Skip to content

Deploy

Deploy #576

Workflow file for this run

name: Deploy
on:
release:
types: [published]
workflow_dispatch:
permissions:
id-token: write
contents: write
issues: write
jobs:
main:
runs-on: ubuntu-latest
environment: production
env:
BASE_URL: /map/
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
- uses: actions/setup-node@v4
with:
node-version: "22.x"
cache: "npm"
- name: Install dependencies
run: npm ci --no-audit
- name: Set version
run:
echo "VERSION=`git describe --tags HEAD | tr -d '\n'`" >> $GITHUB_ENV
- name: Build
env:
VERSION: ${{ env.VERSION }}
REGISTRY_ENDPOINT: ${{ vars.REGISTRY_ENDPOINT }}
DOMAIN_NAME: ${{ vars.DOMAIN_NAME }}
SENTRY_DSN: ${{ vars.SENTRY_DSN }}
run: |
npm run build
mkdir ./dist/.well-known
echo ${{ env.VERSION }} > ./dist/.well-known/release
cp assets/* dist/assets
- name: Cache AWS CLI (Linux)
id: cache-aws-cli
uses: actions/cache@v4
with:
path: aws/
key: cache-aws-cli
- name: Install AWS
if: steps.cache-aws-cli.outputs.cache-hit != 'true'
run: |
curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip"
unzip -q awscliv2.zip
sudo ./aws/install --update
- name: configure AWS credentials
uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: ${{ secrets.AWS_ROLE }}
role-session-name: gh-actions-publish
aws-region: ${{ vars.AWS_REGION }}
- name: Get bucket name
run: |
BUCKET_NAME=`aws cloudformation describe-stacks --stack-name ${{ vars.STACK_NAME }} | jq -r '.Stacks[0].Outputs[] | select(.OutputKey == "bucketName") | .OutputValue'`
echo "BUCKET_NAME=${BUCKET_NAME}" >> $GITHUB_ENV
echo "S3_LOCATION=${BUCKET_NAME}${{ env.BASE_URL }}" >> $GITHUB_ENV
- name: Delete old files
run: |
aws s3 rm s3://${{ env.S3_LOCATION }} --recursive
- name: Upload build
run: |
aws s3 sync dist s3://${{ env.S3_LOCATION }}
- name: Set cache metadata
run: |
# All files to 1 year
aws s3 cp s3://${{ env.S3_LOCATION }} s3://${{ env.S3_LOCATION }} --recursive --cache-control max-age=30758400,public
# HTML files and .well-known/ to 10 minutes
aws s3 cp s3://${{ env.S3_LOCATION }} s3://${{ env.S3_LOCATION }} --exclude "*" --include "*.html" --include ".well-known/*" --recursive --cache-control max-age=600,public --content-type "text/html; charset=UTF-8"
# Trigger CloudFront cache invalidation for fixed resources
# (all other files have unique names)
- name: Invalidate CloudFront cache
env:
STACK_NAME: ${{ vars.STACK_NAME }}
run: npx tsx .github/workflows/invalidate-cloudfront.ts