Skip to content

using existing make commands #555

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
eddalmond1 merged 4 commits into from
Jan 29, 2026
Merged

using existing make commands #555

Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
67e470c
using existing make commands
eddalmond1 Jan 21, 2026
963426b
eli-606 switching to just use the lambda we built initially
eddalmond1 Jan 26, 2026
a7022eb
eli-606 adding missing TF_VAR
eddalmond1 Jan 27, 2026
8ef9da8
Merge branch 'main' into bugfix/eja-eli-606-fixing-terraform-calls
Karthikeyannhs Jan 29, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
101 changes: 45 additions & 56 deletions .github/workflows/release-candidate.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -103,9 +103,9 @@ jobs:
- name: "Get S3 bucket name"
id: bucket
run: |
cd infrastructure/stacks/api-layer
terraform init -backend=true
BUCKET=$(terraform output -raw lambda_artifact_bucket)
cd infrastructure
make terraform env=dev stack=api-layer tf-command=init workspace=default
BUCKET=$(terraform -chdir=./stacks/api-layer output -raw lambda_artifact_bucket)
echo "name=$BUCKET" >> $GITHUB_OUTPUT
echo "📦 S3 Bucket: $BUCKET"

Expand All @@ -124,6 +124,25 @@ jobs:
echo "exists=false" >> $GITHUB_OUTPUT
fi

- name: "Download artifact for workflow reuse"
if: steps.check.outputs.exists == 'true'
run: |
TAG="${{ needs.validate.outputs.dev_tag }}"
BUCKET="${{ steps.bucket.outputs.name }}"
mkdir -p ./dist
aws s3 cp \
"s3://$BUCKET/artifacts/$TAG/lambda.zip" \
./dist/lambda.zip \
--region eu-west-2

- name: "Upload lambda artifact"
if: steps.check.outputs.exists == 'true'
uses: actions/upload-artifact@v4
with:
name: lambda-${{ needs.validate.outputs.dev_tag }}
path: dist/lambda.zip
if-no-files-found: error

rebuild-artifact:
name: "Rebuild and upload artifact (if missing)"
runs-on: ubuntu-latest
Expand Down Expand Up @@ -165,6 +184,13 @@ jobs:
--region eu-west-2
echo "✅ Uploaded artifact to s3://$BUCKET/artifacts/$TAG/lambda.zip"

- name: "Upload lambda artifact"
uses: actions/upload-artifact@v4
with:
name: lambda-${{ needs.validate.outputs.dev_tag }}
path: dist/lambda.zip
if-no-files-found: error

deploy-to-test:
name: "Deploy to Test (optional)"
runs-on: ubuntu-latest
Expand All @@ -189,21 +215,11 @@ jobs:
with:
terraform_version: $(grep '^terraform' .tool-versions | cut -f2 -d' ')

- name: "Configure AWS Credentials (dev) - to download artifact"
uses: aws-actions/configure-aws-credentials@v5
- name: "Download lambda artifact"
uses: actions/download-artifact@v4
with:
role-to-assume: arn:aws:iam::${{ secrets.AWS_ACCOUNT_ID }}:role/service-roles/github-actions-api-deployment-role
aws-region: eu-west-2

- name: "Download lambda from S3 (dev bucket)"
run: |
TAG="${{ needs.validate.outputs.dev_tag }}"
BUCKET="${{ needs.verify-artifact.outputs.s3_bucket }}"
mkdir -p ./dist
aws s3 cp \
"s3://$BUCKET/artifacts/$TAG/lambda.zip" \
./dist/lambda.zip \
--region eu-west-2
name: lambda-${{ needs.validate.outputs.dev_tag }}
path: dist

- name: "Configure AWS Credentials (test)"
uses: aws-actions/configure-aws-credentials@v5
Expand All @@ -220,6 +236,7 @@ jobs:
TF_VAR_API_PRIVATE_KEY_CERT: ${{ secrets.API_PRIVATE_KEY_CERT }}
TF_VAR_SPLUNK_HEC_TOKEN: ${{ secrets.SPLUNK_HEC_TOKEN }}
TF_VAR_SPLUNK_HEC_ENDPOINT: ${{ secrets.SPLUNK_HEC_ENDPOINT }}
TF_VAR_OPERATOR_EMAILS: ${{ vars.SECRET_ROTATION_OPERATOR_EMAILS }}
run: |
mkdir -p ./build
echo "🚀 Deploying ${{ needs.validate.outputs.dev_tag }} to TEST"
Expand All @@ -237,8 +254,9 @@ jobs:
- name: "Get test S3 bucket"
id: test_bucket
run: |
cd infrastructure/stacks/api-layer
BUCKET=$(terraform output -raw lambda_artifact_bucket)
cd infrastructure
make terraform env=test stack=api-layer tf-command=init workspace=default
BUCKET=$(terraform -chdir=./stacks/api-layer output -raw lambda_artifact_bucket)
echo "name=$BUCKET" >> $GITHUB_OUTPUT

- name: "Upload lambda to test S3"
Expand Down Expand Up @@ -295,42 +313,11 @@ jobs:
with:
terraform_version: $(grep '^terraform' .tool-versions | cut -f2 -d' ')

- name: "Determine source bucket (test or dev)"
id: source
run: |
if [[ "${{ inputs.deploy_to_test }}" == "true" ]]; then
echo "environment=test" >> $GITHUB_OUTPUT
else
echo "environment=dev" >> $GITHUB_OUTPUT
fi

- name: "Configure AWS Credentials (source) - to download artifact"
uses: aws-actions/configure-aws-credentials@v5
- name: "Download lambda artifact"
uses: actions/download-artifact@v4
with:
role-to-assume: arn:aws:iam::${{ secrets.AWS_ACCOUNT_ID }}:role/service-roles/github-actions-api-deployment-role
aws-region: eu-west-2

- name: "Get source S3 bucket"
id: source_bucket
env:
ENV: ${{ steps.source.outputs.environment }}
run: |
cd infrastructure
make terraform env=$ENV stack=api-layer tf-command=init workspace=default
cd stacks/api-layer
BUCKET=$(terraform output -raw lambda_artifact_bucket)
echo "name=$BUCKET" >> $GITHUB_OUTPUT
echo "📦 Source bucket ($ENV): $BUCKET"

- name: "Download lambda from source S3"
run: |
TAG="${{ needs.validate.outputs.dev_tag }}"
BUCKET="${{ steps.source_bucket.outputs.name }}"
mkdir -p ./dist
aws s3 cp \
"s3://$BUCKET/artifacts/$TAG/lambda.zip" \
./dist/lambda.zip \
--region eu-west-2
name: lambda-${{ needs.validate.outputs.dev_tag }}
path: dist

- name: "Configure AWS Credentials (preprod)"
uses: aws-actions/configure-aws-credentials@v5
Expand All @@ -347,6 +334,7 @@ jobs:
TF_VAR_API_PRIVATE_KEY_CERT: ${{ secrets.API_PRIVATE_KEY_CERT }}
TF_VAR_SPLUNK_HEC_TOKEN: ${{ secrets.SPLUNK_HEC_TOKEN }}
TF_VAR_SPLUNK_HEC_ENDPOINT: ${{ secrets.SPLUNK_HEC_ENDPOINT }}
TF_VAR_OPERATOR_EMAILS: ${{ vars.SECRET_ROTATION_OPERATOR_EMAILS }}
run: |
mkdir -p ./build
echo "🚀 Deploying ${{ needs.validate.outputs.dev_tag }} to PREPROD"
Expand Down Expand Up @@ -381,8 +369,9 @@ jobs:
- name: "Get preprod S3 bucket"
id: preprod_bucket
run: |
cd infrastructure/stacks/api-layer
BUCKET=$(terraform output -raw lambda_artifact_bucket)
cd infrastructure
make terraform env=preprod stack=api-layer tf-command=init workspace=default
BUCKET=$(terraform -chdir=./stacks/api-layer output -raw lambda_artifact_bucket)
echo "name=$BUCKET" >> $GITHUB_OUTPUT

- name: "Upload lambda to preprod S3"
Expand Down
Loading