1+ name : Lambda Layer - Python Requirements
2+
3+ # Installed Software
4+ # https://github.com/actions/virtual-environments/blob/main/images/linux/Ubuntu2004-README.md
5+
6+ # Python Layer Paths
7+ # https://docs.aws.amazon.com/lambda/latest/dg/configuration-layers.html#configuration-layers-path
8+
9+ # Controls when the workflow will run
10+ on :
11+ push :
12+ branches :
13+ - main
14+ pull_request :
15+ branches :
16+ - main
17+
18+ # Allows you to run this workflow manually from the Actions tab
19+ workflow_dispatch :
20+
21+ jobs :
22+ build :
23+ name : Build Lambda Layer
24+ runs-on : ubuntu-latest
25+ steps :
26+ - uses : actions/checkout@v2
27+
28+ - name : Use Python ${{ matrix.node-version }}
29+ uses : actions/setup-python@v2
30+ with :
31+ python-version : 3.9
32+
33+ - name : Install Requirements
34+ working-directory : ./src/layer
35+ run : mkdir -p python/lib/python3.9/site-packages && pip install -r requirements.txt -t ./python/lib/python3.9/site-packages
36+
37+ - name : Create Zip of Dependencies
38+ working-directory : ./src/layer
39+ run : zip -r lambda_layer.zip ./python
40+
41+ - uses : actions/upload-artifact@v2
42+ with :
43+ name : python-requirements
44+ path : ./src/layer/lambda_layer.zip
45+
46+ deploynonprod :
47+ name : Deploy to NonProd
48+ runs-on : ubuntu-latest
49+ needs : build
50+ environment :
51+ name : NonProd
52+ outputs :
53+ layer_version : ${{ steps.build-layer.outputs.layer_version }}
54+ layer_arn : ${{ steps.build-layer.outputs.layer_arn }}
55+ steps :
56+ - uses : actions/checkout@v2
57+ - uses : actions/download-artifact@v2
58+ with :
59+ name : python-requirements
60+
61+ - uses : aws-actions/configure-aws-credentials@v1
62+ with :
63+ aws-access-key-id : ${{ secrets.AWS_ACCESS_KEY_ID }}
64+ aws-secret-access-key : ${{ secrets.AWS_SECRET_ACCESS_KEY }}
65+ aws-region : ${{ secrets.AWS_REGION }}
66+
67+ - name : Upload Zip and Create Layer
68+ id : build-layer
69+ run : |
70+ date=$(date +"%d_%m_%Y")
71+ folder_path="nonprod/${date}"
72+ layer_name="python_lambda_layer_${date}"
73+ aws s3 cp ./lambda_layer.zip s3://${{ secrets.BUCKET_NAME }}/${folder_path}/lambda_layer.zip
74+ response=$(aws lambda publish-layer-version --layer-name ${layer_name} \
75+ --description "Python Development Layer" \
76+ --content S3Bucket=${{ secrets.BUCKET_NAME }},S3Key=${folder_path}/lambda_layer.zip \
77+ --compatible-runtimes "python3.8" "python3.9")
78+
79+ layer_version=$(echo $response | jq -r '.Version')
80+ echo "::set-output name=layer_version::$(echo $response | jq -r '.Version')"
81+ echo "::set-output name=layer_arn::$(echo $response | jq -r '.LayerArn')"
82+ echo "Layer Version: $layer_version"
83+
84+ # - name: Lambda Layer Permission
85+ # run: |
86+ # aws lambda add-layer-version-permission --layer-name ${layer_name} \
87+ # --version-number ${{ steps.build-layer.outputs.layer_version }} --action lambda:GetLayerVersion \
88+ # --statement-id GrantAccountAccess --principal "*"
89+
90+ deployprod :
91+ name : Deploy to Prod
92+ runs-on : ubuntu-latest
93+ needs : [build, deploynonprod]
94+ environment :
95+ name : Prod
96+ outputs :
97+ layer_version : ${{ steps.build-layer.outputs.layer_version }}
98+ layer_arn : ${{ steps.build-layer.outputs.layer_arn }}
99+ steps :
100+ - uses : actions/checkout@v2
101+ - uses : actions/download-artifact@v2
102+ with :
103+ name : python-requirements
104+
105+ - uses : aws-actions/configure-aws-credentials@v1
106+ with :
107+ aws-access-key-id : ${{ secrets.AWS_ACCESS_KEY_ID }}
108+ aws-secret-access-key : ${{ secrets.AWS_SECRET_ACCESS_KEY }}
109+ aws-region : ${{ secrets.AWS_REGION }}
110+
111+ - name : Upload Zip and Create Layer
112+ id : build-layer
113+ run : |
114+ date=$(date +"%d_%m_%Y")
115+ folder_path="prod/${date}"
116+ layer_name="python_lambda_layer_${date}"
117+ aws s3 cp ./lambda_layer.zip s3://${{ secrets.BUCKET_NAME }}/${folder_path}/lambda_layer.zip
118+ response=$(aws lambda publish-layer-version --layer-name ${layer_name} \
119+ --description "Python Development Layer" \
120+ --content S3Bucket=${{ secrets.BUCKET_NAME }},S3Key=${folder_path}/lambda_layer.zip \
121+ --compatible-runtimes "python3.8" "python3.9")
122+
123+ layer_version=$(echo $response | jq -r '.Version')
124+ echo "::set-output name=layer_version::$(echo $response | jq -r '.Version')"
125+ echo "::set-output name=layer_arn::$(echo $response | jq -r '.LayerArn')"
126+ echo "Layer Version: $layer_version"
127+
128+ name : Lambda Layer Permission
129+ run : |
130+ aws lambda add-layer-version-permission --layer-name $layer_name \
131+ --version-number ${{ steps.build-layer.outputs.layer_version }} --action lambda:GetLayerVersion \
132+ --statement-id GrantAccountAccess --principal "*"
0 commit comments