Skip to content

Manual Deployment to Production #20

Manual Deployment to Production

Manual Deployment to Production #20

Workflow file for this run

name: Manual Deployment to Production
on:
workflow_dispatch:
inputs:
tag:
description: Tagged version to deploy
required: true
type: string
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
jobs:
deploy:
name: Deployment
runs-on: ubuntu-latest
steps:
- name: Remove broken apt repos [Ubuntu]
if: ${{ matrix.os }} == 'ubuntu-latest'
run: |
for apt_file in `grep -lr microsoft /etc/apt/sources.list.d/`; do sudo rm $apt_file; done
# Ref: https://github.com/actions/checkout/issues/1471#issuecomment-1771231294
- uses: actions/checkout@v4
- name: Tag checkout
run: |
git fetch --prune --unshallow --tags
git checkout ${{ github.event.inputs.tag }}
- uses: actions/cache@v2
with:
path: '**/node_modules'
key: ${{ runner.os }}-modules-${{ hashFiles('**/yarn.lock') }}
- name: Setup Node.js
uses: actions/setup-node@v2
- name: Install
run: |
rm -rf .cache
rm -rf build
yarn config set cache-folder .yarn
yarn install
pip install awscli --upgrade --user
- name: Build App for release
env:
ALGOLIA_ID: ${{ secrets.ALGOLIA_ID }}
ALGOLIA_INDEX: ${{ secrets.ALGOLIA_INDEX }}
ALGOLIA_KEY: ${{ secrets.ALGOLIA_KEY }}
GOOGLE_ANALYTICS_ID: ${{ secrets.PROD_GOOGLE_ANALYTICS_ID }}
run: yarn build
- name: Configure AWS Production credentials
uses: aws-actions/configure-aws-credentials@v1
with:
aws-access-key-id: ${{ secrets.PROD_AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.PROD_AWS_SECRET_ACCESS_KEY }}
aws-region: ${{ secrets.PROD_AWS_DEFAULT_REGION }}
# Script to deploy to release environment
- name: 'Deploy to S3: Release'
run: |
aws s3 sync build/ s3://${{ secrets.RELEASE_BUCKET_NAME }} --delete --exclude "*.html" --exclude "sitemap.xml" --cache-control max-age=86400,public
aws s3 sync build/ s3://${{ secrets.RELEASE_BUCKET_NAME }} --delete --exclude "*" --include "*.html" --cache-control max-age=0,no-cache,no-store,must-revalidate --content-type text/html
aws s3 sync build/ s3://${{ secrets.RELEASE_BUCKET_NAME }} --delete --exclude "*" --include "sitemap.xml" --cache-control max-age=0,no-cache,no-store,must-revalidate --content-type text/xml
- name: 'Cloudfront: cache invalidation'
run: |
aws cloudfront create-invalidation --distribution-id ${{ secrets.PROD_AWS_CLOUDFRONT_ID }} --paths "/*"
notify:
uses: ./.github/workflows/slack_release_notification.yml
if: ${{ always() }}
needs: [ deploy ]
secrets:
RELEASES_SLACK_WEBHOOK_URL: ${{ secrets.RELEASES_SLACK_WEBHOOK_URL }}
with:
environment: Production
service: GC Documentation
success: ${{ contains(join(needs.*.result, ','), 'success') }}
message: "deploy service `GC Documentation` version `${{ inputs.tag }}`. Triggered by `${{ github.actor }}`."