-
Notifications
You must be signed in to change notification settings - Fork 0
131 lines (113 loc) · 4.36 KB
/
deploy.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
name: deploy
permissions:
id-token: write # required for requesting the JWT
contents: read # required for actions/checkout
on:
workflow_dispatch:
inputs:
deployment_environment:
description: 'environment (either dev or test)'
required: true
api_version:
description: 'federated collection discovery API version - must be in this [list of tags](https://github.com/developmentseed/federated-collection-discovery/tags)'
required: true
jobs:
build_and_deploy:
runs-on: ubuntu-latest
environment: "${{ github.event.inputs.deployment_environment }}"
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Checkout client repository
uses: actions/checkout@v4
with:
repository: developmentseed/federated-collection-discovery
path: client_app
sparse-checkout: src/client
ref: "${{ github.event.inputs.api_version }}"
- name: Set up node
uses: actions/setup-node@v4
with:
node-version: 22
- name: Cache Node.js dependencies
uses: actions/cache@v4
with:
path: node_modules
key: node-modules-${{ runner.os }}-${{ hashFiles('**/package-lock.json') }}
restore-keys: |
node-modules-${{ runner.os }}-
- name: Cache Yarn dependencies
uses: actions/cache@v4
with:
path: |
client_app/src/client/node_modules
client_app/src/client/.yarn
key: yarn-cache-${{ runner.os }}-${{ hashFiles('client_app/src/client/yarn.lock') }}
restore-keys: |
yarn-cache-${{ runner.os }}-
- name: Install Yarn
run: npm install -g yarn
- name: Install Poetry
uses: Gr1N/setup-poetry@v9
with:
poetry-version: "1.8.0"
- name: Set up Python
uses: actions/setup-python@v5
with:
python-version: "3.12"
cache: poetry
cache-dependency-path: poetry.lock
- name: Assume Github OIDC role
uses: aws-actions/configure-aws-credentials@v4
with:
aws-region: us-west-2
role-to-assume: ${{ vars.DEPLOY_ROLE }}
role-session-name: federated-collection-discovery-${{ github.event.inputs.deployment_environment }}-deploy
- name: Install deployment dependencies
run: |
npm install
poetry install
cd client_app/src/client
yarn install
- name: Run CDK deploy
env:
STAGE: "${{ github.event.inputs.deployment_environment }}"
API_VERSION: "${{ github.event.inputs.api_version }}"
API_CERTIFICATE_ARN: "${{ vars.API_CERTIFICATE_ARN }}"
API_DOMAIN_NAME: "${{ vars.API_DOMAIN_NAME }}"
CLIENT_CERTIFICATE_ARN: "${{ vars.CLIENT_CERTIFICATE_ARN }}"
CLIENT_DOMAIN_NAME: "${{ vars.CLIENT_DOMAIN_NAME }}"
STAC_API_URLS: ${{ vars.STAC_API_URLS }}
run: |
start_time=$(date +%s)
poetry run npx cdk deploy --all --require-approval never --outputs-file cdk-output.json
status=$?
end_time=$(date +%s)
duration=$((end_time - start_time))
echo "success=${status}" >> $GITHUB_ENV
echo "duration=${duration}" >> $GITHUB_ENV
if [ $status -eq 0 ]; then
echo "CDK deploy successful."
else
echo "CDK deploy failed." >&2
exit 1
fi
export STACK_NAME=$(jq -r 'keys_unsorted[0]' cdk-output.json)
export REACT_APP_API_URL=$(jq -r --arg stack_name "$STACK_NAME" '.[$stack_name].ApiEndpoint' cdk-output.json)
echo "REACT_APP_API_URL=$REACT_APP_API_URL" >> $GITHUB_ENV
export BUCKET_NAME=$(jq -r --arg stack_name "$STACK_NAME" '.[$stack_name].ClientBucketName' cdk-output.json)
echo "BUCKET_NAME=$BUCKET_NAME" >> $GITHUB_ENV
export DISTRIBUTION_ID=$(jq -r --arg stack_name "$STACK_NAME" '.[$stack_name].CloudFrontId' cdk-output.json)
echo "DISTRIBUTION_ID=$DISTRIBUTION_ID" >> $GITHUB_ENV
- name: Build and deploy client app
working-directory: client_app/src/client
run: |
yarn build
aws s3 sync ./build s3://${BUCKET_NAME}
# invalidate existing index.html to refresh the site
aws cloudfront create-invalidation --distribution-id ${DISTRIBUTION_ID} --paths "/*"
- name: Upload cdk-output.json
uses: actions/upload-artifact@v4
with:
name: cdk-output.json
path: cdk-output.json