-
Notifications
You must be signed in to change notification settings - Fork 9
/
Copy pathaction.yml
135 lines (128 loc) · 5.59 KB
/
action.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
name: Deploy HyP3
description: Deploy a HyP3 stack
inputs:
TEMPLATE_BUCKET:
description: "S3 Bucket for CloudFormation deployment artifacts"
required: true
STACK_NAME:
description: "Name of the deployed stack"
required: true
DOMAIN_NAME:
description: "HyP3 API domain name"
required: true
API_NAME:
description: "HyP3 API name"
required: true
CERTIFICATE_ARN:
description: "ARN for AWS Certificate Manager SSL certificate"
required: true
IMAGE_TAG:
description: "HyP3 plugin docker image tag to pull"
required: true
PRODUCT_LIFETIME:
description: "Number of days to keep output files before deleting them"
required: true
VPC_ID:
description: "Default VPC ID"
required: true
SUBNET_IDS:
description: "Comma separated list of Subnet IDs"
required: true
SECRET_ARN:
description: "ARN of Secret in AWS Secrets Manager containing all the credentials needed for job steps"
required: true
CLOUDFORMATION_ROLE_ARN:
description: "The CloudFormation role to use for this deployment"
required: true
DEFAULT_CREDITS_PER_USER:
description: "The default number of credits given to a new user"
required: true
DEFAULT_APPLICATION_STATUS:
description: "The default status for new user applications."
required: true
COST_PROFILE:
description: "Job spec cost profile"
required: true
JOB_FILES:
description: "Space separated list of job spec YAMLs to include"
required: true
DEFAULT_MAX_VCPUS:
description: "Default maximum size for the AWS Batch compute environment"
required: true
EXPANDED_MAX_VCPUS:
description: "Expanded maximum size for the AWS Batch compute environment to use when month-to-date budget sufficiently exceeds month-to-date spending"
required: true
MONTHLY_BUDGET:
description: "Total budget allocated per month, in dollars. Ignored when DefaultMaxvCpus = ExpandedMaxvCpus."
required: true
REQUIRED_SURPLUS:
description: "Amount by which month-to-date budget must exceed month-to-date spending to increase fleet size, in dollars. Ignored when DefaultMaxvCpus = ExpandedMaxvCpus."
required: true
ORIGIN_ACCESS_IDENTITY_ID:
description: "ID of the CloudFront Origin Access Identity used to access data in S3 for Earthdata Cloud deployments"
required: true
SECURITY_ENVIRONMENT:
description: "Modify resources/configurations for ASF (default), EDC, or JPL security environments"
required: true
AMI_ID:
description: "Name of the Systems Manager parameter from which to retrieve the current Ami Id"
required: true
INSTANCE_TYPES:
description: "Comma separated list of supported EC2 instance types"
required: true
DISTRIBUTION_URL:
description: "CloudFront Distribution URL for Earthdata Cloud environments"
required: true
AUTH_PUBLIC_KEY:
description: "Public key for jwt auth provider"
required: true
runs:
using: "composite"
steps:
- name: install dependencies and render templates
shell: bash
run: |
pip install --upgrade pip
make install
make files='${{ inputs.JOB_FILES }}' security_environment='${{ inputs.SECURITY_ENVIRONMENT }}' api_name='${{ inputs.API_NAME }}' cost_profile='${{ inputs.COST_PROFILE }}' build
- name: Package and deploy
shell: bash
run: |
[ -z ${{ inputs.CLOUDFORMATION_ROLE_ARN }} ] && export ROLE_STATEMENT="" \
|| export ROLE_STATEMENT="--role-arn ${{ inputs.CLOUDFORMATION_ROLE_ARN }}"
[ -z ${{ inputs.DOMAIN_NAME }} ] && export DOMAIN_NAME="" \
|| export DOMAIN_NAME="DomainName=${{ inputs.DOMAIN_NAME }}"
[ -z ${{ inputs.CERTIFICATE_ARN }} ] && export CERTIFICATE_ARN="" \
|| export CERTIFICATE_ARN="CertificateArn=${{ inputs.CERTIFICATE_ARN }}"
[ -z ${{ inputs.ORIGIN_ACCESS_IDENTITY_ID }} ] && export ORIGIN_ACCESS_IDENTITY_ID="" \
|| export ORIGIN_ACCESS_IDENTITY_ID="OriginAccessIdentityId=${{ inputs.ORIGIN_ACCESS_IDENTITY_ID }}"
[ -z ${{ inputs.DISTRIBUTION_URL }} ] && export DISTRIBUTION_URL="" \
|| export DISTRIBUTION_URL="DistributionUrl=${{ inputs.DISTRIBUTION_URL }}"
aws cloudformation package \
--template-file apps/main-cf.yml \
--s3-bucket ${{ inputs.TEMPLATE_BUCKET }} \
--output-template-file packaged.yml
aws cloudformation deploy \
--stack-name ${{ inputs.STACK_NAME }} \
--template-file packaged.yml \
$ROLE_STATEMENT \
--capabilities CAPABILITY_IAM \
--parameter-overrides \
VpcId='${{ inputs.VPC_ID }}' \
SubnetIds='${{ inputs.SUBNET_IDS }}' \
SecretArn='${{ inputs.SECRET_ARN }}' \
ImageTag='${{ inputs.IMAGE_TAG }}' \
ProductLifetimeInDays='${{ inputs.PRODUCT_LIFETIME }}' \
AuthPublicKey='${{ inputs.AUTH_PUBLIC_KEY }}' \
$DOMAIN_NAME \
$CERTIFICATE_ARN \
$ORIGIN_ACCESS_IDENTITY_ID \
$DISTRIBUTION_URL \
DefaultCreditsPerUser='${{ inputs.DEFAULT_CREDITS_PER_USER }}' \
DefaultApplicationStatus='${{ inputs.DEFAULT_APPLICATION_STATUS }}' \
DefaultMaxvCpus='${{ inputs.DEFAULT_MAX_VCPUS }}' \
ExpandedMaxvCpus='${{ inputs.EXPANDED_MAX_VCPUS }}' \
MonthlyBudget='${{ inputs.MONTHLY_BUDGET }}' \
RequiredSurplus='${{ inputs.REQUIRED_SURPLUS }}' \
AmiId='${{ inputs.AMI_ID }}' \
InstanceTypes='${{ inputs.INSTANCE_TYPES }}'