move policies #16
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Create Sagemeker Model Endpoint | |
| on: | |
| push: | |
| branches: | |
| - test | |
| - main | |
| workflow_dispatch: | |
| permissions: | |
| id-token: write | |
| contents: read | |
| env: | |
| AWS_REGION: us-east-1 | |
| ENVIRONMENT: ${{ github.ref_name == 'main' && 'prod' || github.ref_name == 'test' && 'test' }} | |
| jobs: | |
| create_model_endpoint: | |
| runs-on: ubuntu-24.04 | |
| defaults: | |
| run: | |
| working-directory: terraform | |
| steps: | |
| - uses: actions/checkout@v3 | |
| - name: Configure AWS Credentials | |
| uses: aws-actions/configure-aws-credentials@v4 | |
| with: | |
| audience: sts.amazonaws.com | |
| aws-region: ${{ env.AWS_REGION }} | |
| role-to-assume: arn:aws:iam::639269844451:role/github-actions | |
| role-session-name: ${{ env.ENVIRONMENT }}-deployment | |
| - name: Setup Terraform | |
| uses: hashicorp/setup-terraform@v3 | |
| - name: Terraform Init | |
| run: terraform init | |
| - name: Select/Create Terraform Workspace | |
| run: | | |
| terraform workspace list || echo "Workspace list unavailable" | |
| terraform workspace select --or-create ${{ env.ENVIRONMENT }} | |
| - name: Terraform Plan | |
| run: terraform plan | |
| - name: Terraform Apply | |
| run: terraform apply -auto-approve | |
| test_model_endpoint: | |
| runs-on: ubuntu-24.04 | |
| needs: create_model_endpoint | |
| defaults: | |
| run: | |
| working-directory: test_model | |
| steps: | |
| - uses: actions/checkout@v3 | |
| - name: Install uv | |
| uses: astral-sh/setup-uv@v5 | |
| with: | |
| enable-cache: true | |
| # Install dependencies | |
| - name: Set up Python | |
| run: uv python install | |
| - name: Install the project | |
| run: uv sync --no-dev | |
| - name: Configure AWS Credentials | |
| uses: aws-actions/configure-aws-credentials@v4 | |
| with: | |
| audience: sts.amazonaws.com | |
| aws-region: ${{ env.AWS_REGION }} | |
| role-to-assume: arn:aws:iam::639269844451:role/github-actions | |
| role-session-name: ${{ env.ENVIRONMENT }}-deployment | |
| - name: Run tests | |
| run: python test_endpoint.py |