Skip to content
Integration Test deployment

fix(codepipeline): prevent S3 bucket orphaning in cross-region support stacks #174

Sign in to view logs

fix(codepipeline): prevent S3 bucket orphaning in cross-region support stacks

fix(codepipeline): prevent S3 bucket orphaning in cross-region support stacks #174

Workflow file for this run

.github/workflows/integration-test-deployment.yml at 9111292
name: Integration Test deployment
permissions:
id-token: write # This is required for requesting the OIDC JWT ID token
on:
workflow_dispatch: {}
merge_group: {}
pull_request_target:
branches:
- main
paths:
- '**.js.snapshot**'
# In each PR, cancel any previous deployment integration test in progress for that PR
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}-${{ github.event.pull_request.number || github.run_id }}
cancel-in-progress: true
jobs:
integration_test_deployment:
runs-on: codebuild-aws-cdk-github-actions-deployment-integ-runner-${{ github.run_id }}-${{ github.run_attempt }}
environment: deployment-integ-test # Do not change or remove this without discussing with Appsec
env:
PR_BUILD: true
steps:
- name: Checkout BASE
uses: actions/checkout@v5
with:
ref: ${{ github.event.pull_request.base.sha }}
fetch-depth: 0
path: base
- name: Checkout HEAD
uses: actions/checkout@v5
with:
ref: ${{ github.event.pull_request.head.sha }}
fetch-depth: 0
path: head
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v5
with:
role-to-assume: ${{ vars.CDK_ATMOSPHERE_OIDC_ROLE }}
role-session-name: run-tests@aws-cdk-deployment-integ
aws-region: us-east-1
- name: Setup Node.js
uses: actions/setup-node@v4
with:
node-version: "lts/*"
cache: "yarn"
cache-dependency-path: |
base/yarn.lock
head/yarn.lock
- name: Set up Docker
uses: docker/setup-buildx-action@v3
- name: Load Docker images
id: docker-cache
uses: actions/cache/restore@v4
with:
path: |
~/.docker-images.tar
key: docker-cache-${{ runner.os }}
- name: Restore Docker images
if: ${{ steps.docker-cache.outputs.cache-hit }}
run: docker image load --input ~/.docker-images.tar
- name: Cache build artifacts
uses: actions/cache@v4
with:
path: |
~/.s3buildcache
key: s3buildcache-${{ runner.os }}
#Increases vm.max_map_count for memory intensive jobs
- name: Configure system settings for
run: |
(command -v sysctl || sudo apt-get update && sudo apt-get install -y procps) && \
sudo sysctl -w vm.max_map_count=2251954
- name: Install dependencies for integration-test-deployment (BASE)
working-directory: base
run: yarn --cwd tools/@aws-cdk/integration-test-deployment install
- name: Build deployment-integ (BASE)
working-directory: base
run: yarn --cwd tools/@aws-cdk/integration-test-deployment build
- name: Install dependencies for Integration Tests (HEAD)
working-directory: head
run: yarn install
- name: Build Integration Tests (HEAD)
working-directory: head
run: npx lerna run build --scope=@aws-cdk-testing/framework-integ
- name: Run integration tests from HEAD using integration-test-deployment script from BASE
run: yarn --cwd ../base/tools/@aws-cdk/integration-test-deployment/ integration-test-deployment
working-directory: head
env:
CDK_ATMOSPHERE_ENDPOINT: ${{ vars.CDK_ATMOSPHERE_ENDPOINT }}
CDK_ATMOSPHERE_POOL: ${{ vars.CDK_ATMOSPHERE_POOL}}
TARGET_BRANCH_COMMIT: ${{ github.event.pull_request.base.sha }}
SOURCE_BRANCH_COMMIT: ${{ github.event.pull_request.head.sha }}
- name: Export Docker images
if: ${{ github.event_name == 'push' && github.ref_name == 'main' }}
run: docker image save --output ~/.docker-images.tar $(docker image list --format '{{ if ne .Repository "<none>" }}{{ .Repository }}{{ if ne .Tag "<none>" }}:{{ .Tag }}{{ end }}{{ else }}{{ .ID }}{{ end }}')
- name: Cache Docker images
if: ${{ github.event_name == 'push' && github.ref_name == 'main' }}
uses: actions/cache/save@v4
with:
path: |
~/.docker-images.tar
key: docker-cache-${{ runner.os }}