Push to production (#238) #153
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Deploy the site to AWS S3 on a push to specific branches | |
name: Deploy | |
permissions: | |
id-token: write | |
contents: read | |
on: | |
push: | |
branches: | |
- main | |
- develop | |
env: | |
NODE: 16 | |
jobs: | |
define-environment: | |
name: Set environment | |
runs-on: ubuntu-latest | |
steps: | |
- name: Set the environment based on the branch | |
id: define_environment | |
run: | | |
if [ "${{ github.ref }}" = "refs/heads/main" ]; then | |
echo "env_name=production" >> $GITHUB_OUTPUT | |
elif [ "${{ github.ref }}" = "refs/heads/develop" ]; then | |
echo "env_name=staging" >> $GITHUB_OUTPUT | |
fi | |
- name: Print the environment | |
run: echo "The environment is ${{ steps.define_environment.outputs.env_name }}" | |
outputs: | |
env_name: ${{ steps.define_environment.outputs.env_name }} | |
build: | |
runs-on: ubuntu-latest | |
needs: define-environment | |
environment: ${{ needs.define-environment.outputs.env_name }} | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v3 | |
with: | |
submodules: recursive | |
- name: Cancel Previous Runs | |
uses: styfle/[email protected] | |
with: | |
access_token: ${{ github.token }} | |
- name: Use Node.js ${{ env.NODE }} | |
uses: actions/setup-node@v1 | |
with: | |
node-version: ${{ env.NODE }} | |
- name: Cache node_modules | |
uses: actions/cache@v2 | |
id: cache-node-modules | |
with: | |
path: | | |
node_modules | |
.veda/ui/node_modules | |
key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ hashFiles('**/package.json') }} | |
- name: Cache dist | |
uses: actions/cache@v2 | |
id: cache-dist | |
with: | |
path: dist | |
key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ github.workflow }}-${{ github.sha }} | |
- name: Install | |
run: ./.veda/setup | |
- name: Build production | |
env: | |
MAPBOX_TOKEN: ${{secrets.MAPBOX_TOKEN}} | |
GOOGLE_TAG_MANAGER_ID: ${{secrets.GOOGLE_TAG_MANAGER_ID}} | |
GOOGLE_TAG_AUTH: ${{secrets.GOOGLE_TAG_AUTH}} | |
GOOGLE_TAG_PREVIEW: ${{secrets.GOOGLE_TAG_PREVIEW}} | |
run: PUBLIC_URL="${{ vars.DOMAIN }}${{ vars.SUBPATH }}" yarn build # vars.SUBPATH should include the preceeding slash / | |
deploy: | |
runs-on: ubuntu-latest | |
needs: [build, define-environment] | |
environment: ${{ needs.define-environment.outputs.env_name }} | |
steps: | |
# See comment on checks.yml - prep step | |
- name: Checkout | |
uses: actions/checkout@v3 | |
with: | |
submodules: recursive | |
- name: Restore node_modules | |
uses: actions/cache@v2 | |
id: cache-node-modules | |
with: | |
path: | | |
node_modules | |
.veda/ui/node_modules | |
key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ hashFiles('**/package.json') }} | |
- name: Restore dist cache | |
uses: actions/cache@v2 | |
id: cache-dist | |
with: | |
path: dist | |
key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ github.workflow }}-${{ github.sha }} | |
- name: Use Node.js ${{ env.NODE }} | |
uses: actions/setup-node@v1 | |
with: | |
node-version: ${{ env.NODE }} | |
- name: Configure AWS Credentials | |
uses: aws-actions/configure-aws-credentials@v2 | |
with: | |
role-to-assume: ${{ secrets.DEPLOYMENT_ROLE_ARN }} | |
role-session-name: "ghgc-dashboard-${{ needs.define-environment.outputs.env_name }}-deployment" | |
aws-region: "us-west-2" | |
- name: Deploy to S3 Production | |
run: | | |
aws s3 sync ./dist s3://${{ secrets.S3_BUCKET }}${{ vars.SUBPATH }} --cache-control max-age=604800 --delete | |
- name: Request Invalidation to AWS Cloudfront | |
uses: oneyedev/aws-cloudfront-invalidation@v1 | |
with: | |
distribution-id: ${{ secrets.CF_DISTRIBUTION_ID }} | |
paths: | | |
${{ vars.SUBPATH }}* |