Skip to content

Fix/emit nist goes (#176) #86

Fix/emit nist goes (#176)

Fix/emit nist goes (#176) #86

Workflow file for this run

name: Deploy Nist
on:
workflow_dispatch:
push:
branches: [ main, production ]
paths:
- nist-interface/**
jobs:
define-environment:
name: Set environment
runs-on: ubuntu-latest
outputs:
env_name: ${{ steps.define_environment.outputs.env_name }}
steps:
- name: Set the environment based on the branch
id: define_environment
run: |
if [ "${{ github.ref }}" = "refs/heads/main" ]; then
echo "env_name=staging" >> $GITHUB_OUTPUT
elif [ "${{ github.ref }}" = "refs/heads/production" ]; then
echo "env_name=production" >> $GITHUB_OUTPUT
fi
- name: Print the environment
run: echo "The environment is ${{ steps.define_environment.outputs.env_name }}"
build:
runs-on: ubuntu-latest
needs: define-environment
environment: ${{ needs.define-environment.outputs.env_name }}
steps:
- name: Checkout 🛎️
uses: actions/checkout@v4
with:
sparse-checkout: 'nist-interface/'
sparse-checkout-cone-mode: true
- name: Read Node.js version from .nvmrc
id: nvm
run: echo "::set-output name=NODE_VERSION::$(cat nist-interface/.nvmrc)"
- uses: actions/setup-node@v3
with:
node-version: ${{ steps.nvm.outputs.NODE_VERSION }}
- name: Install Yarn
run: npm install -g yarn
- name: Validate required variables and secrets
run: |
missing_vars=()
# Check for required variables
[ -z "${{ secrets.REACT_APP_MAPBOX_ACCESS_TOKEN }}" ] && missing_vars+=("secrets.REACT_APP_MAPBOX_ACCESS_TOKEN")
[ -z "${{ secrets.REACT_APP_MAPBOX_STYLE_URL }}" ] && missing_vars+=("secrets.REACT_APP_MAPBOX_STYLE_URL")
[ -z "${{ vars.REACT_APP_BASE_PATH_NIST }}" ] && missing_vars+=("vars.REACT_APP_BASE_PATH_NIST")
[ -z "${{ secrets.DEPLOYMENT_ROLE_ARN }}" ] && missing_vars+=("secrets.DEPLOYMENT_ROLE_ARN")
[ -z "${{ secrets.CF_DISTRIBUTION_ID }}" ] && missing_vars+=("secrets.CF_DISTRIBUTION_ID")
# If any variables are missing, print them and exit with an error
if [ ${#missing_vars[@]} -ne 0 ]; then
echo "Error: The following required variables are missing:"
printf '%s\n' "${missing_vars[@]}"
exit 1
fi
shell: bash
- name: Building 🔧
working-directory: ./nist-interface
env:
PUBLIC_URL: ${{ vars.REACT_APP_BASE_PATH_NIST }}
REACT_APP_MAPBOX_TOKEN: ${{ secrets.REACT_APP_MAPBOX_ACCESS_TOKEN }}
REACT_APP_MAPBOX_STYLE_URL: ${{ secrets.REACT_APP_MAPBOX_STYLE_URL }}
REACT_APP_FEATURES_API_URL: ${{ vars.FEATURES_API_URL }}
run: |
yarn
yarn build
- name: Upload build folder
uses: actions/upload-artifact@v4
with:
name: build_folder
path: ./nist-interface/build
deploy:
name: Deploy to ${{ needs.define-environment.outputs.env_name }} 🚀
needs:
- build
- define-environment
environment: ${{ needs.define-environment.outputs.env_name }}
permissions:
id-token: write
contents: read
runs-on: ubuntu-latest
steps:
- name: Checkout 🛎️
uses: actions/checkout@v4
- name: Download build folder
uses: actions/download-artifact@v4
with:
name: build_folder
path: ./nist-interface/build
- name: ConfigureAWS Credentials
uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: ${{ secrets.DEPLOYMENT_ROLE_ARN }}
role-session-name: ${{ github.repository_owner}}
aws-region: us-west-2
- name: Upload to S3
run: |
export BASE_PATH=${{ vars.REACT_APP_BASE_PATH_NIST }}
echo "BASE_PATH=${BASE_PATH}" >> $GITHUB_ENV
aws s3 sync "./nist-interface/build" s3://ghgc-custom-interfaces-production${BASE_PATH}/ --cache-control max-age=30,must-revalidate,s-maxage=604800 --delete
env:
BASE_PATH: ${{ vars.REACT_APP_BASE_PATH_NIST }}
- name: Request Invalidation to AWS Cloudfront
uses: oneyedev/aws-cloudfront-invalidation@v1
with:
distribution-id: ${{ secrets.CF_DISTRIBUTION_ID }}
paths: |
/ghgcenter/custom-interfaces/*