GitHub Action
AWS CDK GitHub Actions with Java
v1
Latest version
AWS-Java-CDK GitHub Actions allow you to run cdk deploy
and cdk diff
and ... on your pull requests to help you review.
- Java (11)
but also:
- TypeScript
- JavaScript
- Python
on: [push]
jobs:
aws_cdk:
runs-on: ubuntu-latest
steps:
- name: cdk bootstrap
uses: parameswaranvv/aws-java-cdk-github-actions@v1
with:
cdk_subcommand: 'bootstrap'
actions_comment: false
env:
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
AWS_DEFAULT_REGION: 'us-east-1'
CDK_DEFAULT_ACCOUNT: ${{ secrets.CDK_DEFAULT_ACCOUNT }}
CDK_DEFAULT_REGION: ${{ secrets.CDK_DEFAULT_REGION }}
- name: cdk diff
uses: parameswaranvv/aws-java-cdk-github-actions@v1
with:
cdk_subcommand: 'diff'
actions_comment: true
env:
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
AWS_DEFAULT_REGION: 'us-east-1'
- name: cdk deploy
uses: parameswaranvv/aws-java-cdk-github-actions@v1
with:
cdk_subcommand: 'deploy'
cdk_stack: 'stack1'
cdk_args: '--require-approval never'
actions_comment: false
env:
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
AWS_DEFAULT_REGION: 'us-east-1'
- name: cdk synth
uses: parameswaranvv/aws-java-cdk-github-actions@v1.1.0
with:
cdk_subcommand: 'synth'
cdk_version: '1.16.2'
working_dir: 'src'
env:
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
AWS_DEFAULT_REGION: 'us-east-1'
cdk_subcommand
Required AWS CDK subcommand to execute (synth, diff, deploy, doctor,...).cdk_version
AWS CDK version to install. (default: 'latest')cdk_stack
AWS CDK stack name to execute. (default: '*')working_dir
AWS CDK working directory. (default: '.')actions_comment
Whether or not to comment on pull requests. (default: true)debug_log
Enable debug-log. (default: false)
status_code
Returned status code.
AWS_ACCESS_KEY_ID
OptionalAWS_SECRET_ACCESS_KEY
OptionalGITHUB_TOKEN
Required foractions_comment=true
Using long-living credentials and injecting them into your workflow environment is generally a bad habit.
Github recently improved the workflow authentication experience by injecting an Open Id Connect Token into your workflow environment. I recommend favouring this approach over using long living credentials. You can read more about this in this blog post.
To easily configure your AWS environment in any workflow, I recommend using the aws-actions/configure-aws-credentials, it's really straight forward.