Example GH Action deploying a CDK stack

infra-ecs-deploy.yml

name: Deploy Infra ECS
on:
  workflow_dispatch:
    inputs:
      env:
        description: 'The env to deploy in'
        default: 'dev'
        # Input has to be provided for the workflow to run
        required: true
      action:
        description: 'The cdk command (deploy or destroy)'
        default: 'deploy'
        required: true
jobs:
  build:
    runs-on: ubuntu-latest
    steps:
    # Uses checkout@v2 to checkout the current repo
    - uses: actions/checkout@v2
    # Install node.js since we need npm to install cdk
    - name: Use Node.js
      uses: actions/setup-node@v1
      with:
        node-version: '14.x'
    # Cache node modules for subsequent runs to reduce build times
    - name: Cache Node.js modules
      uses: actions/cache@v2
      with:
        path: ~/.npm
        key: ${{ runner.OS }}-node-${{ hashFiles('**/package-lock.json') }}
        restore-keys: |
          ${{ runner.OS }}-node-
          ${{ runner.OS }}-
    # Install cdk and typescript globally
    - name: Install CDK and typescript globally
      run: |
        npm i -g aws-cdk typescript ts-node @types/node
        npm link typescript
    #Configure dev params if running in dev
    - name: Configure AWS credentials for dev account
      uses: aws-actions/configure-aws-credentials@v1
      with:
        aws-access-key-id: ${{ secrets.DEV_AWS_ACCESS_KEY_ID }}
        aws-secret-access-key: ${{ secrets.DEV_AWS_SECRET_ACCESS_KEY }}
        aws-region: ${{ secrets.DEV_AWS_REGION }}
      if: github.ref == 'refs/heads/master' && github.event.inputs.env == 'dev'
      #Configure dev params if running in prod dev
    - name: Configure AWS credentials for prod account
      uses: aws-actions/configure-aws-credentials@v1
      with:
        aws-access-key-id: ${{ secrets.PROD_AWS_ACCESS_KEY_ID }}
        aws-secret-access-key: ${{ secrets.PROD_AWS_SECRET_ACCESS_KEY }}
        aws-region: ${{ secrets.PROD_AWS_REGION }}
      if: github.ref == 'refs/heads/master' && github.event.inputs.env == 'prod'
      #cd into the infra-ecs folder and deploy cdk stack in dev
    - name: Deploy CDK in dev
      run: |
        cd infra-ecs
        export CDK_DEFAULT_ACCOUNT=${{ secrets.DEV_AWS_TARGET_ACCOUNT }}
        export CDK_DEFAULT_REGION=${{ secrets.DEV_AWS_REGION }}
        npm install
        cdk deploy --require-approval never
      if: github.ref == 'refs/heads/master' && github.event.inputs.env == 'dev' && github.event.inputs.action == 'deploy'
      # cd into infra-ecs folder and destroy cdk stack in dev
    - name: Destroy CDK in dev
      run: |
        cd infra-ecs
        export CDK_DEFAULT_ACCOUNT=${{ secrets.DEV_AWS_TARGET_ACCOUNT }}
        export CDK_DEFAULT_REGION=${{ secrets.DEV_AWS_REGION }}
        npm install
        cdk destroy -f
      if: github.ref == 'refs/heads/master' && github.event.inputs.env == 'dev' && github.event.inputs.action == 'destroy'
    #cd into the infra-ecs folder and deploy cdk stack in prod
    - name: Deploy CDK in prod
      run: |
        cd infra-ecs
        export CDK_DEFAULT_ACCOUNT=${{ secrets.PROD_AWS_TARGET_ACCOUNT }}
        export CDK_DEFAULT_REGION=${{ secrets.PROD_AWS_REGION }}
        npm install
        cdk deploy --require-approval never
      if: github.ref == 'refs/heads/master' && github.event.inputs.env == 'prod' && github.event.inputs.action == 'deploy'
    # cd into infra-ecs folder and destroy cdk stack in prod
    - name: Destroy CDK in prod
      run: |
        cd infra-ecs
        export CDK_DEFAULT_ACCOUNT=${{ secrets.PROD_AWS_TARGET_ACCOUNT }}
        export CDK_DEFAULT_REGION=${{ secrets.PROD_AWS_REGION }}
        npm install
        cdk destroy -f
      if: github.ref == 'refs/heads/master' && github.event.inputs.env == 'prod' && github.event.inputs.action == 'destroy'