Comment gold locations #10
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: IaC and Prefect Deploy | |
| on: | |
| push: | |
| branches: | |
| - main | |
| jobs: | |
| infraestructure: | |
| name: 'Terraform Plan and Apply' | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v3 | |
| - name: Set up Terraform | |
| uses: hashicorp/setup-terraform@v3.1.1 | |
| # with: | |
| # terraform_version: 1.9.3 | |
| - name: Set up QEMU | |
| uses: docker/setup-qemu-action@v3 | |
| with: | |
| platforms: arm64 | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Cache Docker layers | |
| uses: actions/cache@v3 | |
| with: | |
| path: /tmp/.buildx-cache | |
| key: ${{ runner.os }}-buildx-${{ github.sha }} | |
| restore-keys: | | |
| ${{ runner.os }}-buildx- | |
| - name: Configure AWS credentials | |
| uses: aws-actions/configure-aws-credentials@v4 | |
| with: | |
| aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| aws-region: eu-west-3 # Change this to your preferred region | |
| - name: Initialize Terraform | |
| run: terraform init | |
| working-directory: infrastructure | |
| - name: Terraform Plan | |
| run: terraform plan | |
| working-directory: infrastructure | |
| - name: Terraform Apply | |
| if: github.ref == 'refs/heads/main' | |
| run: terraform apply -auto-approve | |
| working-directory: infrastructure | |
| prefect-deploy: | |
| needs: infraestructure | |
| name: Deploy to Prefect Cloud | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| - name: Set up Python | |
| uses: actions/setup-python@v5 | |
| with: | |
| python-version: '3.10' | |
| - name: Install dependencies | |
| run: | | |
| python -m pip install --upgrade pip | |
| pip install uv | |
| # see https://github.com/docker/docker-py/issues/3256 for why we need to pin requests | |
| # docker-compose is deprecated and doesn't work with newer versions of docker | |
| uv pip install --system "pyyaml==5.3.1" "requests<2.32.0" "docker==6.1.3" docker-compose | |
| pip install prefect==2.14.21 prefect-aws==0.4.12 boto3==1.34.30 | |
| - name: Configure AWS credentials | |
| uses: aws-actions/configure-aws-credentials@v2 | |
| with: | |
| aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| aws-region: ${{ secrets.AWS_REGION }} | |
| - name: Login to ECR | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ${{ secrets.AWS_ECR_REGISTRY }} | |
| username: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| password: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| - name: Prefect Auth | |
| uses: PrefectHQ/actions-prefect-auth@v1 | |
| with: | |
| prefect-api-key: ${{ secrets.PREFECT_API_KEY }} | |
| prefect-workspace: ${{ secrets.PREFECT_WORKSPACE }} | |
| - name: Set docker build namespace | |
| shell: bash | |
| run: | | |
| prefect config set PREFECT_DEFAULT_DOCKER_BUILD_NAMESPACE=${{ secrets.AWS_ECR_REGISTRY }} | |
| - name: Run Prefect deployment | |
| env: | |
| PREFECT_API_KEY: ${{ secrets.PREFECT_API_KEY }} # Only needed if using Prefect Cloud | |
| run: | | |
| python -m src.orchestration.deployments |