Skip to content

Feat/upload using cloudfront sign (#326) #201

Feat/upload using cloudfront sign (#326)

Feat/upload using cloudfront sign (#326) #201

Workflow file for this run

name: Deploy Backend to Product ECS
on:
push:
branches: ["main"]
paths:
- .github/workflows/aws-prod.yml
- server/**
- petercat_utils/**
- subscriber/**
- template.yml
env:
AWS_REGION: ${{ vars.AWS_REGION }}
permissions:
id-token: write # This is required for requesting the JWT
contents: read # This is required for actions/checkout
jobs:
deploy:
runs-on: ubuntu-latest
environment: production
strategy:
fail-fast: true
steps:
- name: Checkout
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: arn:aws:iam::654654285942:role/Github-OIDC
audience: sts.amazonaws.com
aws-region: ${{ env.AWS_REGION }}
# Build inside Docker containers
- run: sam build --use-container --config-file .aws/petercat-prod.toml
# Prevent prompts and failure when the stack is unchanged
- run: |
sam deploy \
--no-confirm-changeset \
--no-fail-on-empty-changeset \
--config-file .aws/petercat-prod.toml \
--parameter-overrides APIUrl="https://api.petercat.ai" \
WebUrl="https://www.petercat.ai" \
StaticUrl="https://static.petercat.ai" \
AWSGithubSecretName=${{ vars.AWS_GITHUB_SECRET_NAME }} \
AWSStaticSecretName=${{ vars.AWS_STATIC_SECRET_NAME }} \
AWSStaticKeyPairId=${{ secrets.AWS_STATIC_KEYPAIR_ID }} \
S3TempBucketName=${{ vars.S3_TEMP_BUCKET_NAME }} \
GitHubAppID=${{ secrets.X_GITHUB_APP_ID }} \
GithubAppsClientId=${{ secrets.X_GITHUB_APPS_CLIENT_ID }} \
GithubAppsClientSecret=${{ secrets.X_GITHUB_APPS_CLIENT_SECRET }} \
OpenAIAPIKey=${{ secrets.OPENAI_API_KEY }} \
GeminiAPIKey=${{ secrets.GEMINI_API_KEY }} \
SupabaseServiceKey=${{ secrets.SUPABASE_SERVICE_KEY }} \
SupabaseUrl=${{ secrets.SUPABASE_URL }} \
TavilyAPIKey=${{ secrets.TAVILY_API_KEY }} \
APIIdentifier=${{ secrets.API_IDENTIFIER }} \
FastAPISecretKey=${{ secrets.FASTAPI_SECRET_KEY }} \
SQSQueueName=${{ secrets.SQS_QUEUE_NAME }} \
SQSQueueUrl=${{ secrets.SQS_QUEUE_URL }} \
GitHubToken=${{ secrets.X_GITHUB_TOKEN }} \
Auth0Domain=${{ secrets.AUTH0_DOMAIN }} \
Auth0ClientId=${{ secrets.AUTH0_CLIENT_ID }} \
Auth0ClientSecret=${{ secrets.AUTH0_CLIENT_SECRET }}