Bump github.com/aws/aws-sdk-go-v2/service/ssm from 1.56.10 to 1.56.11 in /instance-scheduler #5488
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build-test-push | |
| on: | |
| push: | |
| branches: | |
| - main | |
| paths: | |
| - "instance-scheduler/**" | |
| - ".github/workflows/build-test-push.yml" | |
| - "**.yaml" | |
| - "**.yml" | |
| - "**.json" | |
| - "Makefile" | |
| pull_request: | |
| branches: | |
| - main | |
| paths: | |
| - "instance-scheduler/**" | |
| - ".github/workflows/build-test-push.yml" | |
| - "**.yaml" | |
| - "**.yml" | |
| - "**.json" | |
| - "Makefile" | |
| workflow_dispatch: | |
| env: | |
| AWS_REGION: "eu-west-2" | |
| ACCOUNT_NUMBER: ${{ secrets.CORE_SHARED_SERVICES_ACCOUNT_ID }} | |
| LAMBDA_ROLE_ARN: "arn:aws:iam::${{ secrets.CORE_SHARED_SERVICES_ACCOUNT_ID }}:role/InstanceSchedulerLambdaFunctionPolicy" | |
| permissions: | |
| id-token: write # This is required for requesting the JWT | |
| contents: read # This is required for actions/checkout | |
| jobs: | |
| build-test-push: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout Repository | |
| uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
| - name: Configure AWS credentials and assume github-actions role | |
| uses: aws-actions/configure-aws-credentials@4fc4975a852c8cd99761e2de1f4ba73402e44dd9 # v4.0.3 | |
| with: | |
| role-to-assume: "arn:aws:iam::${{ env.ACCOUNT_NUMBER }}:role/github-actions" | |
| role-session-name: githubactionsrolesession | |
| aws-region: ${{ env.AWS_REGION }} | |
| - uses: actions/setup-go@f111f3307d8850f501ac008e886eec1fd1932a34 # v5.3.0 | |
| with: | |
| go-version: "1.23" | |
| cache-dependency-path: "**/go.sum" | |
| - uses: aws-actions/setup-sam@819220f63fb333a9a394dd0a5cab2d8303fd17e2 # v2 | |
| - name: SAM Validate | |
| run: | | |
| sam validate --region ${{ env.AWS_REGION }} | |
| # Build inside Docker containers | |
| - name: SAM Build | |
| run: sam build --use-container --region ${{ env.AWS_REGION }} | |
| - name: SAM Local Invoke | |
| run: | | |
| aws sts assume-role --role-arn $LAMBDA_ROLE_ARN --role-session-name githubactionsgotestrolesession > creds | |
| export AWS_ACCESS_KEY_ID=$(cat creds | jq -r '.Credentials.AccessKeyId') | |
| export AWS_SECRET_ACCESS_KEY=$(cat creds | jq -r '.Credentials.SecretAccessKey') | |
| export AWS_SESSION_TOKEN=$(cat creds | jq -r '.Credentials.SessionToken') | |
| # Capture SAM output in a variable | |
| SAM_OUTPUT=$(sam local invoke InstanceSchedulerFunction --event event.json 2>&1) | |
| echo "$SAM_OUTPUT" | |
| # Check for errors in the output | |
| if echo "$SAM_OUTPUT" | grep -i "error"; then | |
| echo "Error detected in SAM invoke output." | |
| exit 1 | |
| fi | |
| unset AWS_ACCESS_KEY_ID AWS_SECRET_ACCESS_KEY AWS_SESSION_TOKEN | |
| - name: Download Go Modules | |
| working-directory: instance-scheduler | |
| run: go mod download | |
| - name: Assume InstanceSchedulerLambdaFunctionPolicy role and run GO tests | |
| working-directory: instance-scheduler | |
| run: | | |
| aws sts assume-role --role-arn $LAMBDA_ROLE_ARN --role-session-name githubactionsgotestrolesession > creds | |
| $(echo "export AWS_ACCESS_KEY_ID=$(echo $(cat creds) | sed -n 's/.*"AccessKeyId": "\([^"]*\)".*/\1/p')") | |
| $(echo "export AWS_SECRET_ACCESS_KEY=$(echo $(cat creds) | sed -n 's/.*"SecretAccessKey": "\([^"]*\)".*/\1/p')") | |
| $(echo "export AWS_SESSION_TOKEN=$(echo $(cat creds) | sed -n 's/.*"SessionToken": "\([^"]*\)".*/\1/p')") | |
| aws sts get-caller-identity | |
| go test -v | |
| unset AWS_ACCESS_KEY_ID AWS_SECRET_ACCESS_KEY AWS_SESSION_TOKEN | |
| - name: Configure AWS credentials and assume github-actions role | |
| uses: aws-actions/configure-aws-credentials@4fc4975a852c8cd99761e2de1f4ba73402e44dd9 # v4.0.3 | |
| with: | |
| role-to-assume: "arn:aws:iam::${{ env.ACCOUNT_NUMBER }}:role/github-actions" | |
| role-session-name: githubactionsrolesession | |
| aws-region: ${{ env.AWS_REGION }} | |
| - name: SAM Package | |
| if: ${{ github.event_name == 'push' && github.ref == 'refs/heads/main' }} | |
| run: sam package --image-repository $ACCOUNT_NUMBER.dkr.ecr.eu-west-2.amazonaws.com/instance-scheduler-ecr-repo --output-template-file packaged-template.yaml | |
| - name: Add the `latest` tag to the container image | |
| if: ${{ github.event_name == 'push' && github.ref == 'refs/heads/main' }} | |
| run: docker tag instanceschedulerfunction:1.2 $ACCOUNT_NUMBER.dkr.ecr.eu-west-2.amazonaws.com/instance-scheduler-ecr-repo:latest | |
| - name: Login to ECR | |
| if: ${{ github.event_name == 'push' && github.ref == 'refs/heads/main' }} | |
| run: aws ecr get-login-password --region eu-west-2 | docker login --username AWS --password-stdin $ACCOUNT_NUMBER.dkr.ecr.eu-west-2.amazonaws.com | |
| - name: Push the container image with the `latest` tag to ECR | |
| if: ${{ github.event_name == 'push' && github.ref == 'refs/heads/main' }} | |
| run: docker push $ACCOUNT_NUMBER.dkr.ecr.eu-west-2.amazonaws.com/instance-scheduler-ecr-repo:latest | |
| - name: Deploy the latest image | |
| if: ${{ github.event_name == 'push' && github.ref == 'refs/heads/main' }} | |
| run: | | |
| IMAGE_TAG=$(grep -w ImageUri packaged-template.yaml | cut -d: -f3) | |
| echo "IMAGE_TAG=$IMAGE_TAG" | |
| aws lambda update-function-code --function-name instance-scheduler-lambda-function --image-uri $ACCOUNT_NUMBER.dkr.ecr.eu-west-2.amazonaws.com/instance-scheduler-ecr-repo:${IMAGE_TAG} |