-
Notifications
You must be signed in to change notification settings - Fork 12
99 lines (80 loc) · 3.73 KB
/
prod_deploy.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
name: Manual Deployment to Production
on:
workflow_dispatch:
inputs:
tag:
description: Tagged version to deploy
required: true
type: string
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
env:
NEXT_PUBLIC_WC_PROJECT_ID: ${{ secrets.PROD_WC_PROJECT_ID }}
jobs:
deploy:
name: Deployment
runs-on: ubuntu-latest
steps:
- name: Remove broken apt repos [Ubuntu]
if: ${{ matrix.os }} == 'ubuntu-latest'
run: |
for apt_file in `grep -lr microsoft /etc/apt/sources.list.d/`; do sudo rm $apt_file; done
# Ref: https://github.com/actions/checkout/issues/1471#issuecomment-1771231294
- uses: actions/checkout@v4
- name: Tag checkout
run: |
git fetch --prune --unshallow --tags
git checkout ${{ github.event.inputs.tag }}
- uses: actions/cache@v2
with:
path: '**/node_modules'
key: ${{ runner.os }}-modules-${{ hashFiles('**/yarn.lock') }}
- name: Setup Node.js
uses: actions/setup-node@v2
- name: Install
run: |
rm -rf .cache
rm -rf build
yarn config set cache-folder .yarn
yarn install
pip install awscli --upgrade --user
- name: Build App for release
run: yarn update-deposits && yarn build
- name: Install Playwright Browsers
run: |
yarn add playwright --dev
yarn playwright install
- name: Setup xvfb
run: |
sudo apt-get update
sudo apt-get install -y xvfb
# - name: Run tests
# run: xvfb-run --auto-servernum --server-args='-screen 0, 1920x1080x24' yarn run-e2e-tests
- name: Configure AWS Production credentials
uses: aws-actions/configure-aws-credentials@v1
with:
aws-access-key-id: ${{ secrets.PROD_AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.PROD_AWS_SECRET_ACCESS_KEY }}
aws-region: ${{ secrets.PROD_AWS_DEFAULT_REGION }}
# Script to deploy to release environment
- name: 'Deploy to S3: Release'
run: |
aws s3 sync build/ s3://${{ secrets.RELEASE_BUCKET_NAME }} --delete --exclude "*.html" --exclude "sitemap.xml" --cache-control max-age=86400,public
aws s3 sync build/ s3://${{ secrets.RELEASE_BUCKET_NAME }} --delete --exclude "*" --include "*.html" --cache-control max-age=0,no-cache,no-store,must-revalidate --content-type text/html
aws s3 sync build/ s3://${{ secrets.RELEASE_BUCKET_NAME }} --delete --exclude "*" --include "sitemap.xml" --cache-control max-age=0,no-cache,no-store,must-revalidate --content-type text/xml
aws s3 sync data s3://${{ secrets.RELEASE_BUCKET_NAME }}/data --delete
- name: 'Cloudfront: cache invalidation'
run: |
aws cloudfront create-invalidation --distribution-id ${{ secrets.PROD_AWS_CLOUDFRONT_ID }} --paths "/*"
notify:
uses: ./.github/workflows/slack_release_notification.yml
if: ${{ always() }}
needs: deploy
secrets:
RELEASES_SLACK_WEBHOOK_URL: ${{ secrets.RELEASES_SLACK_WEBHOOK_URL }}
with:
environment: Production
service: GC Deposit UI
success: ${{ contains(join(needs.*.result, ','), 'success') }}
message: "deploy service `GC Deposit UI` version `${{ inputs.tag }}`. Triggered by `${{ github.actor }}`."