/aws-java-cdk-github-actions

Primary LanguageShellApache License 2.0Apache-2.0

AWS-Java-CDK GitHub Actions

Docker Image Build GitHub Release

AWS-Java-CDK GitHub Actions allow you to run cdk deploy and cdk diff and ... on your pull requests to help you review.

Supported languages

  • Java (14)

but also:

  • TypeScript
  • JavaScript
  • Python

Example usage

on: [push]

jobs:
  aws_cdk:
    runs-on: ubuntu-latest
    steps:
      - name: cdk bootstrap
        uses: parameswaranvv/aws-java-cdk-github-actions@v1
        with:
          cdk_subcommand: 'bootstrap'
          actions_comment: false
        env:
          AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
          AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
          AWS_DEFAULT_REGION: 'us-east-1'
          CDK_DEFAULT_ACCOUNT: ${{ secrets.CDK_DEFAULT_ACCOUNT }}
          CDK_DEFAULT_REGION: ${{ secrets.CDK_DEFAULT_REGION }}

      - name: cdk diff
        uses: parameswaranvv/aws-java-cdk-github-actions@v1
        with:
          cdk_subcommand: 'diff'
          actions_comment: true
        env:
          AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
          AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
          AWS_DEFAULT_REGION: 'us-east-1'

      - name: cdk deploy
        uses: parameswaranvv/aws-java-cdk-github-actions@v1
        with:
          cdk_subcommand: 'deploy'
          cdk_stack: 'stack1'
          cdk_args: '--require-approval never'
          actions_comment: false
        env:
          AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
          AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
          AWS_DEFAULT_REGION: 'us-east-1'

      - name: cdk synth
        uses: parameswaranvv/aws-java-cdk-github-actions@v1.1.0
        with:
          cdk_subcommand: 'synth'
          cdk_version: '1.16.2'
          working_dir: 'src'
        env:
          AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
          AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
          AWS_DEFAULT_REGION: 'us-east-1'

Inputs

  • cdk_subcommand Required AWS CDK subcommand to execute (synth, diff, deploy, doctor,...).
  • cdk_version AWS CDK version to install. (default: 'latest')
  • cdk_stack AWS CDK stack name to execute. (default: '*')
  • working_dir AWS CDK working directory. (default: '.')
  • actions_comment Whether or not to comment on pull requests. (default: true)
  • debug_log Enable debug-log. (default: false)

Outputs

  • status_code Returned status code.

ENV

  • AWS_ACCESS_KEY_ID Optional
  • AWS_SECRET_ACCESS_KEY Optional
  • GITHUB_TOKEN Required for actions_comment=true

A note on AWS credentials

Using long-living credentials and injecting them into your workflow environment is generally a bad habit.

Github recently improved the workflow authentication experience by injecting an Open Id Connect Token into your workflow environment. I recommend favouring this approach over using long living credentials. You can read more about this in this blog post.

To easily configure your AWS environment in any workflow, I recommend using the aws-actions/configure-aws-credentials, it's really straight forward.