Merge pull request #483 from vechain/mike/zizmor-patches #11

	name: Deploy Embedded Wallet Details Stack

	on:
	push:
	branches:
	- main
	paths: ['lambda/', '!lambda/tests/', '.github/workflows/deploy-api-lambda.yaml']

	permissions: {}

	jobs:
	deploy:
	permissions:
	contents: read
	id-token: write
	runs-on: ubuntu-latest
	env:
	AWS_REGION: ap-northeast-3
	steps:
	- name: Checkout
	uses: actions/checkout@v4

	- name: Configure AWS credentials
	uses: aws-actions/configure-aws-credentials@7474bc4690e29a8392af63c5b98e7449536d5c3a # v4
	with:
	role-to-assume: ${{ secrets.AWS_ACC_ROLE }}
	aws-region: ${{ env.AWS_REGION }}

	- name: Setup SAM CLI
	uses: aws-actions/setup-sam@c71dd89d980e49367c70391e8ada4353f52f2800 # v2
	with:
	use-installer: true
	token: ${{ secrets.GITHUB_TOKEN }}

	- name: Build and deploy Get Embedded Wallet Details Lambda
	run: \|
	cd lambda
	sam build
	sam deploy \
	--stack-name EmbeddedWalletStack \
	--region ${{ env.AWS_REGION }} \
	--capabilities CAPABILITY_IAM \
	--no-fail-on-empty-changeset \
	--parameter-overrides "PrivyAppId=${{ secrets.NEXT_PUBLIC_PRIVY_APP_ID }} PrivyAppSecret=${{ secrets.NEXT_PUBLIC_PRIVY_APP_SECRET }} UserCheckApiKey=${{ secrets.USERCHECK_API_KEY }} CertificateArn=${{ secrets.CERTIFICATE_ARN }} HostedZoneId=${{ secrets.HOSTED_ZONE_ID }} DomainName=${{ secrets.DOMAIN_NAME }}"

Provide feedback