Greengrass components - deploy #19
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Greengrass components - deploy | |
| # Only trigger, when the test workflow succeeded | |
| on: | |
| workflow_run: | |
| workflows: ["Greengrass components - build"] | |
| types: | |
| - completed | |
| env: | |
| # Must be setup | |
| OIDC_ROLE_AWS: ${{ secrets.OIDC_ROLE_AWS }} | |
| REGION: ${{ vars.AWS_REGION }} | |
| # Optional | |
| THING_GROUP_NAME: GreengrassGroup | |
| # Don't change | |
| components-directory: ./greengrass-components/components | |
| jobs: | |
| # Deploy the updated component on the device if necessary | |
| deploy: | |
| name: Component deploy | |
| runs-on: ubuntu-latest | |
| if: ${{ github.event.workflow_run.conclusion == 'success' }} | |
| permissions: | |
| id-token: write | |
| contents: read | |
| steps: | |
| - name: Check out repository code | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| ref: ${{ github.head_ref }} # Get head reference to compare commits | |
| - name: Configure AWS Credentials | |
| uses: aws-actions/configure-aws-credentials@v4 | |
| with: | |
| role-to-assume: ${{ env.OIDC_ROLE_AWS }} # This is required for requesting the JWT | |
| aws-region: ${{ env.REGION }} # This is required for actions/checkout | |
| - name: "Install dependencies" | |
| run: sudo apt-get install jq | |
| - name: Deploy Greengrass components on the device | |
| run: | | |
| AWS_ACCOUNT_ID=$(aws sts get-caller-identity --output text --no-paginate --query 'Account') | |
| cli_version=$(aws greengrassv2 list-component-versions \ | |
| --output text \ | |
| --no-paginate \ | |
| --arn arn:aws:greengrass:${{ env.REGION }}:aws:components:aws.greengrass.Cli \ | |
| --query "componentVersions[0].componentVersion") | |
| export CLI_VERSION=$cli_version | |
| export AWS_ACCOUNT_ID=$AWS_ACCOUNT_ID | |
| export AWS_REGION=${{ env.REGION }} | |
| export THING_GROUP=${{ env.THING_GROUP_NAME }} | |
| envsubst < "deployment.json.template" > "deployment.json" | |
| COMPONENTS=$(find . -maxdepth 1 -type d -not -name '.*' -exec basename {} \;) | |
| for component in $COMPONENTS | |
| do | |
| version=$(aws greengrassv2 list-component-versions \ | |
| --output text \ | |
| --no-paginate \ | |
| --arn arn:aws:greengrass:${{ env.REGION }}:${AWS_ACCOUNT_ID}:components:${component} \ | |
| --query "componentVersions[0].componentVersion") | |
| # Update JSON using jq | |
| jq --arg name "$component" \ | |
| --arg version "$version" \ | |
| --arg reset """" \ | |
| '.components += { ($name): { "componentVersion": $version, "configurationUpdate": { "reset": [$reset] } } }' \ | |
| "deployment.json" > tmp.json && mv tmp.json "deployment.json" | |
| done | |
| # deploy | |
| aws greengrassv2 create-deployment \ | |
| --cli-input-json file://deployment.json \ | |
| --region ${{ env.REGION }} | |
| echo "Deployment finished!" | |
| working-directory: ${{ env.components-directory }} |