From e144d9b7d24ae930b67fc9d7962f17ae8cde49e9 Mon Sep 17 00:00:00 2001 From: Ajeet Chaulagain Date: Sun, 29 Mar 2026 13:18:24 +1100 Subject: [PATCH 01/10] Add github actions deployment workflow --- .github/workflows/deploy.yml | 50 ++++++++++++++++++++++++++++++++++++ 1 file changed, 50 insertions(+) create mode 100644 .github/workflows/deploy.yml diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml new file mode 100644 index 0000000..19bed85 --- /dev/null +++ b/.github/workflows/deploy.yml @@ -0,0 +1,50 @@ +name: Deploy CDK + +on: + push: + branches: + - main + workflow_dispatch: + inputs: + deploy_branch: + description: 'Branch to deploy' + required: true + default: 'main' + +jobs: + deploy: + runs-on: ubuntu-latest + + steps: + - name: Checkout + uses: actions/checkout@v4 + + - name: Set up Node.js + uses: actions/setup-node@v4 + with: + node-version: 20 + cache: 'npm' + + - name: Install dependencies + run: npm ci + + - name: Build application + run: npm run build + + - name: Build Lambda layer + run: npm run build:layer + + - name: Configure AWS credentials + uses: aws-actions/configure-aws-credentials@v4 + with: + aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} + aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + aws-region: ${{ secrets.AWS_REGION }} + + - name: Install CDK dependencies + run: npm ci + working-directory: infra + + - name: Deploy + run: npx cdk deploy --require-approval never + working-directory: infra From 24d79ee486679b5ea0e6887128af78796038c8d4 Mon Sep 17 00:00:00 2001 From: Ajeet Chaulagain Date: Sun, 29 Mar 2026 13:25:51 +1100 Subject: [PATCH 02/10] Add a pull request trigger --- .github/workflows/deploy.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index 19bed85..512ca34 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -4,6 +4,7 @@ on: push: branches: - main + pull_request: workflow_dispatch: inputs: deploy_branch: From 24c0cd36c1a2f5963a303768dbb989336da09fe3 Mon Sep 17 00:00:00 2001 From: Ajeet Chaulagain Date: Sun, 29 Mar 2026 14:09:14 +1100 Subject: [PATCH 03/10] Exclude infra directory from compilatation and set the rootDir explicity --- tsconfig.build.json | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/tsconfig.build.json b/tsconfig.build.json index 64f86c6..6c80d53 100644 --- a/tsconfig.build.json +++ b/tsconfig.build.json @@ -1,4 +1,7 @@ { "extends": "./tsconfig.json", - "exclude": ["node_modules", "test", "dist", "**/*spec.ts"] + "compilerOptions": { + "rootDir": "./" + }, + "exclude": ["node_modules", "test", "dist", "infra", "**/*spec.ts"] } From 9584eb75e262fa798a9aa221fbd21e3dbe268fb5 Mon Sep 17 00:00:00 2001 From: Ajeet Chaulagain Date: Sun, 29 Mar 2026 14:10:25 +1100 Subject: [PATCH 04/10] Fix minor type for lambda layer build script --- .github/workflows/deploy.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index 512ca34..8681006 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -33,7 +33,7 @@ jobs: run: npm run build - name: Build Lambda layer - run: npm run build:layer + run: npm run build:lambda-layer - name: Configure AWS credentials uses: aws-actions/configure-aws-credentials@v4 From 1cdffd2684b03f2e731d7e1f402d654a47740572 Mon Sep 17 00:00:00 2001 From: Ajeet Chaulagain Date: Sun, 29 Mar 2026 14:14:47 +1100 Subject: [PATCH 05/10] fix: udpte the script to create folder if not exist --- package.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/package.json b/package.json index c57e78d..0cedb5b 100644 --- a/package.json +++ b/package.json @@ -18,7 +18,7 @@ "test:cov": "jest --coverage", "test:debug": "node --inspect-brk -r tsconfig-paths/register -r ts-node/register node_modules/.bin/jest --runInBand", "test:e2e": "jest --config ./test/jest-e2e.json", - "build:lambda-layer": "cp package.json package-lock.json layer/nodejs/ && npm ci --prefix layer/nodejs --omit=dev && rm layer/nodejs/package.json layer/nodejs/package-lock.json" + "build:lambda-layer": "mkdir -p layer/nodejs && cp package.json package-lock.json layer/nodejs/ && npm ci --prefix layer/nodejs --omit=dev && rm layer/nodejs/package.json layer/nodejs/package-lock.json" }, "dependencies": { "@codegenie/serverless-express": "^4.17.1", From b4c09115c19ca15231e6dd7e71d75735a0af3d30 Mon Sep 17 00:00:00 2001 From: Ajeet Chaulagain Date: Sun, 29 Mar 2026 14:19:38 +1100 Subject: [PATCH 06/10] Minor workflow cleanup --- .github/workflows/deploy.yml | 10 +++------- 1 file changed, 3 insertions(+), 7 deletions(-) diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index 8681006..19020f2 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -5,12 +5,8 @@ on: branches: - main pull_request: - workflow_dispatch: - inputs: - deploy_branch: - description: 'Branch to deploy' - required: true - default: 'main' + branches: + - main jobs: deploy: @@ -46,6 +42,6 @@ jobs: run: npm ci working-directory: infra - - name: Deploy + - name: Deploy CDK Stack run: npx cdk deploy --require-approval never working-directory: infra From 2ef81372d0e35440410e1abdcec868b71b7e1b8f Mon Sep 17 00:00:00 2001 From: Ajeet Chaulagain Date: Sun, 29 Mar 2026 14:24:17 +1100 Subject: [PATCH 07/10] fix: add AWS_REGION as variables to unmask the region in api url --- .github/workflows/deploy.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index 19020f2..c9179d7 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -36,7 +36,7 @@ jobs: with: aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} - aws-region: ${{ secrets.AWS_REGION }} + aws-region: ${{ vars.AWS_REGION }} - name: Install CDK dependencies run: npm ci From 539bea22532467e3ef92e51c343d5cf5c7ea9565 Mon Sep 17 00:00:00 2001 From: Ajeet Chaulagain Date: Sun, 29 Mar 2026 14:29:26 +1100 Subject: [PATCH 08/10] Use node 24 and corresponding actions --- .github/workflows/deploy.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index c9179d7..973d93d 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -14,12 +14,12 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@v4.2.2 - name: Set up Node.js - uses: actions/setup-node@v4 + uses: actions/setup-node@v4.4.0 with: - node-version: 20 + node-version: 24 cache: 'npm' - name: Install dependencies @@ -32,7 +32,7 @@ jobs: run: npm run build:lambda-layer - name: Configure AWS credentials - uses: aws-actions/configure-aws-credentials@v4 + uses: aws-actions/configure-aws-credentials@v4.1.0 with: aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} From 2771f7622b1b886f4ac7b9b6163fd86460dc2a46 Mon Sep 17 00:00:00 2001 From: Ajeet Chaulagain Date: Sun, 29 Mar 2026 14:31:49 +1100 Subject: [PATCH 09/10] Use Node v24 in lambda runtime too --- infra/lib/infra-stack.ts | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/infra/lib/infra-stack.ts b/infra/lib/infra-stack.ts index 7897843..6762fe1 100644 --- a/infra/lib/infra-stack.ts +++ b/infra/lib/infra-stack.ts @@ -11,12 +11,12 @@ export class InfraStack extends cdk.Stack { const nodeModulesLayer = new lambda.LayerVersion(this, 'NodeModulesLayer', { code: lambda.Code.fromAsset(path.join(__dirname, '../../layer')), - compatibleRuntimes: [lambda.Runtime.NODEJS_20_X], + compatibleRuntimes: [lambda.Runtime.NODEJS_24_X], description: 'Production node_modules for NestJS Lambda', }); const nestApiLambda = new lambda.Function(this, 'NestApiLambdaFunction', { - runtime: lambda.Runtime.NODEJS_20_X, + runtime: lambda.Runtime.NODEJS_24_X, handler: 'src/lambda.handler', code: lambda.Code.fromAsset(path.join(__dirname, '../../dist'), { exclude: ['infra', 'tsconfig*'], From 93dc2c665f8149cf975a5c0fed4305664ae07165 Mon Sep 17 00:00:00 2001 From: Ajeet Chaulagain Date: Sun, 29 Mar 2026 15:08:31 +1100 Subject: [PATCH 10/10] rm on pull_request trigger --- .github/workflows/deploy.yml | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index 973d93d..5e14158 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -1,13 +1,9 @@ -name: Deploy CDK +name: Deploy on: push: branches: - main - pull_request: - branches: - - main - jobs: deploy: runs-on: ubuntu-latest