authentik/.github/workflows/ci-aws-cfn.yml

---
name: CI - AWS cfn

on:
  push:
    branches:
      - main
      - next
      - version-*
  pull_request:
    branches:
      - main
      - version-*

env:
  POSTGRES_DB: authentik
  POSTGRES_USER: authentik
  POSTGRES_PASSWORD: "EK-5jnKfjrGRm<77"

jobs:
  check-changes-applied:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v5
      - name: Setup authentik env
        uses: ./.github/actions/setup
      - uses: ./.github/actions/setup-node
        with:
          working-directory: lifecycle/aws
      - name: Check changes have been applied
        run: |
          uv run make aws-cfn
          git diff --exit-code lifecycle/aws/template.yaml
  ci-aws-cfn-mark:
    if: always()
    needs:
      - check-changes-applied
    runs-on: ubuntu-latest
    steps:
      - uses: re-actors/alls-green@05ac9388f0aebcb5727afa17fcccfecd6f8ec5fe # release/v1
        with:
          jobs: ${{ toJSON(needs) }}