11name : Test and Deploy
22
3- # Triggers on pushes to main, dev and tags.
43on :
54 workflow_dispatch :
65 push :
109 tags :
1110 - ' v*'
1211 paths :
13- # Only run test and docker publish if some code have changed
1412 - ' pyproject.toml'
1513 - ' infrastructure/aws/**'
1614 - ' titiler/**'
1715 - ' .pre-commit-config.yaml'
18- # Run tests on pull requests.
1916 pull_request :
17+
2018env :
2119 LATEST_PY_VERSION : ' 3.12'
2220
2321permissions :
24- id-token : write # This is required for requesting the JWT
25- contents : read # This is required for actions/checkout
22+ id-token : write
23+ contents : read
24+
2625
2726jobs :
2827 tests :
@@ -55,13 +54,21 @@ jobs:
5554name : Run tests
5655 run : uv run pytest
5756
58- deploy :
57+ cdk-checks :
5958 needs : [tests]
6059 runs-on : ubuntu-latest
60+ environment : dev
61+ if : github.event_name == 'pull_request'
6162 env :
6263 UV_PYTHON : 3.12
63- STACK_READER_ROLE_ARN : ${{ secrets.READER_ROLE_ARN }}
64+ TITILER_MULTIDIM_PYTHONWARNINGS : ignore
65+ TITILER_MULTIDIM_DEBUG : true
6466 STACK_ALARM_EMAIL : ${{ secrets.ALARM_EMAIL }}
67+ STACK_CDK_DEFAULT_ACCOUNT : ${{ vars.STACK_CDK_DEFAULT_ACCOUNT }}
68+ STACK_CDK_DEFAULT_REGION : ${{ vars.STACK_CDK_DEFAULT_REGION }}
69+ STACK_READER_ROLE_ARN : ${{ vars.STACK_READER_ROLE_ARN }}
70+ STACK_STAGE : ${{ vars.STACK_STAGE }}
71+ STACK_VPC_ID : ${{ vars.STACK_VPD_ID }}
6572
6673 defaults :
6774 run :
@@ -73,60 +80,81 @@ jobs:
7380 - name : Configure AWS credentials
7481 uses : aws-actions/configure-aws-credentials@v4
7582 with :
76- role-to-assume : arn:aws:iam::444055461661:role/github-actions-role-eodc
77- role-session-name : samplerolesession
78- aws-region : us-west-2
83+ role-to-assume : ${{ vars.AWS_ROLE_ARN }}
84+ role-session-name : github-actions-pr
85+ aws-region : ${{ vars.STACK_CDK_DEFAULT_REGION }}
7986
80- - name : Install node and related deps
81- uses : actions/setup-node@v4
87+ - uses : ./.github/actions/cdk-deploy
8288 with :
83- node-version : 20
89+ dir : ' infrastructure/aws'
90+ skip_deploy : true
8491
85- - name : Install uv
86- uses : astral-sh/setup-uv@v3
92+ deploy-development :
93+ needs : [tests]
94+ runs-on : ubuntu-latest
95+ environment : dev
96+ if : github.ref == 'refs/heads/main' || github.ref == 'refs/heads/dev'
97+ env :
98+ UV_PYTHON : 3.12
99+ TITILER_MULTIDIM_PYTHONWARNINGS : ignore
100+ TITILER_MULTIDIM_DEBUG : true
101+ STACK_ALARM_EMAIL : ${{ secrets.ALARM_EMAIL }}
102+ STACK_CDK_DEFAULT_ACCOUNT : ${{ vars.STACK_CDK_DEFAULT_ACCOUNT }}
103+ STACK_CDK_DEFAULT_REGION : ${{ vars.STACK_CDK_DEFAULT_REGION }}
104+ STACK_READER_ROLE_ARN : ${{ vars.STACK_READER_ROLE_ARN }}
105+ STACK_STAGE : ${{ vars.STACK_STAGE }}
106+ STACK_VPC_ID : ${{ vars.STACK_VPD_ID }}
107+
108+ defaults :
109+ run :
110+ working-directory : infrastructure/aws
111+
112+ steps :
113+ - uses : actions/checkout@v4
114+
115+ - name : Configure AWS credentials
116+ uses : aws-actions/configure-aws-credentials@v4
87117 with :
88- version : " 0.5.*"
89- enable-cache : true
118+ role-to-assume : ${{ vars.AWS_ROLE_ARN }}
119+ role-session-name : github-actions-dev
120+ aws-region : ${{ vars.STACK_CDK_DEFAULT_REGION }}
90121
91- - name : Install dependencies
92- run : |
93- uv sync --only-group deployment
94- uv run npm install
122+ - uses : ./.github/actions/cdk-deploy
123+ with :
124+ dir : ' infrastructure/aws '
125+ skip_deploy : false
95126
96- name : CDK Synth
97- run : uv run --only-group deployment npm run cdk -- synth
127+ deploy-production :
128+ needs : [tests]
129+ runs-on : ubuntu-latest
130+ environment : production
131+ if : startsWith(github.ref, 'refs/tags/v')
132+ env :
133+ UV_PYTHON : 3.12
134+ TITILER_MULTIDIM_PYTHONWARNINGS : ignore
135+ TITILER_MULTIDIM_DEBUG : true
136+ STACK_ALARM_EMAIL : ${{ secrets.ALARM_EMAIL }}
137+ STACK_CDK_DEFAULT_ACCOUNT : ${{ vars.STACK_CDK_DEFAULT_ACCOUNT }}
138+ STACK_CDK_DEFAULT_REGION : ${{ vars.STACK_CDK_DEFAULT_REGION }}
139+ STACK_READER_ROLE_ARN : ${{ vars.STACK_READER_ROLE_ARN }}
140+ STACK_STAGE : ${{ vars.STACK_STAGE }}
141+ STACK_VPC_ID : ${{ vars.STACK_VPD_ID }}
142+
143+ defaults :
144+ run :
145+ working-directory : infrastructure/aws
98146
99- - name : Check Asset Sizes
100- run : |
101- MAX_SIZE_BYTES=262144000 # 262 MB in bytes
102- for dir in cdk.out/asset.*; do
103- if [ -d "$dir" ]; then
104- size=$(du -sb "$dir" | cut -f1)
105- if [ "$size" -gt $MAX_SIZE_BYTES ]; then
106- echo "Directory $dir exceeds 262 MB with size $size bytes (max: $MAX_SIZE_BYTES bytes)."
107- exit 1 # Exit with failure if any asset directory is too large
108- fi
109- echo "Asset directory $dir size: $size bytes"
110- fi
111- done
112- echo "All asset directories are within size limits."
113-
114- # Build and deploy to the development environment whenever there is a push to main or dev
115- - name : Build & Deploy Development
116- if : github.ref == 'refs/heads/main' || github.ref == 'refs/heads/dev'
117- run : uv run npm run cdk -- deploy titiler-multidim-development --require-approval never
118- env :
119- TITILER_MULTIDIM_PYTHONWARNINGS : ignore
120- TITILER_MULTIDIM_DEBUG : True
121- STACK_STAGE : development
122- STACK_NAME : titiler-multidim
123-
124- # Build and deploy to production deployment whenever there a new tag is pushed
125- - name : Build & Deploy Production
126- if : startsWith(github.ref, 'refs/tags/v')
127- run : uv run npm run cdk -- deploy titiler-multidim-production --require-approval never
128- env :
129- TITILER_MULTIDIM_PYTHONWARNINGS : ignore
130- TITILER_MULTIDIM_DEBUG : True
131- STACK_STAGE : production
132- STACK_NAME : titiler-multidim
147+ steps :
148+ - uses : actions/checkout@v4
149+
150+ - name : Configure AWS credentials
151+ uses : aws-actions/configure-aws-credentials@v4
152+ with :
153+ role-to-assume : ${{ vars.AWS_ROLE_ARN }}
154+ role-session-name : github-actions-dev
155+ aws-region : ${{ vars.STACK_CDK_DEFAULT_REGION }}
156+
157+ - uses : ./.github/actions/cdk-deploy
158+ with :
159+ dir : ' infrastructure/aws'
160+ skip_deploy : false
0 commit comments