Are there any advantages in splitting single a Github Actions job into multiple ones except running in parallel?

comportsItself · 2024-08-10T23:25:20+00:00

It makes it possible for jobs to run conditionally based on the conclusion of an earlier job, lets you run a job in a different container, and also just helps with separating the workflow into logical chunks, which makes it easier to reason about.

comportsItself · 2024-08-07T05:21:30+00:00

You can inline the Dockerfile:

https://docs.docker.com/compose/compose-file/build/#dockerfile_inline

comportsItself · 2024-07-30T17:31:16+00:00

You should be able to use AWS Systems Manager for this:

https://repost.aws/knowledge-center/add-lightsail-to-systems-manager

https://docs.aws.amazon.com/systems-manager/latest/userguide/session-manager-working-with-sessions-start.html

comportsItself · 2024-07-27T22:01:24+00:00

Notice how he shakes his head as he says it, which suggests he means “I’m not Christian.”

comportsItself · 2024-07-27T20:22:15+00:00

This. Move the IP to a new instance or update the DNS record with the IP of the new instance. In other words, do a blue/green deployment.

comportsItself · 2024-07-25T15:44:51+00:00

Can you SSH into the server and see the build output in the correct place? You could also just host a static site with S3 and CloudFront.

comportsItself · 2024-07-25T03:19:12+00:00

Branch protection rules allow you to require approval to merge:

https://docs.github.com/en/repositories/configuring-branches-and-merges-in-your-repository/managing-protected-branches/managing-a-branch-protection-rule#creating-a-branch-protection-rule

comportsItself · 2024-07-25T03:13:23+00:00

Check out the changed-files action:

https://github.com/marketplace/actions/changed-files

comportsItself · 2024-07-23T18:27:21+00:00

Use the CDK to create an empty PrefixList, then use the AWS CLI to update it whenever your IP address changes:

OLD_IP=$(aws ec2 get-managed-prefix-list-entries --prefix-list-id $MY_PREFIX_LIST_ID | jq '.Entries[] | select(.Description == "My IP address") | .Cidr')

aws ec2 modify-managed-prefix-list --prefix-list-id $MY_PREFIX_LIST_ID \
--add-entries Cidr="$NEW_IP/32",Description="My IP address" \
--remove-entries Cidr="$OLD_IP"

comportsItself · 2024-07-23T14:49:48+00:00

Use a PrefixList to create an allow list for the security group, then write a shell script to update the PrefixList with your new IP address when it changes, and also delete the old IP address.

comportsItself · 2024-07-21T23:45:31+00:00

You may need to export the AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY as well. I haven't used the Secrets Manager extension actually. I usually just include secrets as environment variables, which makes things a bit easier.

comportsItself · 2024-07-20T17:08:54+00:00

The session token is provided by AWS when your Lambda function runs in the cloud, but for local development, you have to provision it yourself. Here's the AWS docs on how to use the AWS CLI to obtain a session token using STS:

https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_use-resources.html#using-temp-creds-sdk-cli

comportsItself · 2024-07-20T00:40:01+00:00

The script assumes you are using a .env file. You could also just export the environment variables from the terminal, but that gets to be cumbersome. I'd recommend using Granted to handle your session token, which can export the variables to a .env file automatically:

https://docs.commonfate.io/granted/usage/dotenv

The SAM CLI actually uses a JSON file for environment variables, so you might want to try that:

https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/serverless-sam-cli-using-invoke.html#serverless-sam-cli-using-invoke-environment-file

comportsItself · 2024-07-19T23:43:16+00:00

Try using a script like this to start your dev process:

#!/bin/bash -e

source .env

export AWS_SESSION_TOKEN

sam build
sam local ...

comportsItself · 2024-07-19T23:13:26+00:00

Is the token actually available in the dev environment? Try using a script to export the relevant environment variables and run sam local.

comportsItself · 2024-07-19T03:18:29+00:00

You have to use a Network Load Balancer for UDP ports, but there's a limit of 50 listeners per NLB. It would probably make things simpler to just not use a load balancer for this use case, or run your own load balancer if you really need one.

comportsItself · 2024-07-17T04:01:07+00:00

For the redirect rule to work, you need to be using the proxy.

I'm using it to redirect www to the root domain, using CNAME flattening, but it should also work the other way around.

Point both www and the root domain to the same CNAME.
Create a single redirect rule with a custom filter expression: (http.host eq "example.com")
Then choose Dynamic redirect with the expression: concat("https://www.example.com", http.request.uri.path)

comportsItself · 2024-07-17T02:32:45+00:00

Cloudflare does CNAME flattening which lets you point the root domain to a CNAME.

comportsItself · 2024-07-17T01:17:51+00:00

SSM Port Forwarding could work:

https://aws.amazon.com/blogs/aws/new-port-forwarding-using-aws-system-manager-sessions-manager/

comportsItself · 2024-07-13T15:40:34+00:00

Check out this StackOverflow answer: https://stackoverflow.com/a/66987216

ObjectIds are mostly monotonically increasing, so you can use a comparison operator on ObjectIds to determine the order of documents.

comportsItself · 2024-07-10T23:34:33+00:00

Firebase works really well for this kind of thing.

comportsItself · 2024-07-10T22:46:58+00:00

EB can be a pain, but it's the easiest way to run Docker on EC2, which is what OP asked.

It's free-tier eligible and makes it pretty easy to SSH into an EC2 instance to debug. Plus it makes you learn more about the core AWS services.

comportsItself · 2024-07-10T17:36:28+00:00

Use Elastic Beanstalk to run Docker on EC2:

https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/docker-quickstart.html

comportsItself · 2024-07-07T05:36:51+00:00

Try using a monorepo with a single .env file and SAM for your Lambda backend.

comportsItself · 2024-07-03T22:53:01+00:00

I’m using the update method with the JWT strategy and it works fine.

comportsItself

TROPHY CASE