Merge pull request #458 from asfadmin/test #105
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Deploy to AWS | |
on: | |
push: | |
branches: | |
- prod | |
- test | |
concurrency: ${{ github.workflow }}-${{ github.ref }} | |
jobs: | |
deploy: | |
runs-on: ubuntu-latest | |
strategy: | |
matrix: | |
include: | |
- environment: grfn | |
stack_name: distribution-prod-20190311 | |
domain: grfn.asf.alaska.edu | |
auth_url: "https://urs.earthdata.nasa.gov/oauth/authorize?response_type=code&client_id=BO_n7nTIlMljdvU6kRRB3g&redirect_uri=https://auth.asf.alaska.edu/login" | |
jwt_cookie_name: asf-urs | |
log_bucket: grfn-logs | |
private_bucket: grfn-content-prod | |
deploy_ref: refs/heads/prod | |
- environment: grfn-test | |
stack_name: distribution-test | |
domain: grfn-test.asf.alaska.edu | |
auth_url: "https://urs.earthdata.nasa.gov/oauth/authorize?response_type=code&client_id=BO_n7nTIlMljdvU6kRRB3g&redirect_uri=https://auth.asf.alaska.edu/login" | |
jwt_cookie_name: asf-urs | |
log_bucket: grfn-logs | |
private_bucket: grfn-content-test | |
deploy_ref: refs/heads/test | |
environment: | |
name: ${{ matrix.environment }} | |
url: https://${{ matrix.domain }} | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: aws-actions/configure-aws-credentials@v4 | |
with: | |
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
aws-region: ${{ secrets.AWS_REGION }} | |
- uses: actions/setup-python@v5 | |
with: | |
python-version: 3.12 | |
- name: install dependencies | |
if: github.ref == matrix.deploy_ref | |
shell: bash | |
run: | | |
python -m pip install --upgrade pip | |
python -m pip install -r requirements-door.txt -t door/src/ | |
python -m pip install -r requirements-door-binary.txt --platform manylinux2014_x86_64 --only-binary=:all: -t door/src/ | |
- name: package and deploy | |
if: github.ref == matrix.deploy_ref | |
shell: bash | |
run: | | |
aws cloudformation package \ | |
--template-file cloudformation.yaml \ | |
--s3-bucket grfn-build \ | |
--s3-prefix cloudformation \ | |
--output-template-file packaged.yml | |
aws cloudformation deploy \ | |
--stack-name ${{ matrix.stack_name }} \ | |
--template-file packaged.yml \ | |
--role-arn ${{ secrets.CLOUDFORMATION_ROLE_ARN }} \ | |
--capabilities CAPABILITY_NAMED_IAM \ | |
--parameter-overrides \ | |
CertificateArn='${{ secrets.CETRIFICATE_ARN }}' \ | |
CloudFrontKeyPairId='${{ secrets.CLOUDFRONT_KEY_PAIR_ID }}' \ | |
DomainName='${{ matrix.domain }}' \ | |
LogBucket='${{ matrix.log_bucket }}' \ | |
PrivateBucket='${{ matrix.private_bucket }}' \ | |
PrivateKeySecretName='${{ secrets.PRIVATE_KEY_SECRET_NAME }}' \ | |
AuthUrl='${{ matrix.auth_url }}' \ | |
JwtCookieName='${{ matrix.jwt_cookie_name }}' \ | |
JwtPublicKey='${{ secrets.JWT_PUBLIC_KEY }}' |