflows/aws-publish-artifact-to-s3.yml b/.github/workflows/aws-publish-artifact-to-s3.yml index f7f9d78676..0176f4c261 100644 --- a/.github/workflows/aws-publish-artifact-to-s3.yml +++ b/.github/workflows/aws-publish-artifact-to-s3.yml @@ -1,4 +1,4 @@ -name: AWS publish artifacts to S3 +name: AWS publish artifacts to ECR permissions: id-token: write @@ -7,15 +7,15 @@ permissions: on: workflow_dispatch: inputs: - region: - description: 'region on which you want to deploy' + environment: + description: 'Environment to deploy' type: choice options: - - dev - - prod + - DEV + - TEST required: true architecture: - description: 'architecture' + description: 'Architecture' type: choice options: - x86_64 @@ -23,35 +23,11 @@ on: required: true jobs: - compute-region: - runs-on: ubuntu-latest - outputs: - region: ${{ steps.set-region.outputs.REGION }} # Expose REGION as job output - steps: - - name: Set Region Variable - id: set-region - run: | - if [[ "${{ inputs.region }}" == "DEV" ]]; then - echo "REGION=${{ secrets.DEV_REGION }}" >> $GITHUB_ENV - echo "REGION=${{ secrets.DEV_REGION }}" >> $GITHUB_OUTPUT - elif [[ "${{ inputs.region }}" == "PROD" ]]; then - echo "REGION=${{ secrets.PROD_REGION }}" >> $GITHUB_ENV - echo "REGION=${{ secrets.PROD_REGION }}" >> $GITHUB_OUTPUT - else - echo "Invalid region: ${{ inputs.region }}" - exit 1 - fi - - trigger-push-to-s3: - needs: compute-region - runs-on: ubuntu-latest - steps: - - name: Trigger Push to S3 - uses: ./.github/workflows/push-to-s3.yml - with: - region: ${{ needs.compute-region.outputs.region }} - architecture: ${{ inputs.architecture }} - secrets: - role: ${{ secrets.AWS_ROLE_TO_ASSUME }} - - \ No newline at end of file + trigger-push-to-ecr: + uses: ./.github/workflows/push-to-ecr.yml + with: + region: ${{ inputs.environment == 'DEV' && secrets.AWS_DEV_REGION || secrets.AWS_PROD_REGION }} + architecture: ${{ inputs.architecture }} + secrets: + role: ${{ secrets.AWS_ROLE_TO_ASSUME }} + account_id: ${{ secrets.AWS_ACCOUNT_ID }} From fe6260f79ad4fa36fa10237eab719387f0fe8f3c Mon Sep 17 00:00:00 2001 From: Maxime David Date: Sat, 15 Mar 2025 10:55:12 +0000 Subject: [PATCH 06/19] fix: region --- .github/workflows/aws-publish-artifact-to-s3.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/aws-publish-artifact-to-s3.yml b/.github/workflows/aws-publish-artifact-to-s3.yml index 0176f4c261..5c7c315282 100644 --- a/.github/workflows/aws-publish-artifact-to-s3.yml +++ b/.github/workflows/aws-publish-artifact-to-s3.yml @@ -1,4 +1,4 @@ -name: AWS publish artifacts to ECR +name: AWS publish artifacts to S3 permissions: id-token: write @@ -23,8 +23,8 @@ on: required: true jobs: - trigger-push-to-ecr: - uses: ./.github/workflows/push-to-ecr.yml + trigger-push-to-s3: + uses: ./.github/workflows/push-to-s3.yml with: region: ${{ inputs.environment == 'DEV' && secrets.AWS_DEV_REGION || secrets.AWS_PROD_REGION }} architecture: ${{ inputs.architecture }} From 52e1203cc4168cf7dd9d55dd1983ba79f7323f37 Mon Sep 17 00:00:00 2001 From: Maxime David Date: Sat, 15 Mar 2025 10:55:34 +0000 Subject: [PATCH 07/19] fix: region --- .github/workflows/aws-publish-artifact-to-s3.yml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/.github/workflows/aws-publish-artifact-to-s3.yml b/.github/workflows/aws-publish-artifact-to-s3.yml index 5c7c315282..6c55f09167 100644 --- a/.github/workflows/aws-publish-artifact-to-s3.yml +++ b/.github/workflows/aws-publish-artifact-to-s3.yml @@ -29,5 +29,4 @@ jobs: region: ${{ inputs.environment == 'DEV' && secrets.AWS_DEV_REGION || secrets.AWS_PROD_REGION }} architecture: ${{ inputs.architecture }} secrets: - role: ${{ secrets.AWS_ROLE_TO_ASSUME }} - account_id: ${{ secrets.AWS_ACCOUNT_ID }} + role: ${{ secrets.AWS_ROLE_TO_ASSUME }} \ No newline at end of file From a097b92429393552a240e03507f487a28cc24c07 Mon Sep 17 00:00:00 2001 From: Maxime David Date: Sat, 15 Mar 2025 11:00:38 +0000 Subject: [PATCH 08/19] fix: region --- .../workflows/aws-publish-artifact-to-s3.yml | 19 ++++++++++++------- 1 file changed, 12 insertions(+), 7 deletions(-) diff --git a/.github/workflows/aws-publish-artifact-to-s3.yml b/.github/workflows/aws-publish-artifact-to-s3.yml index 6c55f09167..198a8c0444 100644 --- a/.github/workflows/aws-publish-artifact-to-s3.yml +++ b/.github/workflows/aws-publish-artifact-to-s3.yml @@ -12,7 +12,7 @@ on: type: choice options: - DEV - - TEST + - PROD required: true architecture: description: 'Architecture' @@ -24,9 +24,14 @@ on: jobs: trigger-push-to-s3: - uses: ./.github/workflows/push-to-s3.yml - with: - region: ${{ inputs.environment == 'DEV' && secrets.AWS_DEV_REGION || secrets.AWS_PROD_REGION }} - architecture: ${{ inputs.architecture }} - secrets: - role: ${{ secrets.AWS_ROLE_TO_ASSUME }} \ No newline at end of file + runs-on: ubuntu-latest + env: + REGION: ${{ inputs.environment == 'PROD' && secrets.AWS_PROD_REGION || secrets.AWS_DEV_REGION }} + steps: + - name: Trigger Push to S3 Workflow + uses: ./.github/workflows/push-to-s3.yml + with: + architecture: ${{ inputs.architecture }} + region: ${{ env.REGION }} + secrets: + role: ${{ secrets.AWS_ROLE_TO_ASSUME }} \ No newline at end of file From 1f09973d80981210e45ec5767a13dce5b96e13bd Mon Sep 17 00:00:00 2001 From: Maxime David Date: Sat, 15 Mar 2025 11:04:47 +0000 Subject: [PATCH 09/19] fix: region --- .../workflows/aws-publish-artifact-to-s3.yml | 29 +++++++++++-------- .github/workflows/push-to-s3.yml | 11 ++++--- 2 files changed, 22 insertions(+), 18 deletions(-) diff --git a/.github/workflows/aws-publish-artifact-to-s3.yml b/.github/workflows/aws-publish-artifact-to-s3.yml index 198a8c0444..072b748e44 100644 --- a/.github/workflows/aws-publish-artifact-to-s3.yml +++ b/.github/workflows/aws-publish-artifact-to-s3.yml @@ -23,15 +23,20 @@ on: required: true jobs: - trigger-push-to-s3: - runs-on: ubuntu-latest - env: - REGION: ${{ inputs.environment == 'PROD' && secrets.AWS_PROD_REGION || secrets.AWS_DEV_REGION }} - steps: - - name: Trigger Push to S3 Workflow - uses: ./.github/workflows/push-to-s3.yml - with: - architecture: ${{ inputs.architecture }} - region: ${{ env.REGION }} - secrets: - role: ${{ secrets.AWS_ROLE_TO_ASSUME }} \ No newline at end of file + trigger-push-to-s3-dev: + if: inputs.environment == 'DEV' + uses: ./.github/workflows/push-to-s3.yml + with: + architecture: ${{ inputs.architecture }} + secrets: + role: ${{ secrets.AWS_ROLE_TO_ASSUME }} + region: ${{ secrets.AWS_DEV_REGION }} + + trigger-push-to-s3-dev: + if: inputs.environment == 'PROD' + uses: ./.github/workflows/push-to-s3.yml + with: + architecture: ${{ inputs.architecture }} + secrets: + role: ${{ secrets.AWS_ROLE_TO_ASSUME }} + region: ${{ secrets.AWS_PROD_REGION }} \ No newline at end of file diff --git a/.github/workflows/push-to-s3.yml b/.github/workflows/push-to-s3.yml index 0f1a97bbcf..5dbcbbf5fb 100644 --- a/.github/workflows/push-to-s3.yml +++ b/.github/workflows/push-to-s3.yml @@ -7,10 +7,6 @@ permissions: on: workflow_call: inputs: - region: - description: 'region on which you want to deploy' - type: string - required: true architecture: description: 'architecture' type: string @@ -19,6 +15,9 @@ on: role: description: 'AWS role to assume' required: true + region: + description: 'AWS region to deploy to' + required: true jobs: setup: @@ -56,7 +55,7 @@ jobs: with: role-to-assume: ${{ secrets.role }} role-session-name: GitHub_Action_LambdaPerf_Session - aws-region: ${{ inputs.region }} + aws-region: ${{ secrets.region }} - uses: actions/checkout@v4 - name: Set up Docker uses: docker/setup-docker-action@v4 @@ -66,7 +65,7 @@ jobs: - name: build and deploy env: ARCHITECTURE: ${{ inputs.architecture }} - AWS_REGION: ${{ inputs.region }} + AWS_REGION: ${{ secrets.region }} RUNTIME_ID: ${{ matrix.runtime_id }} run: | cd s3-uploader From 737385f10ff8a9f0aea8b6aafff45ed9d6d74ee2 Mon Sep 17 00:00:00 2001 From: Maxime David Date: Sat, 15 Mar 2025 11:05:40 +0000 Subject: [PATCH 10/19] fix: region --- .github/workflows/aws-publish-artifact-to-s3.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/aws-publish-artifact-to-s3.yml b/.github/workflows/aws-publish-artifact-to-s3.yml index 072b748e44..2fab558330 100644 --- a/.github/workflows/aws-publish-artifact-to-s3.yml +++ b/.github/workflows/aws-publish-artifact-to-s3.yml @@ -32,7 +32,7 @@ jobs: role: ${{ secrets.AWS_ROLE_TO_ASSUME }} region: ${{ secrets.AWS_DEV_REGION }} - trigger-push-to-s3-dev: + trigger-push-to-s3-prod: if: inputs.environment == 'PROD' uses: ./.github/workflows/push-to-s3.yml with: From 9a99e170aea854fa7947e5cd218584278fda00f5 Mon Sep 17 00:00:00 2001 From: Maxime David Date: Sat, 15 Mar 2025 11:09:48 +0000 Subject: [PATCH 11/19] fix: region --- .github/workflows/aws-publish-artifact-to-s3.yml | 14 +++----------- 1 file changed, 3 insertions(+), 11 deletions(-) diff --git a/.github/workflows/aws-publish-artifact-to-s3.yml b/.github/workflows/aws-publish-artifact-to-s3.yml index 2fab558330..0a242db955 100644 --- a/.github/workflows/aws-publish-artifact-to-s3.yml +++ b/.github/workflows/aws-publish-artifact-to-s3.yml @@ -23,20 +23,12 @@ on: required: true jobs: - trigger-push-to-s3-dev: - if: inputs.environment == 'DEV' + trigger-push-to-s3: + env: + REGION: ${{ inputs.environment == 'PROD' && secrets.AWS_PROD_REGION || secrets.AWS_DEV_REGION }} uses: ./.github/workflows/push-to-s3.yml with: architecture: ${{ inputs.architecture }} secrets: role: ${{ secrets.AWS_ROLE_TO_ASSUME }} region: ${{ secrets.AWS_DEV_REGION }} - - trigger-push-to-s3-prod: - if: inputs.environment == 'PROD' - uses: ./.github/workflows/push-to-s3.yml - with: - architecture: ${{ inputs.architecture }} - secrets: - role: ${{ secrets.AWS_ROLE_TO_ASSUME }} - region: ${{ secrets.AWS_PROD_REGION }} \ No newline at end of file From c67e099ea7cf0412149b8f9fef1fed3a1d70a00d Mon Sep 17 00:00:00 2001 From: Maxime David Date: Sat, 15 Mar 2025 11:16:13 +0000 Subject: [PATCH 12/19] fix: region --- .github/workflows/aws-publish-artifact-to-s3.yml | 6 +++--- .github/workflows/push-to-s3.yml | 15 +++++++++++---- 2 files changed, 14 insertions(+), 7 deletions(-) diff --git a/.github/workflows/aws-publish-artifact-to-s3.yml b/.github/workflows/aws-publish-artifact-to-s3.yml index 0a242db955..1ca948c43c 100644 --- a/.github/workflows/aws-publish-artifact-to-s3.yml +++ b/.github/workflows/aws-publish-artifact-to-s3.yml @@ -24,11 +24,11 @@ on: jobs: trigger-push-to-s3: - env: - REGION: ${{ inputs.environment == 'PROD' && secrets.AWS_PROD_REGION || secrets.AWS_DEV_REGION }} uses: ./.github/workflows/push-to-s3.yml with: architecture: ${{ inputs.architecture }} + environment: ${{ inputs.environment }} secrets: role: ${{ secrets.AWS_ROLE_TO_ASSUME }} - region: ${{ secrets.AWS_DEV_REGION }} + devRegion: ${{ secrets.AWS_DEV_REGION }} + prodRegion: ${{ secrets.AWS_PROD_REGION }} \ No newline at end of file diff --git a/.github/workflows/push-to-s3.yml b/.github/workflows/push-to-s3.yml index 5dbcbbf5fb..60f14ccb87 100644 --- a/.github/workflows/push-to-s3.yml +++ b/.github/workflows/push-to-s3.yml @@ -11,12 +11,19 @@ on: description: 'architecture' type: string required: true + environment: + description: 'environment' + type: string + required: true secrets: role: description: 'AWS role to assume' required: true - region: - description: 'AWS region to deploy to' + devRegion: + description: 'AWS region for DEV' + required: true + prodRegion: + description: 'AWS region for PROD' required: true jobs: @@ -55,7 +62,7 @@ jobs: with: role-to-assume: ${{ secrets.role }} role-session-name: GitHub_Action_LambdaPerf_Session - aws-region: ${{ secrets.region }} + aws-region: ${{ inputs.environment == 'DEV' && secrets.devRegion || inputs.environment == 'PROD' && secrets.prodRegion }} - uses: actions/checkout@v4 - name: Set up Docker uses: docker/setup-docker-action@v4 @@ -65,7 +72,7 @@ jobs: - name: build and deploy env: ARCHITECTURE: ${{ inputs.architecture }} - AWS_REGION: ${{ secrets.region }} + AWS_REGION: ${{ inputs.environment == 'DEV' && secrets.devRegion || inputs.environment == 'PROD' && secrets.prodRegion }} RUNTIME_ID: ${{ matrix.runtime_id }} run: | cd s3-uploader From 774cbf06c834ea7b110a56cdcaa0724601f3fcbb Mon Sep 17 00:00:00 2001 From: Maxime David Date: Sat, 15 Mar 2025 11:22:46 +0000 Subject: [PATCH 13/19] fix: region --- .github/workflows/autobuild.yml | 10 +++++++--- .github/workflows/aws-deploy.yml | 23 ++++++++--------------- .github/workflows/push-to-ecr.yml | 18 ++++++++++-------- 3 files changed, 25 insertions(+), 26 deletions(-) diff --git a/.github/workflows/autobuild.yml b/.github/workflows/autobuild.yml index f9b881c9d3..a5b18a8855 100644 --- a/.github/workflows/autobuild.yml +++ b/.github/workflows/autobuild.yml @@ -17,10 +17,12 @@ jobs: architecture: [x86_64, arm64] uses: ./.github/workflows/push-to-s3.yml with: - region: ${{ secrets.AWS_PROD_REGION }} + environment: PROD architecture: ${{ matrix.architecture }} secrets: role: ${{ secrets.AWS_ROLE_TO_ASSUME }} + devRegion: ${{ secrets.AWS_DEV_REGION }} + prodRegion: ${{ secrets.AWS_PROD_REGION }} trigger-push-to-ecr: needs: trigger-push-to-s3 @@ -30,8 +32,10 @@ jobs: architecture: [x86_64, arm64] uses: ./.github/workflows/push-to-ecr.yml with: - region: ${{ secrets.AWS_PROD_REGION }} + environment: PROD architecture: ${{ matrix.architecture }} secrets: role: ${{ secrets.AWS_ROLE_TO_ASSUME }} - account_id: ${{ secrets.AWS_ACCOUNT_ID }} \ No newline at end of file + account_id: ${{ secrets.AWS_ACCOUNT_ID }} + devRegion: ${{ secrets.AWS_DEV_REGION }} + prodRegion: ${{ secrets.AWS_PROD_REGION }} \ No newline at end of file diff --git a/.github/workflows/aws-deploy.yml b/.github/workflows/aws-deploy.yml index d71bfec14a..82a026d4a1 100644 --- a/.github/workflows/aws-deploy.yml +++ b/.github/workflows/aws-deploy.yml @@ -7,19 +7,12 @@ permissions: on: workflow_dispatch: inputs: - region: - description: 'region on which you want to deploy' + environment: + description: 'Environment to deploy' type: choice options: - - dev - - prod - required: true - lambdaPerfEnv: - description: 'environment on which you want to deploy' - type: choice - options: - - staging - - production + - DEV + - PROD required: true jobs: @@ -62,12 +55,12 @@ jobs: with: role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }} role-session-name: GitHub_Action_LambdaPerf_Session - aws-region: ${{ inputs.region == 'DEV' && secrets.DEV_REGION || inputs.region == 'PROD' && secrets.PROD_REGION }} + aws-region: ${{ inputs.environment == 'DEV' && secrets.DEV_REGION || inputs.environment == 'PROD' && secrets.PROD_REGION }} - name: deploy env: - AWS_REGION: ${{ inputs.region == 'DEV' && secrets.DEV_REGION || inputs.region == 'PROD' && secrets.PROD_REGION }} - LAMBDA_PERF_ENV: ${{ inputs.lambdaPerfEnv }} - SKIP_SNAPSTART: ${{ (inputs.region == 'eu-west-1') && secrets.SKIP_SNAPSTART_DEV || 'false' }} + AWS_REGION: ${{ inputs.environment == 'DEV' && secrets.DEV_REGION || inputs.environment == 'PROD' && secrets.PROD_REGION }} + LAMBDA_PERF_ENV: ${{ inputs.environment == 'PROD' && 'production' || 'dev' }} + SKIP_SNAPSTART: ${{ (inputs.environment == 'DEV') && secrets.SKIP_SNAPSTART_DEV || 'false' }} GITHUB_AUTH_TOKEN: ${{ secrets.GH_AUTH_TOKEN }} AWS_ACCOUNT_ID: ${{ secrets.AWS_ACCOUNT_ID }} run: cd cdk && yarn install && cdk bootstrap && cdk deploy LambdaPerfStack --require-approval never \ No newline at end of file diff --git a/.github/workflows/push-to-ecr.yml b/.github/workflows/push-to-ecr.yml index 07ea4df787..44629ad468 100644 --- a/.github/workflows/push-to-ecr.yml +++ b/.github/workflows/push-to-ecr.yml @@ -7,10 +7,6 @@ permissions: on: workflow_call: inputs: - region: - description: 'region on which you want to deploy' - type: string - required: true architecture: description: 'architecture' type: string @@ -22,6 +18,12 @@ on: account_id: description: 'AWS account id' required: true + devRegion: + description: 'AWS region for DEV' + required: true + prodRegion: + description: 'AWS region for PROD' + required: true jobs: setup: @@ -60,7 +62,7 @@ jobs: with: role-to-assume: ${{ secrets.role }} role-session-name: GitHub_Action_LambdaPerf_Session - aws-region: ${{ inputs.region }} + aws-region: ${{ inputs.environment == 'DEV' && secrets.devRegion || inputs.environment == 'PROD' && secrets.prodRegion }} - name: Delete huge unnecessary folders run: | rm -rf /opt/hostedtoolcache @@ -75,7 +77,7 @@ jobs: - name: build and deploy env: ARCHITECTURE: ${{ inputs.architecture }} - AWS_REGION: ${{ inputs.region }} + AWS_REGION: ${{ inputs.environment == 'DEV' && secrets.devRegion || inputs.environment == 'PROD' && secrets.prodRegion }} RUNTIME_ID: ${{ matrix.runtime_id }} AWS_ACCOUNT_ID: ${{ secrets.account_id }} run: | @@ -92,10 +94,10 @@ jobs: with: role-to-assume: ${{ secrets.role }} role-session-name: GitHub_Action_LambdaPerf_Session - aws-region: ${{ inputs.region }} + aws-region: ${{ inputs.environment == 'DEV' && secrets.devRegion || inputs.environment == 'PROD' && secrets.prodRegion }} - name: clean untagged images env: - AWS_REGION: ${{ inputs.region }} + AWS_REGION: ${{ inputs.environment == 'DEV' && secrets.devRegion || inputs.environment == 'PROD' && secrets.prodRegion }} run: | UNTAGGED_IMAGES=$(aws ecr list-images --region "${AWS_REGION}" --repository-name lambda-perf --filter "tagStatus=UNTAGGED" --query 'imageIds[*]' --output json) if [[ "$UNTAGGED_IMAGES" == "[]" ]]; then From 6b4eeab01b62a4a898daac48a09b1a78b0c1848b Mon Sep 17 00:00:00 2001 From: Maxime David Date: Sat, 15 Mar 2025 11:23:53 +0000 Subject: [PATCH 14/19] fix: region --- .github/workflows/aws-publish-artifact-to-ecr.yml | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) diff --git a/.github/workflows/aws-publish-artifact-to-ecr.yml b/.github/workflows/aws-publish-artifact-to-ecr.yml index d0d98e1372..1bf3e928ee 100644 --- a/.github/workflows/aws-publish-artifact-to-ecr.yml +++ b/.github/workflows/aws-publish-artifact-to-ecr.yml @@ -7,12 +7,13 @@ permissions: on: workflow_dispatch: inputs: - region: - description: 'region on which you want to deploy' + environment: + description: 'Environment to deploy' type: choice options: - - dev - - prod + - DEV + - PROD + required: true required: true architecture: description: 'architecture' @@ -26,9 +27,11 @@ jobs: trigger-push-to-ecr: uses: ./.github/workflows/push-to-ecr.yml with: - region: ${{ inputs.region == 'DEV' && secrets.DEV_REGION || inputs.region == 'PROD' && secrets.PROD_REGION }} architecture: ${{ inputs.architecture }} + environment: ${{ inputs.environment }} secrets: role: ${{ secrets.AWS_ROLE_TO_ASSUME }} account_id: ${{ secrets.AWS_ACCOUNT_ID }} + devRegion: ${{ secrets.AWS_DEV_REGION }} + prodRegion: ${{ secrets.AWS_PROD_REGION }} \ No newline at end of file From dbf08af77a8798c3aa8679b42aeffdbdaf3aec4e Mon Sep 17 00:00:00 2001 From: Maxime David Date: Sat, 15 Mar 2025 11:25:46 +0000 Subject: [PATCH 15/19] fix: region --- .github/workflows/aws-publish-artifact-to-ecr.yml | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/.github/workflows/aws-publish-artifact-to-ecr.yml b/.github/workflows/aws-publish-artifact-to-ecr.yml index 1bf3e928ee..7981bbf6f4 100644 --- a/.github/workflows/aws-publish-artifact-to-ecr.yml +++ b/.github/workflows/aws-publish-artifact-to-ecr.yml @@ -14,9 +14,8 @@ on: - DEV - PROD required: true - required: true architecture: - description: 'architecture' + description: 'Architecture' type: choice options: - x86_64 @@ -34,4 +33,3 @@ jobs: account_id: ${{ secrets.AWS_ACCOUNT_ID }} devRegion: ${{ secrets.AWS_DEV_REGION }} prodRegion: ${{ secrets.AWS_PROD_REGION }} - \ No newline at end of file From b7602ebd4c35d8b01abaa1ae4ba86b1f0a968e1e Mon Sep 17 00:00:00 2001 From: Maxime David Date: Sat, 15 Mar 2025 11:27:00 +0000 Subject: [PATCH 16/19] fix: region --- .github/workflows/push-to-ecr.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.github/workflows/push-to-ecr.yml b/.github/workflows/push-to-ecr.yml index 44629ad468..6194e93cbf 100644 --- a/.github/workflows/push-to-ecr.yml +++ b/.github/workflows/push-to-ecr.yml @@ -11,6 +11,10 @@ on: description: 'architecture' type: string required: true + environment: + description: 'environment' + type: string + required: true secrets: role: description: 'AWS role to assume' From 19902a76bac8584d684fe6e814db5c91fd118eb2 Mon Sep 17 00:00:00 2001 From: Maxime David Date: Sat, 15 Mar 2025 11:32:57 +0000 Subject: [PATCH 17/19] fix: region --- .github/workflows/autobuild.yml | 2 -- .github/workflows/push-to-ecr.yml | 4 ++-- .github/workflows/push-to-s3.yml | 4 ++-- .github/workflows/test.yml | 3 ++- 4 files changed, 6 insertions(+), 7 deletions(-) diff --git a/.github/workflows/autobuild.yml b/.github/workflows/autobuild.yml index a5b18a8855..0101988147 100644 --- a/.github/workflows/autobuild.yml +++ b/.github/workflows/autobuild.yml @@ -21,7 +21,6 @@ jobs: architecture: ${{ matrix.architecture }} secrets: role: ${{ secrets.AWS_ROLE_TO_ASSUME }} - devRegion: ${{ secrets.AWS_DEV_REGION }} prodRegion: ${{ secrets.AWS_PROD_REGION }} trigger-push-to-ecr: @@ -37,5 +36,4 @@ jobs: secrets: role: ${{ secrets.AWS_ROLE_TO_ASSUME }} account_id: ${{ secrets.AWS_ACCOUNT_ID }} - devRegion: ${{ secrets.AWS_DEV_REGION }} prodRegion: ${{ secrets.AWS_PROD_REGION }} \ No newline at end of file diff --git a/.github/workflows/push-to-ecr.yml b/.github/workflows/push-to-ecr.yml index 6194e93cbf..a1c4ca944c 100644 --- a/.github/workflows/push-to-ecr.yml +++ b/.github/workflows/push-to-ecr.yml @@ -24,10 +24,10 @@ on: required: true devRegion: description: 'AWS region for DEV' - required: true + required: false prodRegion: description: 'AWS region for PROD' - required: true + required: false jobs: setup: diff --git a/.github/workflows/push-to-s3.yml b/.github/workflows/push-to-s3.yml index 60f14ccb87..4ec59f5447 100644 --- a/.github/workflows/push-to-s3.yml +++ b/.github/workflows/push-to-s3.yml @@ -21,10 +21,10 @@ on: required: true devRegion: description: 'AWS region for DEV' - required: true + required: false prodRegion: description: 'AWS region for PROD' - required: true + required: false jobs: setup: diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index aa436ffae2..276f642ffc 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -41,7 +41,8 @@ jobs: architecture: [x86_64, arm64] uses: ./.github/workflows/push-to-s3.yml with: - region: ${{ secrets.AWS_DEV_REGION }} + environment: DEV architecture: ${{ matrix.architecture }} secrets: role: ${{ secrets.AWS_ROLE_TO_ASSUME }} + devRegion: ${{ secrets.AWS_DEV_REGION }} From 743117cd8a0483538ed0ffc9bba605f17eccb8e9 Mon Sep 17 00:00:00 2001 From: Maxime David Date: Sat, 15 Mar 2025 11:37:52 +0000 Subject: [PATCH 18/19] fix: token --- .github/workflows/aws-deploy.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/aws-deploy.yml b/.github/workflows/aws-deploy.yml index 82a026d4a1..87ee64620c 100644 --- a/.github/workflows/aws-deploy.yml +++ b/.github/workflows/aws-deploy.yml @@ -61,6 +61,6 @@ jobs: AWS_REGION: ${{ inputs.environment == 'DEV' && secrets.DEV_REGION || inputs.environment == 'PROD' && secrets.PROD_REGION }} LAMBDA_PERF_ENV: ${{ inputs.environment == 'PROD' && 'production' || 'dev' }} SKIP_SNAPSTART: ${{ (inputs.environment == 'DEV') && secrets.SKIP_SNAPSTART_DEV || 'false' }} - GITHUB_AUTH_TOKEN: ${{ secrets.GH_AUTH_TOKEN }} + GITHUB_AUTH_TOKEN: ${{ inputs.environment == 'PROD' && secrets.GH_AUTH_TOKEN || 'no-token-needed' }} AWS_ACCOUNT_ID: ${{ secrets.AWS_ACCOUNT_ID }} run: cd cdk && yarn install && cdk bootstrap && cdk deploy LambdaPerfStack --require-approval never \ No newline at end of file From 966b15fdbf5fdd775142ea9f601f335af703ba35 Mon Sep 17 00:00:00 2001 From: Maxime David Date: Sat, 15 Mar 2025 11:43:04 +0000 Subject: [PATCH 19/19] fix: region --- .github/workflows/aws-deploy.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/aws-deploy.yml b/.github/workflows/aws-deploy.yml index 87ee64620c..8516f68685 100644 --- a/.github/workflows/aws-deploy.yml +++ b/.github/workflows/aws-deploy.yml @@ -55,10 +55,10 @@ jobs: with: role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }} role-session-name: GitHub_Action_LambdaPerf_Session - aws-region: ${{ inputs.environment == 'DEV' && secrets.DEV_REGION || inputs.environment == 'PROD' && secrets.PROD_REGION }} + aws-region: ${{ inputs.environment == 'DEV' && secrets.AWS_DEV_REGION || inputs.environment == 'PROD' && secrets.AWS_PROD_REGION }} - name: deploy env: - AWS_REGION: ${{ inputs.environment == 'DEV' && secrets.DEV_REGION || inputs.environment == 'PROD' && secrets.PROD_REGION }} + AWS_REGION: ${{ inputs.environment == 'DEV' && secrets.AWS_DEV_REGION || inputs.environment == 'PROD' && secrets.AWS_PROD_REGION }} LAMBDA_PERF_ENV: ${{ inputs.environment == 'PROD' && 'production' || 'dev' }} SKIP_SNAPSTART: ${{ (inputs.environment == 'DEV') && secrets.SKIP_SNAPSTART_DEV || 'false' }} GITHUB_AUTH_TOKEN: ${{ inputs.environment == 'PROD' && secrets.GH_AUTH_TOKEN || 'no-token-needed' }}