.github/workflows/node-build.yml #43
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build & Dockerize Node.js Server | |
| on: | |
| workflow_dispatch: | |
| inputs: | |
| DEFAULT_APPLICATION_ENVIRONMENT: | |
| required: true | |
| type: string | |
| default: dev | |
| permissions: | |
| id-token: write | |
| contents: read | |
| packages: write | |
| jobs: | |
| build-node-server: | |
| runs-on: ubuntu-latest | |
| env: | |
| NPMRC: ${{ secrets.NPMRC }} | |
| IMAGE_NAME: ${{ github.repository_owner }}/nr-bcws-wfprev-wfprev-gdb-extractor | |
| AWS_REGION: ca-central-1 | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Set up Node.js | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: '20' | |
| - name: Add .npmrc file | |
| run: echo -e "$NPMRC" > ./node/wfprev-gdb-extractor/.npmrc # Ensure it's in the right directory | |
| - name: Clear cache | |
| working-directory: ./node/wfprev-gdb-extractor | |
| run: | | |
| rm -f package-lock.json | |
| rm -rf node_modules | |
| npm cache clean --force | |
| - name: Install dependencies | |
| working-directory: ./node/wfprev-gdb-extractor | |
| run: npm install | |
| # Package Lambda function code | |
| - name: Create Lambda deployment package | |
| working-directory: ./node/wfprev-gdb-extractor | |
| run: | | |
| npm prune --production | |
| zip -r ../../lambda-deployment.zip . -x "*.git*" "*.github*" "tests/*" "*.zip" | |
| # Authenticate to AWS using OIDC and assume IAM role | |
| - name: Configure AWS credentials (OIDC) | |
| uses: aws-actions/configure-aws-credentials@v4 | |
| with: | |
| role-to-assume: arn:aws:iam::183631341627:role/github-actions-role | |
| aws-region: ${{ env.AWS_REGION }} | |
| role-session-name: GitHubActions | |
| # Docker setup | |
| - name: Set up QEMU | |
| uses: docker/setup-qemu-action@v2 | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v2 | |
| - name: Login to GitHub Container Registry | |
| uses: docker/login-action@v2 | |
| with: | |
| registry: ${{ vars.REGISTRY }} | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Extract Docker metadata | |
| id: meta | |
| uses: docker/metadata-action@v5 | |
| with: | |
| images: ${{ vars.REGISTRY }}/${{ env.IMAGE_NAME }} | |
| tags: | | |
| type=schedule | |
| type=ref,event=branch | |
| type=ref,event=pr | |
| type=ref,event=tag | |
| type=raw,value=${{ github.sha }} | |
| - name: List files in ./node/wfprev-gdb-extractor | |
| run: ls -al ./node/wfprev-gdb-extractor | |
| - name: Build and push Docker image | |
| uses: docker/build-push-action@v6 | |
| with: | |
| context: ./node/wfprev-gdb-extractor | |
| file: ./node/wfprev-gdb-extractor/Dockerfile | |
| push: true | |
| tags: ${{ steps.meta.outputs.tags }} | |
| labels: ${{ steps.meta.outputs.labels }} | |
| - name: Tag and push latest image | |
| run: | | |
| IMAGE=${{ vars.REGISTRY }}/${{ github.repository_owner }}/nr-bcws-wfprev-wfprev-gdb-extractor | |
| docker pull $IMAGE:${{ github.sha }} | |
| docker tag $IMAGE:${{ github.sha }} $IMAGE:latest | |
| docker push $IMAGE:latest |