new staging workflow

thunderbird · Jun 6, 2024 · d121a79 · d121a79
1 parent 8c605e9
commit d121a79
Showing 1 changed file with 39 additions and 42 deletions.
diff --git a/.github/workflows/deploy-staging.yml b/.github/workflows/deploy-staging.yml
@@ -8,6 +8,7 @@ on:
   push:
     branches:
       - main
+      -separate-environment-builds
 
 permissions:
   id-token: write   # This is required for requesting the JWT
@@ -57,13 +58,6 @@ jobs:
     steps:
       - uses: actions/checkout@v4
 
-      - name: Configure AWS credentials
-        uses: aws-actions/configure-aws-credentials@v4
-        with:
-          role-to-assume: ${{ secrets.IAM_ROLE }}
-          role-session-name: Appointment_GitHub_to_AWS_via_FederatedOIDC
-          aws-region: ${{ vars.AWS_REGION }}
-
       - name: install opentofu
         uses: opentofu/setup-opentofu@v1
         with: 
@@ -76,6 +70,13 @@ jobs:
           sudo chmod +x /bin/terragrunt
           terragrunt -v
 
+      - name: Configure AWS credentials
+        uses: aws-actions/configure-aws-credentials@v4
+        with:
+          role-to-assume: ${{ secrets.IAM_ROLE }}
+          role-session-name: Appointment_GitHub_to_AWS_via_FederatedOIDC
+          aws-region: ${{ vars.AWS_REGION }}
+
       - name: vpc
         working-directory: ./tofu/environments/stage/network/vpc
         run: |
@@ -143,7 +144,7 @@ jobs:
       - name: Install dependencies
         run: cd frontend && yarn install
 
-      - name: Build project
+      - name: Build stage frontend
         run: |
           cp frontend/.env.stage.example frontend/.env.stage
           cd frontend && yarn build --mode ${{ vars.APP_ENV }}
@@ -173,28 +174,10 @@ jobs:
           role-session-name: Appointment_GitHub_to_AWS_via_FederatedOIDC
           aws-region: ${{ vars.AWS_REGION }}
 
-      - name: Create Frontend Archive
-        run: zip frontend.zip frontend/dist
-
-      - name: Archive Frontend
-        uses: actions/upload-artifact@v4
-        with:
-          name: frontend
-          path: frontend.zip
-
-      - name: Get frontend bucket & distribution
-        id: get-frontend-resources
-        working-directory: ./tofu/environments/stage/services/frontend-infra
-        run: |
-          echo "bucket=$(terragrunt output bucket_name | tr -d '"')" >> $GITHUB_OUTPUT
-          echo "distribution=$(terragrunt output cloudfront_id)" >> $GITHUB_OUTPUT
-
       - name: Deploy frontend to S3
-        run: aws s3 sync frontend/dist "s3://${{ steps.get-frontend-resources.outputs.bucket }}"
-
-      - name: Invalidate Cloudfront cache
-        run: aws cloudfront create-invalidation --distribution-id ${{ steps.get-frontend-resources.outputs.distribution }} --paths "/*"
-
+        run: |
+          aws s3 sync frontend/dist "s3://$(terragrunt output bucket_name | tr -d '"')"
+          aws cloudfront create-invalidation --distribution-id $(terragrunt output cloudfront_id) --paths "/*"
 
 
   deploy-backend:
@@ -226,13 +209,6 @@ jobs:
     steps:
       - uses: actions/checkout@v4
 
-      - name: Configure AWS credentials
-        uses: aws-actions/configure-aws-credentials@v4
-        with:
-          role-to-assume: ${{ secrets.IAM_ROLE }}
-          role-session-name: Appointment_GitHub_to_AWS_via_FederatedOIDC
-          aws-region: ${{ vars.AWS_REGION }}
-
       - name: install opentofu
         uses: opentofu/setup-opentofu@v1
         with: 
@@ -245,6 +221,13 @@ jobs:
           sudo chmod +x /bin/terragrunt
           terragrunt -v
 
+      - name: Configure AWS credentials
+        uses: aws-actions/configure-aws-credentials@v4
+        with:
+          role-to-assume: ${{ secrets.IAM_ROLE }}
+          role-session-name: Appointment_GitHub_to_AWS_via_FederatedOIDC
+          aws-region: ${{ vars.AWS_REGION }}
+
       - name: Login to Amazon ECR
         id: login-ecr
         uses: aws-actions/amazon-ecr-login@v2
@@ -290,20 +273,33 @@ jobs:
       needs.deploy-backend.result == 'success' &&
       needs.deploy-frontend.result == 'success'
 
-    environment: staging
+    environment: production
     runs-on: ubuntu-latest
     steps:
-      - name: download artifact
-        uses: actions/download-artifact@v4
+      - uses: actions/checkout@v4
+
+      - name: Setup NPM
+        uses: actions/setup-node@v4
         with:
-          name: 
-            frontend
+          node-version: '18.x'
+
+      - name: Install dependencies
+        run: cd frontend && yarn install
+
+      - name: Build prod frontend
+        run: |
+          cp frontend/.env.prod.example frontend/.env.prod
+          cd frontend && yarn build --mode ${{ vars.APP_ENV }}
+          zip -r frontend.zip frontend/dist
 
       - name: download ecr tag
         uses: actions/download-artifact@v4
         with:
             name: 
               ecr_tag
+
+      - name: Zip IaC
+        run: zip -r iac.zip tofu -x "tofu/environments/stage/*" "tofu/environments/prod/*/*/.terragrunt-cache/*"
 
       - name: create release tag
         id: create-release-tag
@@ -324,5 +320,6 @@ jobs:
             In order to promote this to prod, edit the draft and press **"Publish release"**.
           draft: true
           files: |
-            frontend.zip
             ecr_tag.zip
+            frontend.zip
+            iac.zip