Merge pull request #15 from johnwmail/dev #10
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build and Deploy to Lambda | |
| on: | |
| workflow_dispatch: | |
| inputs: | |
| function_name: | |
| description: "Override Lambda function name (optional). If empty, uses LAMBDA_FUNCTION_NAME environment variable." | |
| required: false | |
| default: "" | |
| push: | |
| branches: | |
| - 'deploy/lambda' | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.ref }} | |
| cancel-in-progress: true | |
| jobs: | |
| deploy-lambda: | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: read | |
| env: | |
| GOOS: linux | |
| GOARCH: arm64 | |
| CGO_ENABLED: 0 | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Set up Go | |
| uses: actions/setup-go@v5 | |
| with: | |
| go-version-file: 'go.mod' | |
| - name: Get Go version | |
| id: go-version | |
| run: echo "version=$(go version | awk '{print $3}' | sed 's/go//')" >> $GITHUB_OUTPUT | |
| - name: Cache Go modules | |
| uses: actions/cache@v4 | |
| with: | |
| path: | | |
| ~/.cache/go-build | |
| ~/go/pkg/mod | |
| key: ${{ runner.os }}-go-${{ steps.go-version.outputs.version }}-${{ hashFiles('**/go.sum') }} | |
| restore-keys: | | |
| ${{ runner.os }}-go-${{ steps.go-version.outputs.version }}- | |
| - name: Download deps | |
| run: go mod download | |
| - name: Set VERSION variable (tag or short SHA) | |
| id: version | |
| run: | | |
| TAG=$(git describe --tags --exact-match 2>/dev/null || true) | |
| if [ -n "$TAG" ]; then | |
| VERSION="$TAG" | |
| else | |
| VERSION="sha-${GITHUB_SHA::7}" | |
| fi | |
| echo "VERSION=$VERSION" >> $GITHUB_ENV | |
| echo "Using VERSION: $VERSION" | |
| env: | |
| GITHUB_SHA: ${{ github.sha }} | |
| - name: Build Lambda bootstrap | |
| run: | | |
| go build \ | |
| -ldflags "-X main.BuildTime=$(date --utc +%Y-%m-%dT%H:%M:%SZ) -X main.CommitHash=${{ github.sha }} -X main.Version=${VERSION}" \ | |
| -tags netgo -trimpath \ | |
| -o ./bootstrap ./... | |
| - name: Prepare code artifacts | |
| run: | | |
| mkdir -p lambda-artifacts | |
| mv -f bootstrap lambda-artifacts/bootstrap | |
| cp -r static lambda-artifacts/static | |
| ls -l lambda-artifacts | |
| - name: Configure AWS credentials | |
| uses: aws-actions/configure-aws-credentials@v4 | |
| with: | |
| aws-region: ${{ secrets.AWS_REGION }} | |
| aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID_DEPLOY_LAMBDA }} | |
| aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY_DEPLOY_LAMBDA }} | |
| - name: Resolve Lambda function name | |
| id: resolve-fn | |
| run: | | |
| FN_IN="${{ inputs.function_name }}" | |
| if [ -n "${FN_IN}" ]; then | |
| echo "Using function name from manual input: ${FN_IN}" | |
| echo "name=${FN_IN}" >> "$GITHUB_OUTPUT" | |
| exit 0 | |
| fi | |
| if [ -z "${{ vars.LAMBDA_FUNCTION_NAME }}" ]; then | |
| echo "LAMBDA_FUNCTION_NAME variable is required when no manual input is provided" >&2 | |
| exit 1 | |
| fi | |
| echo "Using function name from secret" | |
| echo "name=${{ vars.LAMBDA_FUNCTION_NAME }}" >> "$GITHUB_OUTPUT" | |
| - name: Deploy Lambda Function | |
| id: lambda-deploy | |
| uses: aws-actions/aws-lambda-deploy@v1 | |
| with: | |
| function-name: ${{ steps.resolve-fn.outputs.name }} | |
| code-artifacts-dir: lambda-artifacts | |
| architectures: arm64 | |
| runtime: provided.al2023 | |
| handler: bootstrap | |
| publish: true | |
| role: ${{ secrets.LAMBDA_EXECUTION_ROLE }} | |
| s3-bucket: "${{ vars.BUCKET }}" | |
| environment: '{"BUCKET":"${{ vars.BUCKET }}","S3_PREFIX":"${{ vars.S3_PREFIX }}","GIN_MODE":"release"}' | |
| - name: Post-deploy info | |
| run: | | |
| echo "Function ARN: ${{ steps.lambda-deploy.outputs.function-arn }}" | |
| echo "Version: ${{ steps.lambda-deploy.outputs.version }}" |