New auth #8
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build, test, and deploy to Prod | |
| on: | |
| push: | |
| branches: | |
| - master | |
| - infra | |
| jobs: | |
| run: | |
| runs-on: ubuntu-latest | |
| env: | |
| AWS_ACCESS_KEY_ID: ${{ secrets.PROD_AWS_ACCESS_KEY_ID }} | |
| AWS_SECRET_ACCESS_KEY: ${{ secrets.PROD_AWS_SECRET_ACCESS_KEY }} | |
| steps: | |
| - uses: actions/checkout@v2 | |
| - uses: actions/setup-python@v2 | |
| with: | |
| python-version: '3.8' | |
| - name: Setup Node | |
| uses: actions/setup-node@v1 | |
| with: | |
| node-version: '14.3' | |
| - name: Install dependencies | |
| working-directory: ./web | |
| run: npm i | |
| - name: Test Frontend | |
| working-directory: ./web | |
| run: npx tsc && npm run test | |
| - name: Build | |
| working-directory: ./web | |
| run: npm run build-prod | |
| - name: Deploy Frontend | |
| uses: reggionick/s3-deploy@v3 | |
| with: | |
| folder: ./web/build | |
| bucket: ${{ secrets.PROD_S3_BUCKET }} | |
| bucket-region: ap-southeast-2 | |
| dist-id: ${{ secrets.PROD_CF_DISTRIBUTION_ID }} | |
| invalidation: /* | |
| - name: Test Backend | |
| run: pip install -r requirements.txt && python -m unittest | |
| working-directory: ./app | |
| - name: Build and Deploy Backend | |
| working-directory: ./app | |
| run: | | |
| # Bundle all files | |
| zip -r ./deployment.zip . | |
| # Push to S3 | |
| aws s3 cp deployment.zip s3://${{ secrets.PROD_S3_CODE_BUCKET }}/deployment.zip | |
| # Get version form bucket | |
| NEW_VERSION=$( \ | |
| aws s3api list-object-versions \ | |
| --bucket ${{ secrets.PROD_S3_CODE_BUCKET }} \ | |
| --prefix deployment.zip \ | |
| --query 'Versions[?IsLatest].[VersionId]' \ | |
| --output text) | |
| # Update CF with new version | |
| aws cloudformation update-stack \ | |
| --stack-name ${{ secrets.PROD_API_CF_NAME }} \ | |
| --use-previous-template \ | |
| --capabilities CAPABILITY_IAM \ | |
| --region ap-southeast-2 \ | |
| --parameters \ | |
| ParameterKey=s3CodeVersion,ParameterValue=$NEW_VERSION \ | |
| ParameterKey=hostedZoneId,UsePreviousValue=true \ | |
| ParameterKey=lambdaBucket,UsePreviousValue=true \ | |
| ParameterKey=apiDomain,UsePreviousValue=true \ | |
| ParameterKey=environment,UsePreviousValue=true \ | |
| ParameterKey=signingSecretString,UsePreviousValue=true | |
| # Wait for update | |
| aws cloudformation wait stack-update-complete --stack-name ${{ secrets.PROD_API_CF_NAME }} | |
| env: | |
| AWS_DEFAULT_REGION: ap-southeast-2 |