123 lines (106 loc) · 4.19 KB
/
dev-stage-prod.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
name: deploy to environment
on:
push:
branches: [main]
tags: ['*']
workflow_dispatch:
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
AWS_REGION: us-east-1
ACCOUNT_ID: 721520867440
STACK_NAME: FinalStack
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
AWS_SESSION_TOKEN: ${{ secrets.AWS_SESSION_TOKEN }}
concurrency:
group: ${{ github.head_ref || github.ref }}
cancel-in-progress: true
jobs:
build-deploy-test:
runs-on: ubuntu-latest
# this is required for authenticating to AWS via the OIDC Provider we set up
permissions:
id-token: write
contents: write
pull-requests: write
steps:
- uses: actions/checkout@v3
- uses: actions/setup-node@v3
with:
node-version: '18'
- name: Install infrastructure
uses: cypress-io/github-action@v6
with:
runTests: false
working-directory: infrastructure
- name: Install web
uses: cypress-io/github-action@v6
with:
runTests: false
working-directory: web
- name: Dynamically Set environment variables (dev, stage, prod)
run: |
if [ "${{ github.event_name }}" == "push" ] && [ ! -z "${{ github.event.ref }}" ]; then
if [ "${{ github.event.ref }}" == "refs/heads/main" ]; then
echo "NODE_ENV=dev" >> $GITHUB_ENV
echo "DOTENV_CONFIG_PATH=./.env.dev" >> $GITHUB_ENV
elif [ "${{ startsWith(github.event.ref, 'refs/tags/') }}" == "true" ]; then
echo "NODE_ENV=stage" >> $GITHUB_ENV
echo "DOTENV_CONFIG_PATH=./.env.stage" >> $GITHUB_ENV
elif [ "${{ startsWith(github.event.ref, 'refs/tags/prod-') }}" == "true" ]; then
echo "NODE_ENV=prod" >> $GITHUB_ENV
echo "DOTENV_CONFIG_PATH=./.env.prod" >> $GITHUB_ENV
fi
fi
- name: Build infrastructure and web for ${{ env.NODE_ENV }}
run: |
cd infrastructure
yarn build:${{ env.NODE_ENV }}
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v3
with:
aws-region: ${{ env.AWS_REGION }}
role-to-assume:
arn:aws:iam::${{ env.ACCOUNT_ID }}:role/GitHubActionsRole
role-session-name: GithubActionsSession
- name: cdk synth
run: |
cd infrastructure && CDK_DEFAULT_ACCOUNT=${{ env.ACCOUNT_ID }} CDK_DEFAULT_REGION=${{ env.AWS_REGION }} NODE_ENV=${{ env.NODE_ENV }} DOTENV_CONFIG_PATH=${{ env.DOTENV_CONFIG_PATH }} npx cdk synth
- name: deploy to ${{ env.NODE_ENV }}
# configuring creds is not needed after using an IAM role provided through an OIDC Provider
run: |
cd infrastructure && NODE_ENV=${{ env.NODE_ENV }} DOTENV_CONFIG_PATH=${{ env.DOTENV_CONFIG_PATH }} npx cdk deploy --require-approval never
- name: Export environment variables
run: |
cd infrastructure
yarn export:env
echo "FrontendUrl=$(cat ./.env | grep FrontendUrl | cut -d '=' -f 2)" >> $GITHUB_ENV
- name: Cypress e2e tests for backend api 🧪
uses: cypress-io/github-action@v6
with:
browser: chrome
install: false
record: true
group: backend-e2e-tests
tag: dev-backend
working-directory: infrastructure
env:
CYPRESS_RECORD_KEY: ${{ secrets.API_CYPRESS_RECORD_KEY }}
# in case you cannot export env vars, use this
- name: Get website URL
run: |
UI_BASE_URL="http://web-bucket-akemxdjqkl666-${{ env.NODE_ENV }}.s3-website-us-east-1.amazonaws.com/"
echo "UI_BASE_URL=$UI_BASE_URL" >> $GITHUB_ENV
echo "base url is $UI_BASE_URL"
- name: Front end e2e 🧪 ${{ env.FrontendUrl }} / ${{ env.UI_BASE_URL }}
uses: cypress-io/github-action@v6
with:
browser: chrome
install: false
config: baseUrl=${{ env.FrontendUrl }}
record: true
group: front-end-e2e-tests
tag: dev-front-end
working-directory: web
env:
CYPRESS_RECORD_KEY: ${{ secrets.UI_CYPRESS_RECORD_KEY }}