Untitled

mail@pastecode.io avatar
unknown
plain_text
12 days ago
2.4 kB
2
Indexable
Never
on:
  pull_request:
    branches:
      - master
  push:
    branches:
      - master
    tags:
      - v*
  workflow_dispatch:

# makes sure only one of the CI/CD pipeline is running for a given ref
concurrency:
  group: ${{ github.workflow }}-${{ github.ref }}
  cancel-in-progress: true

env:
  AWS_PRIMARY_REGION: us-east-1
  AWS_SECONDARY_REGION: us-west-2
  AWS_DEV_ACCOUNT: 681380316089
  AWS_STAGING_ACCOUNT: 925035509116
  AWS_PROD_ACCOUNT: 412680261715
jobs:
  cdk-build:
    permissions:
      # These permissions are needed to interact with GitHub's OIDC Token endpoint.
      id-token: write
      contents: read
    uses: ./.github/workflows/cdk-build-test.yaml
    with:
      aws-dev-account: 681380316089
      aws-staging-account: 925035509116
      aws-prod-account: 412680261715
      aws-primary-region: us-east-1
      aws-secondary-region: us-west-2
    secrets: inherit

  cdk-deploy-dev:
    if: ${{ false }}
    needs: cdk-build
    permissions:
      # These permissions are needed to interact with GitHub's OIDC Token endpoint.
      id-token: write
      contents: read
    uses: ./.github/workflows/cdk-deploy.yaml
    with:
      aws-environment: dev
      aws-account: 681380316089
      aws-primary-region: us-east-1
      aws-secondary-region: us-west-2
    secrets: inherit

  cdk-deploy-staging:
    if: ${{ false && success() && ( github.ref == 'refs/heads/master' || startsWith(github.ref, 'refs/tags/v') ) }}
    needs: cdk-build
    permissions:
      # These permissions are needed to interact with GitHub's OIDC Token endpoint.
      id-token: write
      contents: read
    uses: ./.github/workflows/cdk-deploy.yaml
    with:
      aws-environment: staging
      aws-account: 925035509116
      aws-primary-region: us-east-1
      aws-secondary-region: us-west-2
    secrets: inherit

  cdk-deploy-prod:
    if: ${{ false && success() && startsWith(github.ref, 'refs/tags/v') }}
    needs: cdk-deploy-staging
    permissions:
      # These permissions are needed to interact with GitHub's OIDC Token endpoint.
      id-token: write
      contents: read
    uses: ./.github/workflows/cdk-deploy.yaml
    with:
      aws-environment: prod
      aws-account: 412680261715
      aws-primary-region: us-east-1
      aws-secondary-region: us-west-2
    secrets: inherit
Leave a Comment