Merge pull request #36 from PythonMexico/staging

Staging

Author: alephramos

.commitlintrc.json

@@ -0,0 +1,3 @@
+{
+  "extends": ["@commitlint/config-conventional"]
+}

.github/workflows/build.yml

@@ -55,11 +55,10 @@ jobs:
           echo "✅ All links working!"
           pkill -f "mkdocs serve" || true
 
-      # Solo para main: guardar el sitio construido
+      # Upload build artifact for validation/review
       - name: Upload build artifact
-        if: github.ref == 'refs/heads/main'
         uses: actions/upload-artifact@v4
         with:
           name: site
           path: site/
-          retention-days: 1
+          retention-days: 3

.github/workflows/ci-cd.yml

@@ -0,0 +1,98 @@
+name: Deploy to AWS S3 + CloudFront
+
+on:
+  push:
+    branches: [ main ]
+
+permissions:
+  contents: read
+  id-token: write # Required for AWS OIDC authentication
+
+
+jobs:
+  commit_lint:
+    name: Validate Commit Messages
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          fetch-depth: 0 
+
+      - name: Validate PR Title
+        uses: wagoid/commitlint-github-action@v5 
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        with:
+          configFile: .commitlintrc.json
+
+  build-and-deploy:
+    needs: commit_lint
+    name: Build and Deploy to AWS
+    runs-on: ubuntu-latest
+    environment:
+      name: aws-prod
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+
+      - name: Set up Python
+        uses: actions/setup-python@v5
+        with:
+          python-version: '3.11'
+          cache: 'pip'
+
+      - name: Install dependencies
+        run: |
+          python -m pip install --upgrade pip
+          pip install -r requirements.txt
+
+      - name: Build MkDocs site
+        run: mkdocs build --strict --use-directory-urls
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Configure AWS credentials
+        uses: aws-actions/configure-aws-credentials@v4
+        with:
+          role-to-assume: ${{ secrets.AWS_ROLE_ARN }}
+          aws-region: ${{ secrets.AWS_REGION }}
+
+      - name: Sync to S3
+        run: |
+          aws s3 sync site/ s3://${{ secrets.AWS_S3_BUCKET }}/ \
+            --delete \
+            --cache-control "public, max-age=3600" \
+            --exclude "*.html" \
+            --exclude "sitemap.xml"
+
+          # Upload HTML files with shorter cache
+          aws s3 sync site/ s3://${{ secrets.AWS_S3_BUCKET }}/ \
+            --cache-control "public, max-age=600, must-revalidate" \
+            --content-type "text/html; charset=utf-8" \
+            --exclude "*" \
+            --include "*.html"
+
+          # Upload sitemap with no cache
+          aws s3 sync site/ s3://${{ secrets.AWS_S3_BUCKET }}/ \
+            --cache-control "public, max-age=0, must-revalidate" \
+            --exclude "*" \
+            --include "sitemap.xml"
+      
+  cleanup-staging:
+    name: Stop Staging Site
+    needs: build-and-deploy
+    runs-on: ubuntu-latest
+    environment:
+          name: aws-stag
+    steps:
+      - name: Configure AWS credentials
+        uses: aws-actions/configure-aws-credentials@v4
+        with:
+          role-to-assume: ${{ secrets.AWS_ROLE_ARN }}
+          aws-region: ${{ secrets.AWS_REGION }}
+
+      - name: Stop Staging Site
+        run: |
+          aws s3 rm s3://${{ secrets.AWS_S3_BUCKET }}/staging/ --recursive

.github/workflows/deploy-aws.yml

@@ -0,0 +1,91 @@
+name: Deploy to Staging (AWS S3 + CloudFront)
+
+on:
+  push:
+    branches: [ staging ]
+
+permissions:
+  contents: read
+  id-token: write # Required for AWS OIDC authentication
+
+
+jobs:
+
+  commit_lint:
+    name: Validate Commit Messages
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          fetch-depth: 0 
+
+      - name: Validate PR Title
+        uses: wagoid/commitlint-github-action@v5 
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        with:
+          configFile: .commitlintrc.json
+  build-and-deploy-staging:
+    name: Build and Deploy to Staging
+    needs: commit_lint
+    runs-on: ubuntu-latest
+    environment:
+      name: aws-stag
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+
+      - name: Set up Python
+        uses: actions/setup-python@v5
+        with:
+          python-version: '3.11'
+          cache: 'pip'
+
+      - name: Install dependencies
+        run: |
+          python -m pip install --upgrade pip
+          pip install -r requirements.txt
+
+      - name: Build MkDocs site
+        run: mkdocs build --strict --use-directory-urls
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Add staging banner to site
+        run: |
+          # Add a staging environment banner to all HTML files
+          find site -name "*.html" -type f -exec sed -i.bak '/<body/a \
+          <div style="background:#ff9800;color:#000;text-align:center;padding:10px;font-weight:bold;">\
+          🚧 STAGING ENVIRONMENT - NOT FOR PRODUCTION USE 🚧\
+          </div>' {} \;
+          # Clean up backup files
+          find site -name "*.bak" -type f -delete
+
+      - name: Configure AWS credentials
+        uses: aws-actions/configure-aws-credentials@v4
+        with:
+          role-to-assume: ${{ secrets.AWS_ROLE_ARN }}
+          aws-region: ${{ secrets.AWS_REGION }}
+
+      - name: Sync to S3 (Staging)
+        run: |
+          aws s3 sync site/ s3://${{ secrets.AWS_S3_BUCKET }}/ \
+            --delete \
+            --cache-control "public, max-age=300" \
+            --exclude "*.html" \
+            --exclude "sitemap.xml"
+
+          # Upload HTML files with shorter cache for staging
+          aws s3 sync site/ s3://${{ secrets.AWS_S3_BUCKET }}/ \
+            --cache-control "public, max-age=60, must-revalidate" \
+            --content-type "text/html; charset=utf-8" \
+            --exclude "*" \
+            --include "*.html"
+
+          # Upload sitemap with no cache
+          aws s3 sync site/ s3://${{ secrets.AWS_S3_BUCKET }}/ \
+            --cache-control "public, max-age=0, must-revalidate" \
+            --exclude "*" \
+            --include "sitemap.xml"

.github/workflows/deploy-staging.yml

@@ -271,3 +271,6 @@ Thumbs.db
 # Temporary files
 *.tmp
 *.temp
+
+# Generated files
+broken_links.json