.github/workflows/release.yml

# Licensed to Muhammad Hamadto

#   Licensed under the Apache License, Version 2.0 (the "License");
#   you may not use this file except in compliance with the License.
#   You may obtain a copy of the License at
#     http://www.apache.org/licenses/LICENSE-2.0

#   See the NOTICE file distributed with this work for additional information regarding copyright ownership.

#   Unless required by applicable law or agreed to in writing, software
#   distributed under the License is distributed on an "AS IS" BASIS,
#   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
#   See the License for the specific language governing permissions and
#   limitations under the License.

name: "Deploy to AWS"
#run-name: Deploy to ${{ inputs.deploy_target }} by @${{ github.actor }}

on:
  release:
    types: [ published ]

jobs:
  release:
    runs-on: ubuntu-latest
    container:
      image: ghcr.io/muhamadto/spring-native-amazonlinux2-builder:20-amazonlinux2
      options: --user=worker:ci
    permissions:
      id-token: write
      contents: read
    env:
      ENV: dev
      COST_CENTRE: coffeebeans-core
      AWS_DEFAULT_REGION: 'ap-southeast-2'
      GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
    steps:
      - name: Configure AWS credentials
        uses: aws-actions/configure-aws-credentials@master
        with:
          role-to-assume: ${{ secrets.ROLE_ARN }}
          duration_seconds: 3600
          role-session-name: github-actions-example-lambda
          aws-region: ap-southeast-2
      - name: Checkout repository
        uses: actions/checkout@v3
      - name: Cache Maven packages
        uses: actions/cache@v3
        with:
          path: ~/.m2
          key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }}
          restore-keys: ${{ runner.os }}-m2
      - name: Build with Maven
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
          ENV: ${{ env.ENV }}
          COST_CENTRE: ${{ env.COST_CENTRE }}
        run: ./mvnw -ntp -Pnative clean package -DskipTests=true
      - name: cdk diff
        uses: muhamadto/aws-cdk-github-actions@v3
        with:
          cdk_subcommand: 'diff'
          actions_comment: false
      - name: cdk deploy
        uses: muhamadto/aws-cdk-github-actions@v3
        with:
          cdk_subcommand: 'deploy'
          cdk_args: '--require-approval never'
          actions_comment: false