feat(noah): create staging for new feature boundaries and updated log… #67
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Deploy to Production Server | |
| # Controls when the action will run. Triggers the workflow on push or pull request | |
| # events but only for the master branch. | |
| on: | |
| push: | |
| branches: [main] | |
| # A workflow run is made up of one or more jobs that can run sequentially or in parallel | |
| jobs: | |
| # This workflow contains a single job called "build" | |
| build-and-deploy: | |
| # The type of runner that the job will run on | |
| runs-on: ubuntu-latest | |
| env: | |
| AWS_S3_BUCKET_NAME: ${{ secrets.AWS_S3_BUCKET_NAME }} | |
| AWS_CF_DISTRIBUTION_ID: ${{ secrets.AWS_CF_DISTRIBUTION_ID }} | |
| # Here we are configuring build matrix that allows you to perform certain operations on your code | |
| # with different software/Operating system configurations. | |
| # In our case, we are only running it for Node v12.*. but you can multiple entries in that array. | |
| strategy: | |
| matrix: | |
| node-version: [12.x] | |
| # Steps represent a sequence of tasks that will be executed as part of the job | |
| steps: | |
| # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it | |
| # As you can see below we are using matrix.node-version => it means it will execute for all possible combinations | |
| # provided matrix keys array(in our case only one kye => node-version) | |
| - uses: actions/checkout@v2 | |
| - name: Use Node.js ${{ matrix.node-version }} | |
| uses: actions/setup-node@v2 | |
| with: | |
| node-version: ${{ matrix.node-version }} | |
| # Install the node modules | |
| - name: NPM Install | |
| run: npm install | |
| # Create production build | |
| - name: Production Build | |
| run: npm run build -- --prod # This is equivalent to 'ng build --prod' | |
| # Deploy to S3 | |
| # This is a third party action used to sync our production build app with the AWS S3 bucket | |
| # For security purpose, secrets are configured in project repo setting. | |
| - name: Deploy to S3 | |
| uses: jakejarvis/s3-sync-action@v0.5.1 | |
| with: | |
| # --acl public read => makes files publicly readable | |
| # --delete => permanently deletes files in S3 bucket that are not present in latest build | |
| args: --acl public-read --delete | |
| env: | |
| AWS_S3_BUCKET: ${{ secrets.AWS_S3_BUCKET_NAME }} # S3 bucket name | |
| # note: use IAM role with limited role for below access-key-id and secret-access-key | |
| AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} # Access Key ID | |
| AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} # Access Secret Key | |
| AWS_REGION: 'ap-southeast-1' | |
| SOURCE_DIR: 'dist/noah-frontend' # build folder | |
| # Invalidate CF Cache | |
| - name: Create CloudFront Cache Invalidation | |
| uses: chetan/invalidate-cloudfront-action@v2 | |
| env: | |
| DISTRIBUTION: ${{ secrets.AWS_CF_DISTRIBUTION_ID }} | |
| PATHS: '/*' | |
| AWS_REGION: 'ap-southeast-1' | |
| AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} |