GitHub Action
AWS CDK v2 GitHub Actions
v2.3.0
Latest version
AWS-CDK GitHub Actions allow you to run cdk deploy
and cdk diff
and ... on your pull requests to help you review.
- TypeScript
- JavaScript
- Python
- Golang
on: [push]
jobs:
aws_cdk:
runs-on: ubuntu-latest
steps:
- name: cdk diff
uses: arnaskro/[email protected]
with:
cdk_subcommand: 'diff'
actions_comment: true
env:
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
AWS_DEFAULT_REGION: 'ap-northeast-1'
- name: cdk deploy
uses: arnaskro/[email protected]
with:
cdk_subcommand: 'deploy'
cdk_args: '--require-approval never'
actions_comment: false
env:
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
AWS_DEFAULT_REGION: 'ap-northeast-1'
- name: cdk synth
uses: arnaskro/[email protected]
with:
cdk_subcommand: 'synth'
cdk_version: '2.4.0'
working_dir: 'src'
env:
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
AWS_DEFAULT_REGION: 'ap-northeast-1'
Include the stack names in the cdk_stack
parameter and also make sure not to include the --all
flag in cdk_args
parameters.
cdk_stack: 'Stack1 Stack2'
If you use assume-role, we recommended using awscredswrap! See: https://github.com/marketplace/actions/aws-assume-role-github-actions#use-as-github-actions
on: [push]
jobs:
aws_cdk:
runs-on: ubuntu-latest
steps:
- name: Assume Role
uses: arnaskro/awscredswrap@master
with:
role_arn: ${{ secrets.ROLE_ARN }}
duration_seconds: 3600
role_session_name: 'awscredswrap@GitHubActions'
env:
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
AWS_DEFAULT_REGION: 'ap-northeast-1'
- name: cdk diff
uses: arnaskro/[email protected]
with:
cdk_subcommand: 'diff'
cdk_subcommand
Required AWS CDK subcommand to execute.cdk_version
AWS CDK version to install. (default: 'latest')cdk_stack
AWS CDK stack name to execute. (default: '*')working_dir
AWS CDK working directory. (default: '.')actions_comment
Whether or not to comment on pull requests. (default: true)debug_log
Enable debug-log. (default: false)
status_code
Returned status code.
AWS_ACCESS_KEY_ID
RequiredAWS_SECRET_ACCESS_KEY
RequiredGITHUB_TOKEN
Required foractions_comment=true
Recommended to get AWS_ACCESS_KEY_ID
and AWS_SECRET_ACCESS_KEY
from secrets. A github token is automatically made available as a secret as GITHUB_TOKEN
.