feat: sqs consumer lambda

.github/actions/deploy-lambda/action.yml

@@ -0,0 +1,117 @@
+name: Deploy Lambda with CodeDeploy
+description: Deploy a Lambda using Terragrunt + CodeDeploy (publish version, traffic shift, prune)
+
+inputs:
+  aws_oidc_role_arn:
+    description: AWS OIDC role to assume
+    required: true
+
+  infra_version:
+    description: Git ref containing Terraform/Terragrunt config
+    required: true
+
+  tg_directory:
+    description: Terragrunt directory for this lambda
+    required: true
+
+  lambda_bucket:
+    description: "Bucket containing lambda zips"
+    required: true
+
+  lambda_version:
+    description: Lambda artifact version (S3 prefix)
+    required: true
+
+  lambda_keep:
+    description: Number of lambda versions to keep
+    required: true
+
+runs:
+  using: composite
+  steps:
+    - uses: actions/checkout@v4
+      with:
+        ref: ${{ inputs.infra_version }}
+
+    - name: Get Terragrunt outputs
+      id: init
+      uses: chrispsheehan/terragrunt-aws-oidc-action@0.4.1
+      with:
+        aws_oidc_role_arn: ${{ inputs.aws_oidc_role_arn }}
+        tg_directory: ${{ inputs.tg_directory }}
+        tg_action: init
+
+    - name: Extract Terragrunt outputs
+      id: vars
+      shell: bash
+      env:
+        TG_OUTPUTS: ${{ steps.init.outputs.tg_outputs }}
+      run: |
+        echo "lambda_function_name=$(echo $TG_OUTPUTS | jq -r '.lambda_function_name.value')" >> $GITHUB_OUTPUT
+        echo "lambda_alias_name=$(echo $TG_OUTPUTS | jq -r '.lambda_alias_name.value')" >> $GITHUB_OUTPUT
+        echo "code_deploy_app_name=$(echo $TG_OUTPUTS | jq -r '.code_deploy_app_name.value')" >> $GITHUB_OUTPUT
+        echo "code_deploy_group_name=$(echo $TG_OUTPUTS | jq -r '.code_deploy_group_name.value')" >> $GITHUB_OUTPUT
+
+    - name: Set AppSpec paths
+      id: appspec
+      shell: bash
+      run: |
+        lambda_zip_key="${{ inputs.lambda_version }}/${{ steps.vars.outputs.lambda_function_name }}.zip"
+        echo "lambda_appspec_key=$(echo $TG_OUTPUTS | jq -r '.lambda_zip_key.value')" >> $GITHUB_OUTPUT
+        echo "lambda_appspec_zip=$(echo $TG_OUTPUTS | jq -r '.lambda_function_name.value')" >> $GITHUB_OUTPUT
+
+    - name: Get current lambda version
+      id: get-version
+      uses: chrispsheehan/just-aws-oidc-action@0.1.3
+      env:
+        FUNCTION_NAME: ${{ steps.vars.outputs.lambda_function_name }}
+        ALIAS_NAME: ${{ steps.vars.outputs.lambda_alias_name }}
+      with:
+        aws_oidc_role_arn: ${{ inputs.aws_oidc_role_arn }}
+        just_action: lambda-get-version
+
+    - name: Publish new lambda version
+      id: publish
+      uses: chrispsheehan/just-aws-oidc-action@0.1.3
+      env:
+        BUCKET_NAME: ${{ inputs.lambda_bucket }}
+        FUNCTION_NAME: ${{ steps.vars.outputs.lambda_function_name }}
+        LAMBDA_ZIP_KEY: ${{ steps.vars.outputs.lambda_zip_key }}
+      with:
+        aws_oidc_role_arn: ${{ inputs.aws_oidc_role_arn }}
+        just_action: lambda-create-version
+
+    - name: Upload AppSpec bundle
+      uses: chrispsheehan/just-aws-oidc-action@0.1.3
+      env:
+        BUCKET_NAME: ${{ inputs.lambda_bucket }}
+        FUNCTION_NAME: ${{ steps.vars.outputs.lambda_function_name }}
+        ALIAS_NAME: ${{ steps.vars.outputs.lambda_alias_name }}
+        CURRENT_VERSION: ${{ steps.get-version.outputs.just_outputs }}
+        NEW_VERSION: ${{ steps.publish.outputs.just_outputs }}
+        APP_SPEC_FILE: ${{ github.workspace }}/appspec.yml
+        APP_SPEC_KEY: ${{ steps.vars.outputs.lambda_appspec_key }}
+      with:
+        aws_oidc_role_arn: ${{ inputs.aws_oidc_role_arn }}
+        just_action: lambda-upload-bundle
+
+    - name: Run CodeDeploy
+      uses: chrispsheehan/just-aws-oidc-action@0.1.3
+      env:
+        BUCKET_NAME: ${{ inputs.lambda_bucket }}
+        CODE_DEPLOY_APP_NAME: ${{ steps.vars.outputs.code_deploy_app_name }}
+        CODE_DEPLOY_GROUP_NAME: ${{ steps.vars.outputs.code_deploy_group_name }}
+        APP_SPEC_KEY: ${{ steps.vars.outputs.lambda_appspec_key }}
+      with:
+        aws_oidc_role_arn: ${{ inputs.aws_oidc_role_arn }}
+        just_action: lambda-deploy
+
+    - name: Prune old lambda versions
+      uses: chrispsheehan/just-aws-oidc-action@0.1.3
+      env:
+        KEEP: ${{ inputs.lambda_keep }}
+        FUNCTION_NAME: ${{ steps.vars.outputs.lambda_function_name }}
+        ALIAS_NAME: ${{ steps.vars.outputs.lambda_alias_name }}
+      with:
+        aws_oidc_role_arn: ${{ inputs.aws_oidc_role_arn }}
+        just_action: lambda-prune

.github/workflows/build.yml

@@ -38,7 +38,7 @@ jobs:
           ref: ${{ inputs.version }}
 
       - name: Deploy code buckets
-        uses: chrispsheehan/terragrunt-aws-oidc-action@0.4.0
+        uses: chrispsheehan/terragrunt-aws-oidc-action@0.4.1
         id: code_action
         with:
           aws_oidc_role_arn: ${{ env.AWS_OIDC_ROLE_ARN }}

.github/workflows/deploy.yml

@@ -34,7 +34,6 @@ permissions:
 env:
   TF_VAR_lambda_version: ${{ inputs.lambda_version }}
   AWS_OIDC_ROLE_ARN: arn:aws:iam::${{ vars.AWS_ACCOUNT_ID }}:role/aws-serverless-github-deploy-${{ inputs.environment }}-github-oidc-role
-  BUCKET_NAME: ${{ inputs.lambda_bucket }}
 
 jobs:
   setup:
@@ -44,94 +43,81 @@ jobs:
         with:
           ref: ${{ inputs.infra_version }}
 
-      - uses: chrispsheehan/terragrunt-aws-oidc-action@0.4.0
+      - uses: chrispsheehan/terragrunt-aws-oidc-action@0.4.1
         with:
           aws_oidc_role_arn: ${{ env.AWS_OIDC_ROLE_ARN }}
           tg_directory: infra/live/${{ inputs.environment }}/aws/oidc
 
       - name: check Lambda version
         uses: chrispsheehan/just-aws-oidc-action@0.1.3
         env:
+          BUCKET_NAME: ${{ inputs.lambda_bucket }}
           VERSION: ${{ inputs.lambda_version }}
         with:
           aws_oidc_role_arn: ${{ env.AWS_OIDC_ROLE_ARN }}
           just_action: check-version
 
-  api:
+  api-infra:
     needs: setup
     runs-on: ubuntu-latest
-    env:
-      APP_SPEC_FILE: ${{ github.workspace }}/appspec.yml
-      APP_SPEC_KEY: ${{ inputs.lambda_version }}/appspec.zip
     steps:
       - uses: actions/checkout@v4
         with:
           ref: ${{ inputs.infra_version }}
 
-      - name: deploy api
-        id: deploy-api
-        uses: chrispsheehan/terragrunt-aws-oidc-action@0.4.0
+      - name: Deploy api infra
+        id: deploy
+        uses: chrispsheehan/terragrunt-aws-oidc-action@0.4.1
         with:
           aws_oidc_role_arn: ${{ env.AWS_OIDC_ROLE_ARN }}
           tg_directory: infra/live/${{ inputs.environment }}/aws/api
 
-      - name: get api variables
-        id: get-api-vars
-        env:
-          TG_OUTPUTS: ${{ steps.deploy-api.outputs.tg_outputs  }}
-        run: |
-          echo "lambda_zip_key=$(echo $TG_OUTPUTS | jq -r '.lambda_zip_key.value')" >> $GITHUB_OUTPUT
-          echo "lambda_function_name=$(echo $TG_OUTPUTS | jq -r '.lambda_function_name.value')" >> $GITHUB_OUTPUT
-          echo "lambda_alias_name=$(echo $TG_OUTPUTS | jq -r '.lambda_alias_name.value')" >> $GITHUB_OUTPUT
-          echo "code_deploy_app_name=$(echo $TG_OUTPUTS | jq -r '.code_deploy_app_name.value')" >> $GITHUB_OUTPUT
-          echo "code_deploy_group_name=$(echo $TG_OUTPUTS | jq -r '.code_deploy_group_name.value')" >> $GITHUB_OUTPUT
-
-      - name: get lambda version
-        id: lambda-get-version
-        uses: chrispsheehan/just-aws-oidc-action@0.1.3
-        env:
-          FUNCTION_NAME: ${{ steps.get-api-vars.outputs.lambda_function_name }}
-          ALIAS_NAME: ${{ steps.get-api-vars.outputs.lambda_alias_name }}
+  api:
+    needs: api-infra
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
         with:
-          aws_oidc_role_arn: ${{ env.AWS_OIDC_ROLE_ARN }}
-          just_action: lambda-get-version
+          ref: ${{ inputs.infra_version }}
 
-      - name: create lambda version
-        id: lambda-create-version
-        uses: chrispsheehan/just-aws-oidc-action@0.1.3
-        env:
-          LAMBDA_ZIP_KEY: ${{ steps.get-api-vars.outputs.lambda_zip_key }}
-          FUNCTION_NAME: ${{ steps.get-api-vars.outputs.lambda_function_name }}
+      - uses: ./.github/actions/deploy-lambda
         with:
           aws_oidc_role_arn: ${{ env.AWS_OIDC_ROLE_ARN }}
-          just_action: lambda-create-version
+          infra_version: ${{ inputs.infra_version }}
+          tg_directory: infra/live/${{ inputs.environment }}/aws/api
+          lambda_bucket: ${{ inputs.lambda_bucket }}
+          lambda_version: ${{ inputs.lambda_version }}
+          lambda_keep: ${{ inputs.lambda_keep }}
 
-      - name: Prepare and upload AppSpec File to s3
-        uses: chrispsheehan/just-aws-oidc-action@0.1.3
-        env:
-          FUNCTION_NAME: ${{ steps.get-api-vars.outputs.lambda_function_name }}
-          ALIAS_NAME: ${{ steps.get-api-vars.outputs.lambda_alias_name }}
-          CURRENT_VERSION: ${{ steps.lambda-get-version.outputs.just_outputs }}
-          NEW_VERSION: ${{ steps.lambda-create-version.outputs.just_outputs }}
-        with:
-          aws_oidc_role_arn: ${{ env.AWS_OIDC_ROLE_ARN }}
-          just_action: lambda-upload-bundle
+  # consumer-infra:
+  #   needs: setup
+  #   runs-on: ubuntu-latest
+  #   steps:
+  #     - uses: actions/checkout@v4
+  #       with:
+  #         ref: ${{ inputs.infra_version }}
 
-      - name: deploy lambda
-        uses: chrispsheehan/just-aws-oidc-action@0.1.3
-        env:
-          CODE_DEPLOY_APP_NAME: ${{ steps.get-api-vars.outputs.code_deploy_app_name }}
-          CODE_DEPLOY_GROUP_NAME: ${{ steps.get-api-vars.outputs.code_deploy_group_name }}
-        with:
-          aws_oidc_role_arn: ${{ env.AWS_OIDC_ROLE_ARN }}
-          just_action: lambda-deploy
+  #     - name: Deploy consumer infra
+  #       id: deploy
+  #       uses: chrispsheehan/terragrunt-aws-oidc-action@0.4.1
+  #       with:
+  #         aws_oidc_role_arn: ${{ env.AWS_OIDC_ROLE_ARN }}
+  #         tg_directory: infra/live/${{ inputs.environment }}/aws/consumer
+
+  # consumer:
+  #   needs: consumer-infra
+  #   runs-on: ubuntu-latest
+  #   steps:
+  #     - uses: actions/checkout@v4
+  #       with:
+  #         ref: ${{ inputs.infra_version }}
+
+  #     - uses: ./.github/actions/deploy-lambda
+  #       with:
+  #         aws_oidc_role_arn: ${{ env.AWS_OIDC_ROLE_ARN }}
+  #         infra_version: ${{ inputs.infra_version }}
+  #         tg_directory: infra/live/${{ inputs.environment }}/aws/consumer
+  #         lambda_bucket: ${{ inputs.lambda_bucket }}
+  #         lambda_version: ${{ inputs.lambda_version }}
+  #         lambda_keep: ${{ inputs.lambda_keep }}
 
-      - name: prune lambda
-        uses: chrispsheehan/just-aws-oidc-action@0.1.3
-        env:
-          KEEP: ${{ inputs.lambda_keep }}
-          FUNCTION_NAME: ${{ steps.get-api-vars.outputs.lambda_function_name }}
-          ALIAS_NAME: ${{ steps.get-api-vars.outputs.lambda_alias_name }}
-        with:
-          aws_oidc_role_arn: ${{ env.AWS_OIDC_ROLE_ARN }}
-          just_action: lambda-prune

.github/workflows/destroy.yml

@@ -29,21 +29,34 @@ jobs:
       - uses: actions/checkout@v4
 
       - name: Destroy backend
-        uses: chrispsheehan/terragrunt-aws-oidc-action@0.4.0
+        uses: chrispsheehan/terragrunt-aws-oidc-action@0.4.1
         with:
           aws_oidc_role_arn: ${{ env.AWS_OIDC_ROLE_ARN }}
           tg_directory: infra/live/${{ inputs.environment }}/aws/api
           tg_action: destroy
 
+  consumer:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Destroy backend
+        uses: chrispsheehan/terragrunt-aws-oidc-action@0.4.1
+        with:
+          aws_oidc_role_arn: ${{ env.AWS_OIDC_ROLE_ARN }}
+          tg_directory: infra/live/${{ inputs.environment }}/aws/consumer
+          tg_action: destroy
+
   build:
     needs:
       - api
+      - consumer
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v4
 
       - name: Destroy code
-        uses: chrispsheehan/terragrunt-aws-oidc-action@0.4.0
+        uses: chrispsheehan/terragrunt-aws-oidc-action@0.4.1
         with:
           aws_oidc_role_arn: ${{ env.AWS_OIDC_ROLE_ARN }}
           tg_directory: infra/live/${{ inputs.environment }}/aws/code_bucket

.github/workflows/dev_deploy.yml

@@ -14,9 +14,20 @@ jobs:
       environment: dev
       version: ${{ github.sha }}
 
+  lambdas:
+    needs: build
+    uses: ./.github/workflows/infra_deploy.yml
+    with:
+      environment: dev
+      infra_version: ${{ github.sha }}
+      lambda_bucket: ${{ needs.build.outputs.lambda_bucket }}
+      lambda_version: ${{ github.sha }}
+
   dev:
     uses: ./.github/workflows/deploy.yml
-    needs: build
+    needs: 
+      - build
+      - lambdas
     with:
       environment: dev
       infra_version: ${{ github.sha }}

.github/workflows/get_build.yml

@@ -38,7 +38,7 @@ jobs:
           ref: ${{ inputs.version }}
 
       - name: Get code bucket outputs
-        uses: chrispsheehan/terragrunt-aws-oidc-action@0.4.0
+        uses: chrispsheehan/terragrunt-aws-oidc-action@0.4.1
         id: code_action
         with:
           aws_oidc_role_arn: ${{ env.AWS_OIDC_ROLE_ARN }}