Merge pull request #88 from Team-Waggle/dev #27
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: waggle deployment (PR to deploy) | |
| on: | |
| push: | |
| branches: | |
| - main | |
| concurrency: | |
| group: waggle-deploy-main | |
| cancel-in-progress: true | |
| jobs: | |
| build: | |
| runs-on: ubuntu-latest | |
| permissions: | |
| id-token: write | |
| contents: read | |
| env: | |
| AWS_REGION: ${{ secrets.AWS_REGION }} | |
| AWS_ROLE_ARN: arn:aws:iam::${{ secrets.AWS_ACCOUNT_ID }}:role/${{ secrets.AWS_OIDC_ROLE_NAME }} | |
| S3_BUCKET: ${{ secrets.AWS_BUCKET_NAME }} | |
| CF_DISTRIBUTION_ID: ${{ secrets.AWS_DISTRIBUTION_ID }} | |
| steps: | |
| - name: Checkout source | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| - name: Node.js | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: 22 | |
| cache: 'npm' | |
| - name: Install dependencies | |
| run: npm ci | |
| - name: Build React App | |
| run: npm run build | |
| env: | |
| VITE_BASE_URL: ${{ secrets.VITE_BASE_URL }} | |
| - name: Configure AWS credentials via OIDC | |
| uses: aws-actions/configure-aws-credentials@v4 | |
| with: | |
| role-to-assume: ${{ env.AWS_ROLE_ARN }} | |
| role-session-name: github-actions-${{ github.run_id }} | |
| aws-region: ${{ env.AWS_REGION }} | |
| - name: Deploy to S3 (sync & upload) | |
| shell: bash | |
| run: | | |
| set -euo pipefail | |
| test -f dist/index.html | |
| [[ -n "${S3_BUCKET}" ]] | |
| [[ "${S3_BUCKET}" != s3://* ]] | |
| aws s3 sync "dist" "s3://${S3_BUCKET}" \ | |
| --delete \ | |
| --exclude "index.html" \ | |
| --cache-control "public, max-age=31536000, immutable" | |
| aws s3 cp "dist/index.html" "s3://${S3_BUCKET}/index.html" \ | |
| --cache-control "no-cache, no-store, must-revalidate" \ | |
| --content-type "text/html" | |
| - name: Invalidate CloudFront cache (index only) | |
| shell: bash | |
| run: | | |
| set -euo pipefail | |
| [[ -n "${CF_DISTRIBUTION_ID}" ]] | |
| aws cloudfront create-invalidation \ | |
| --distribution-id "${CF_DISTRIBUTION_ID}" \ | |
| --paths "/index.html" |