Skip to content

feat(4as): staging branch for exposure assessment feature in noah stu… #56

feat(4as): staging branch for exposure assessment feature in noah stu…

feat(4as): staging branch for exposure assessment feature in noah stu… #56

name: Deploy to Production Server
# Controls when the action will run. Triggers the workflow on push or pull request
# events but only for the master branch.
on:
push:
branches: [main]
# A workflow run is made up of one or more jobs that can run sequentially or in parallel
jobs:
# This workflow contains a single job called "build"
build-and-deploy:
# The type of runner that the job will run on
runs-on: ubuntu-latest
env:
AWS_S3_BUCKET_NAME: ${{ secrets.AWS_S3_BUCKET_NAME }}
AWS_CF_DISTRIBUTION_ID: ${{ secrets.AWS_CF_DISTRIBUTION_ID }}
# Here we are configuring build matrix that allows you to perform certain operations on your code
# with different software/Operating system configurations.
# In our case, we are only running it for Node v12.*. but you can multiple entries in that array.
strategy:
matrix:
node-version: [12.x]
# Steps represent a sequence of tasks that will be executed as part of the job
steps:
# Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
# As you can see below we are using matrix.node-version => it means it will execute for all possible combinations
# provided matrix keys array(in our case only one kye => node-version)
- uses: actions/checkout@v2
- name: Use Node.js ${{ matrix.node-version }}
uses: actions/setup-node@v2
with:
node-version: ${{ matrix.node-version }}
# Install the node modules
- name: NPM Install
run: npm install
# Create production build
- name: Production Build
run: npm run build -- --prod # This is equivalent to 'ng build --prod'
# Deploy to S3
# This is a third party action used to sync our production build app with the AWS S3 bucket
# For security purpose, secrets are configured in project repo setting.
- name: Deploy to S3
uses: jakejarvis/[email protected]
with:
# --acl public read => makes files publicly readable
# --delete => permanently deletes files in S3 bucket that are not present in latest build
args: --acl public-read --delete
env:
AWS_S3_BUCKET: ${{ secrets.AWS_S3_BUCKET_NAME }} # S3 bucket name
# note: use IAM role with limited role for below access-key-id and secret-access-key
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} # Access Key ID
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} # Access Secret Key
AWS_REGION: 'ap-southeast-1'
SOURCE_DIR: 'dist/noah-frontend' # build folder
# Invalidate CF Cache
- name: Create CloudFront Cache Invalidation
uses: chetan/invalidate-cloudfront-action@v2
env:
DISTRIBUTION: ${{ secrets.AWS_CF_DISTRIBUTION_ID }}
PATHS: '/*'
AWS_REGION: 'ap-southeast-1'
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}