-
Notifications
You must be signed in to change notification settings - Fork 0
154 lines (136 loc) · 6.21 KB
/
code-deploy-client.yml
File metadata and controls
154 lines (136 loc) · 6.21 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
name: Sync content with S3 Staging/Beta
on:
workflow_call:
inputs:
AWS_ACCOUNT:
required: true
type: string
STACK:
required: true
type: string
WORKING_DIR:
required: true
type: string
TARGET_BRANCH:
required: true
type: string
DOMAIN:
required: true
type: string
BUILD_DIR:
required: true
type: string
EXTRA_DISTRIBUTION_STACKS:
required: false
type: string
default: ''
description: |
Optional comma-separated list of additional CDK stack names whose
DistributionIdOutput should also be invalidated after STACK's CF
is invalidated. The assumed role must have
cloudfront:CreateInvalidation on each. Example: "PersonStack".
env:
FORCE_JAVASCRIPT_ACTIONS_TO_NODE24: true
jobs:
# GitHub-Slack app sends a workflow status message with live updates to #code-* channel
sync:
name: Upload to Amazon S3
runs-on: ubuntu-24.04
permissions:
id-token: write
contents: read
steps:
- name: Build role name
run: |
# Use shell string manipulation to extract the repository name
REPO_NAME="${GITHUB_REPOSITORY#*/}"
ROLE_NAME="arn:aws:iam::${{ inputs.AWS_ACCOUNT }}:role/${REPO_NAME}-repo"
# Set the environment variable for future steps
echo "ROLE_NAME=${ROLE_NAME}" >> $GITHUB_ENV
- name: Configure web-sync AWS credentials
uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: ${{ env.ROLE_NAME }}
aws-region: us-west-2
- name: Checkout code
uses: actions/checkout@v4
with:
ref: ${{ inputs.TARGET_BRANCH }}
- name: Get HELLO_VERSION
run: |
PACKAGE_FILE="package.json"
VERSION=$(jq -r '.version' "$PACKAGE_FILE")
echo "HELLO_VERSION=${VERSION}" >> $GITHUB_ENV
- name: Check repo version vs staged version
if: ${{ inputs.TARGET_BRANCH == 'main' }}
run: |
STAGE_VERSION=$(curl -sI "https://${{ inputs.DOMAIN }}/" | grep -i "x-amz-meta-version" | awk '{print $2}' | tr -d '\r')
echo "HELLO_VERSION: $HELLO_VERSION"
echo "STAGE_VERSION: $STAGE_VERSION"
if [ $STAGE_VERSION = $HELLO_VERSION ]; then
echo "$HELLO_VERSION has already been staged."
exit 1
fi
# Restore npm dependencies -----------------------
- name: Restore client node_modules
uses: actions/cache/restore@v4
id: client-node-modules-cache
with:
path: ./${{ inputs.WORKING_DIR }}/node_modules
key: ${{ runner.os }}-${{ runner.arch }}-client-node-modules-${{ hashFiles(format('{0}/package-lock.json', inputs.WORKING_DIR)) }}
- name: Install client dependencies
if: steps.client-node-modules-cache.outputs.cache-hit != 'true'
run: cd ${{ inputs.WORKING_DIR }} && npm ci
# ------------------------------------------------
- name: Build content
run: cd ${{ inputs.WORKING_DIR }} && npm run build
- name: Get bucket and distribution_id
run: |
BUCKET_NAME=$(aws cloudformation describe-stacks --stack-name ${{ inputs.STACK }} --query 'Stacks[0].Outputs[?OutputKey==`BucketNameOutput`].OutputValue' --output text)
DISTRIBUTION_ID=$(aws cloudformation describe-stacks --stack-name ${{ inputs.STACK }} --query 'Stacks[0].Outputs[?OutputKey==`DistributionIdOutput`].OutputValue' --output text)
echo "BUCKET_NAME=${BUCKET_NAME}" >> $GITHUB_ENV
echo "DISTRIBUTION_ID=${DISTRIBUTION_ID}" >> $GITHUB_ENV
- name: Cleanup S3 bucket
run: aws s3 rm s3://${BUCKET_NAME} --recursive
- name: Create versioned copies of root files for rollback and cp to S3
run: |
cd ${{inputs.BUILD_DIR}}
for file in *; do
if [ -f "$file" ]; then
aws s3 cp --metadata version=${HELLO_VERSION} --content-type "text/html; charset=UTF-8" --cache-control max-age=0 ${file} s3://${BUCKET_NAME}/
# dont create version files when deploying to beta
if [ "${{ inputs.TARGET_BRANCH }}" != "beta" ]; then
aws s3 cp --metadata version=${HELLO_VERSION} --content-type "text/html; charset=UTF-8" --cache-control max-age=0 ${file} s3://${BUCKET_NAME}/${HELLO_VERSION}/${file}
fi
fi
done
- name: Copy S3 assets to S3 bucket with the AWS CLI
run: aws s3 cp --metadata version=${HELLO_VERSION} ${{inputs.BUILD_DIR}}/assets s3://${BUCKET_NAME}/assets --recursive
- name: Upload .well-known directory if present
run: |
cd ${{inputs.BUILD_DIR}}
if [ -d ".well-known" ]; then
aws s3 cp --metadata version=${HELLO_VERSION} --content-type "application/json" --cache-control max-age=3600 .well-known/ s3://${BUCKET_NAME}/.well-known/ --recursive
fi
- name: Upload mobile fallback to sub-paths
run: |
cd ${{inputs.BUILD_DIR}}
if [ -f "mobile" ]; then
aws s3 cp --metadata version=${HELLO_VERSION} --content-type "text/html; charset=UTF-8" --cache-control max-age=0 mobile s3://${BUCKET_NAME}/mobile/callback
fi
- name: Invalidate CloudFront cache
run: aws cloudfront create-invalidation --distribution-id ${DISTRIBUTION_ID} --paths "/*"
- name: Invalidate additional CloudFront distributions
if: ${{ inputs.EXTRA_DISTRIBUTION_STACKS != '' }}
run: |
IFS=',' read -ra STACKS <<< "${{ inputs.EXTRA_DISTRIBUTION_STACKS }}"
for STACK in "${STACKS[@]}"; do
STACK="${STACK// /}"
EXTRA_DIST_ID=$(aws cloudformation describe-stacks --stack-name "$STACK" --query 'Stacks[0].Outputs[?OutputKey==`DistributionIdOutput`].OutputValue' --output text)
if [ -z "$EXTRA_DIST_ID" ] || [ "$EXTRA_DIST_ID" = "None" ]; then
echo "::error::DistributionIdOutput not found on stack $STACK"
exit 1
fi
echo "Invalidating $STACK ($EXTRA_DIST_ID)"
aws cloudfront create-invalidation --distribution-id "$EXTRA_DIST_ID" --paths "/*"
done