🐛 post-tge fixes #8
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Deploy (dry run) | |
| on: | |
| workflow_dispatch: | |
| pull_request: | |
| branches: [main] | |
| concurrency: | |
| group: deploy-dry-run-${{ github.ref }} | |
| cancel-in-progress: true | |
| permissions: | |
| id-token: write | |
| contents: read | |
| env: | |
| AWS_REGION: ${{ vars.AWS_REGION }} | |
| ENVIRONMENT: prod | |
| TF_DIR: terraform | |
| jobs: | |
| deploy-dry-run: | |
| runs-on: ubuntu-latest | |
| environment: prod | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: actions/setup-python@v5 | |
| with: | |
| python-version: "3.11" | |
| - uses: hashicorp/setup-terraform@v3 | |
| with: | |
| terraform_version: "~1.0" | |
| - uses: aws-actions/configure-aws-credentials@v4 | |
| with: | |
| role-to-assume: ${{ secrets.AWS_ROLE_ARN }} | |
| aws-region: ${{ env.AWS_REGION }} | |
| - name: Install Poetry | |
| run: pip install poetry poetry-plugin-export | |
| - name: Build Lambda layer (local only) | |
| run: | | |
| mkdir -p build/lambda-layer/python | |
| poetry export -f requirements.txt --without-hashes -o build/requirements.txt | |
| pip install \ | |
| --target build/lambda-layer/python \ | |
| --platform manylinux2014_x86_64 \ | |
| --python-version 3.11 \ | |
| --only-binary=:all: \ | |
| -r build/requirements.txt | |
| cd build/lambda-layer | |
| zip -r ../python-deps.zip python/ > /dev/null | |
| - name: Terraform init | |
| working-directory: ${{ env.TF_DIR }} | |
| run: | | |
| terraform init \ | |
| -backend-config="bucket=aztec-circ-supply-terraform" \ | |
| -backend-config="key=circulating-supply-api" \ | |
| -backend-config="region=${AWS_REGION}" | |
| - name: Terraform plan | |
| working-directory: ${{ env.TF_DIR }} | |
| run: terraform plan -out=tfplan -input=false | |
| env: | |
| TF_VAR_eth_rpc_url: ${{ secrets.ETH_RPC_URL }} | |
| TF_VAR_route53_zone_id: ${{ secrets.ROUTE53_ZONE_ID }} | |
| TF_VAR_aws_region: ${{ env.AWS_REGION }} | |
| TF_VAR_environment: ${{ env.ENVIRONMENT }} | |