Fix/emit nist goes (#176) #86
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Deploy Nist | |
on: | |
workflow_dispatch: | |
push: | |
branches: [ main, production ] | |
paths: | |
- nist-interface/** | |
jobs: | |
define-environment: | |
name: Set environment | |
runs-on: ubuntu-latest | |
outputs: | |
env_name: ${{ steps.define_environment.outputs.env_name }} | |
steps: | |
- name: Set the environment based on the branch | |
id: define_environment | |
run: | | |
if [ "${{ github.ref }}" = "refs/heads/main" ]; then | |
echo "env_name=staging" >> $GITHUB_OUTPUT | |
elif [ "${{ github.ref }}" = "refs/heads/production" ]; then | |
echo "env_name=production" >> $GITHUB_OUTPUT | |
fi | |
- name: Print the environment | |
run: echo "The environment is ${{ steps.define_environment.outputs.env_name }}" | |
build: | |
runs-on: ubuntu-latest | |
needs: define-environment | |
environment: ${{ needs.define-environment.outputs.env_name }} | |
steps: | |
- name: Checkout 🛎️ | |
uses: actions/checkout@v4 | |
with: | |
sparse-checkout: 'nist-interface/' | |
sparse-checkout-cone-mode: true | |
- name: Read Node.js version from .nvmrc | |
id: nvm | |
run: echo "::set-output name=NODE_VERSION::$(cat nist-interface/.nvmrc)" | |
- uses: actions/setup-node@v3 | |
with: | |
node-version: ${{ steps.nvm.outputs.NODE_VERSION }} | |
- name: Install Yarn | |
run: npm install -g yarn | |
- name: Validate required variables and secrets | |
run: | | |
missing_vars=() | |
# Check for required variables | |
[ -z "${{ secrets.REACT_APP_MAPBOX_ACCESS_TOKEN }}" ] && missing_vars+=("secrets.REACT_APP_MAPBOX_ACCESS_TOKEN") | |
[ -z "${{ secrets.REACT_APP_MAPBOX_STYLE_URL }}" ] && missing_vars+=("secrets.REACT_APP_MAPBOX_STYLE_URL") | |
[ -z "${{ vars.REACT_APP_BASE_PATH_NIST }}" ] && missing_vars+=("vars.REACT_APP_BASE_PATH_NIST") | |
[ -z "${{ secrets.DEPLOYMENT_ROLE_ARN }}" ] && missing_vars+=("secrets.DEPLOYMENT_ROLE_ARN") | |
[ -z "${{ secrets.CF_DISTRIBUTION_ID }}" ] && missing_vars+=("secrets.CF_DISTRIBUTION_ID") | |
# If any variables are missing, print them and exit with an error | |
if [ ${#missing_vars[@]} -ne 0 ]; then | |
echo "Error: The following required variables are missing:" | |
printf '%s\n' "${missing_vars[@]}" | |
exit 1 | |
fi | |
shell: bash | |
- name: Building 🔧 | |
working-directory: ./nist-interface | |
env: | |
PUBLIC_URL: ${{ vars.REACT_APP_BASE_PATH_NIST }} | |
REACT_APP_MAPBOX_TOKEN: ${{ secrets.REACT_APP_MAPBOX_ACCESS_TOKEN }} | |
REACT_APP_MAPBOX_STYLE_URL: ${{ secrets.REACT_APP_MAPBOX_STYLE_URL }} | |
REACT_APP_FEATURES_API_URL: ${{ vars.FEATURES_API_URL }} | |
run: | | |
yarn | |
yarn build | |
- name: Upload build folder | |
uses: actions/upload-artifact@v4 | |
with: | |
name: build_folder | |
path: ./nist-interface/build | |
deploy: | |
name: Deploy to ${{ needs.define-environment.outputs.env_name }} 🚀 | |
needs: | |
- build | |
- define-environment | |
environment: ${{ needs.define-environment.outputs.env_name }} | |
permissions: | |
id-token: write | |
contents: read | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout 🛎️ | |
uses: actions/checkout@v4 | |
- name: Download build folder | |
uses: actions/download-artifact@v4 | |
with: | |
name: build_folder | |
path: ./nist-interface/build | |
- name: ConfigureAWS Credentials | |
uses: aws-actions/configure-aws-credentials@v4 | |
with: | |
role-to-assume: ${{ secrets.DEPLOYMENT_ROLE_ARN }} | |
role-session-name: ${{ github.repository_owner}} | |
aws-region: us-west-2 | |
- name: Upload to S3 | |
run: | | |
export BASE_PATH=${{ vars.REACT_APP_BASE_PATH_NIST }} | |
echo "BASE_PATH=${BASE_PATH}" >> $GITHUB_ENV | |
aws s3 sync "./nist-interface/build" s3://ghgc-custom-interfaces-production${BASE_PATH}/ --cache-control max-age=30,must-revalidate,s-maxage=604800 --delete | |
env: | |
BASE_PATH: ${{ vars.REACT_APP_BASE_PATH_NIST }} | |
- name: Request Invalidation to AWS Cloudfront | |
uses: oneyedev/aws-cloudfront-invalidation@v1 | |
with: | |
distribution-id: ${{ secrets.CF_DISTRIBUTION_ID }} | |
paths: | | |
/ghgcenter/custom-interfaces/* |