Pulumi #11
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Pulumi | |
on: | |
workflow_dispatch: | |
inputs: | |
environment: | |
type: choice | |
description: GitHub Environment | |
options: | |
- dev | |
default: dev | |
pulumi_task: | |
type: choice | |
description: Pulumi task to execute | |
options: | |
- deploy | |
- destroy | |
default: deploy | |
az_number: | |
type: string | |
description: Number of Availability Zones | |
default: "2" | |
container_image_uri: | |
type: string | |
description: Image URI | |
default: "nginx" | |
container_cpu: | |
type: string | |
description: Container CPU | |
default: "256" | |
container_memory: | |
type: string | |
description: Container Memory | |
default: "512" | |
container_port: | |
type: string | |
description: Container Port | |
default: "80" | |
host_port: | |
type: string | |
description: Host Port | |
default: "80" | |
env: | |
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
AWS_REGION: ${{ vars.AWS_REGION }} | |
AWS_SESSION_TOKEN: ${{ secrets.AWS_SESSION_TOKEN }} | |
PULUMI_CONFIG_PASSPHRASE: ${{ secrets.PULUMI_CONFIG_PASSPHRASE }} | |
GITHUB_ENVIRONMENT: ${{ inputs.environment }} | |
AWS_RESOURCE_PREFIX: "pulumi-${{ inputs.environment }}" | |
AWS_RESOURCE_SHORT_PREFIX: "p-${{ inputs.environment }}" # Max 6 chars | |
AWS_AZ_NUMBER: ${{ inputs.az_number }} | |
CONTAINER_IMAGE_URI: ${{ inputs.container_image_uri }} | |
CONTAINER_CPU: ${{ inputs.container_cpu }} | |
CONTAINER_MEMORY: ${{ inputs.container_memory }} | |
CONTAINER_PORT: ${{ inputs.container_port }} | |
HOST_PORT: ${{ inputs.host_port }} | |
PULUMI_TASK: ${{ inputs.pulumi_task }} | |
jobs: | |
preview: | |
name: Pulumi Preview | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: actions/setup-python@v5 | |
with: | |
python-version: 3.12 | |
- name: Configure AWS Credentials | |
uses: aws-actions/configure-aws-credentials@v4 | |
with: | |
aws-access-key-id: ${{ env.AWS_ACCESS_KEY_ID }} | |
aws-region: ${{ env.AWS_REGION }} | |
aws-secret-access-key: ${{ env.AWS_SECRET_ACCESS_KEY }} | |
aws-session-token: ${{ env.AWS_SESSION_TOKEN }} | |
- name: Install pulumi and login to S3 | |
run: | | |
pip install pulumi | |
pulumi login s3://pulumi-lab-state2 | |
- name: Setup pulumi stack and variables | |
run: | | |
pulumi stack select --create $GITHUB_ENVIRONMENT | |
pulumi config set aws:region $AWS_REGION | |
pulumi config set region $AWS_REGION | |
pulumi config set az_number $AWS_AZ_NUMBER | |
pulumi config set prefix $AWS_RESOURCE_PREFIX | |
pulumi config set short_prefix $AWS_RESOURCE_SHORT_PREFIX | |
pulumi config set image_uri $CONTAINER_IMAGE_URI | |
pulumi config set cpu $CONTAINER_CPU | |
pulumi config set memory $CONTAINER_MEMORY | |
pulumi config set container_port $CONTAINER_PORT | |
pulumi config set host_port $HOST_PORT | |
working-directory: pulumi | |
- name: Pulumi Deploy Preview | |
if: env.PULUMI_TASK == 'deploy' | |
run: | | |
pulumi preview | |
working-directory: pulumi | |
- name: Pulumi Deploy Preview (Detailed) | |
if: env.PULUMI_TASK == 'deploy' | |
run: | | |
pulumi preview --json | |
working-directory: pulumi | |
- name: Pulumi Destroy Preview | |
if: env.PULUMI_TASK == 'destroy' | |
run: | | |
pulumi destroy --diff | |
working-directory: pulumi | |
apply: | |
name: Pulumi Apply | |
runs-on: ubuntu-latest | |
needs: preview | |
environment: ${{ inputs.environment }} | |
steps: | |
- uses: actions/checkout@v2 | |
- uses: actions/setup-python@v2 | |
with: | |
python-version: 3.12 | |
- name: Configure AWS Credentials | |
uses: aws-actions/configure-aws-credentials@v4 | |
with: | |
aws-access-key-id: ${{ env.AWS_ACCESS_KEY_ID }} | |
aws-region: ${{ env.AWS_REGION }} | |
aws-secret-access-key: ${{ env.AWS_SECRET_ACCESS_KEY }} | |
aws-session-token: ${{ env.AWS_SESSION_TOKEN }} | |
- name: Install pulumi and login to S3 | |
run: | | |
pip install pulumi | |
pulumi login s3://pulumi-lab-state2 | |
- name: Setup pulumi stack and variables | |
run: | | |
pulumi stack select --create $GITHUB_ENVIRONMENT | |
pulumi config set aws:region $AWS_REGION | |
pulumi config set region $AWS_REGION | |
pulumi config set az_number $AWS_AZ_NUMBER | |
pulumi config set prefix $AWS_RESOURCE_PREFIX | |
pulumi config set short_prefix $AWS_RESOURCE_SHORT_PREFIX | |
pulumi config set image_uri $CONTAINER_IMAGE_URI | |
pulumi config set cpu $CONTAINER_CPU | |
pulumi config set memory $CONTAINER_MEMORY | |
pulumi config set container_port $CONTAINER_PORT | |
pulumi config set host_port $HOST_PORT | |
working-directory: pulumi | |
- name: Pulumi Deploy | |
run: | | |
pulumi up --yes | |
working-directory: pulumi | |
if: env.PULUMI_TASK == 'deploy' | |
- name: Pulumi Destroy | |
run: | | |
pulumi destroy --yes | |
working-directory: pulumi | |
if: env.PULUMI_TASK == 'destroy' |