Deploy Goes to PROD #8
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Deploy GOES | |
| on: | |
| workflow_dispatch: | |
| push: | |
| branches: [ main, production, deploy-goes-to-prod ] | |
| paths: | |
| - goes-plume-viewer/** | |
| jobs: | |
| define-environment: | |
| name: Set environment | |
| runs-on: ubuntu-latest | |
| outputs: | |
| env_name: ${{ steps.define_environment.outputs.env_name }} | |
| steps: | |
| - name: Set the environment based on the branch | |
| id: define_environment | |
| run: | | |
| if [ "${{ github.ref }}" = "refs/heads/main" ]; then | |
| echo "env_name=staging" >> $GITHUB_OUTPUT | |
| elif [ "${{ github.ref }}" = "refs/heads/deploy-goes-to-prod" ]; then | |
| echo "env_name=production" >> $GITHUB_OUTPUT | |
| elif [ "${{ github.ref }}" = "refs/heads/production" ]; then | |
| echo "env_name=production" >> $GITHUB_OUTPUT | |
| fi | |
| - name: Print the environment | |
| run: echo "The environment is ${{ steps.define_environment.outputs.env_name }}" | |
| build: | |
| runs-on: ubuntu-latest | |
| needs: define-environment | |
| environment: ${{ needs.define-environment.outputs.env_name }} | |
| steps: | |
| - name: Checkout 🛎️ | |
| uses: actions/checkout@v4 | |
| with: | |
| sparse-checkout: 'goes-plume-viewer/' | |
| sparse-checkout-cone-mode: true | |
| - name: Read Node.js version from .nvmrc | |
| id: nvm | |
| run: echo "::set-output name=NODE_VERSION::$(cat goes-plume-viewer/.nvmrc)" | |
| - uses: actions/setup-node@v3 | |
| with: | |
| node-version: ${{ steps.nvm.outputs.NODE_VERSION }} | |
| - name: Install Yarn | |
| run: npm install -g yarn | |
| - name: Validate required variables and secrets | |
| run: | | |
| missing_vars=() | |
| # Check for required variables | |
| [ -z "${{ secrets.REACT_APP_MAPBOX_ACCESS_TOKEN }}" ] && missing_vars+=("secrets.REACT_APP_MAPBOX_ACCESS_TOKEN") | |
| [ -z "${{ secrets.REACT_APP_MAPBOX_STYLE_URL }}" ] && missing_vars+=("secrets.REACT_APP_MAPBOX_STYLE_URL") | |
| [ -z "${{ vars.REACT_APP_BASE_PATH_GOES }}" ] && missing_vars+=("vars.REACT_APP_BASE_PATH_GOES") | |
| [ -z "${{ secrets.DEPLOYMENT_ROLE_ARN }}" ] && missing_vars+=("secrets.DEPLOYMENT_ROLE_ARN") | |
| [ -z "${{ secrets.CF_DISTRIBUTION_ID }}" ] && missing_vars+=("secrets.CF_DISTRIBUTION_ID") | |
| # If any variables are missing, print them and exit with an error | |
| if [ ${#missing_vars[@]} -ne 0 ]; then | |
| echo "Error: The following required variables are missing:" | |
| printf '%s\n' "${missing_vars[@]}" | |
| exit 1 | |
| fi | |
| shell: bash | |
| - name: Building 🔧 | |
| working-directory: ./goes-plume-viewer | |
| run: | | |
| echo >> .env # add a new line to append the below variables | |
| echo REACT_APP_MAPBOX_TOKEN="${{ secrets.REACT_APP_MAPBOX_ACCESS_TOKEN }}" >> .env | |
| echo REACT_APP_MAPBOX_STYLE_URL="${{ secrets.REACT_APP_MAPBOX_STYLE_URL }}" >> .env | |
| echo REACT_APP_BASE_PATH="${{ vars.REACT_APP_BASE_PATH_GOES }}" >> .env | |
| yarn | |
| CI=false yarn build | |
| - name: Upload build folder | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: build_folder | |
| path: ./goes-plume-viewer/build | |
| deploy-staging: | |
| needs: | |
| - build | |
| - define-environment | |
| if: github.ref == 'refs/heads/main' | |
| environment: ${{ needs.define-environment.outputs.env_name }} | |
| permissions: | |
| id-token: write | |
| contents: read | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout 🛎️ | |
| uses: actions/checkout@v4 | |
| - name: Download build folder | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: build_folder | |
| path: ./goes-plume-viewer/build | |
| - name: ConfigureAWS Credentials | |
| uses: aws-actions/configure-aws-credentials@v4 | |
| with: | |
| role-to-assume: ${{ secrets.DEPLOYMENT_ROLE_ARN }} | |
| role-session-name: ${{ github.repository_owner}} | |
| aws-region: us-west-2 | |
| - name: Upload to S3 | |
| run: | | |
| export BASE_PATH=${{ vars.REACT_APP_BASE_PATH_GOES }} | |
| echo "BASE_PATH=${BASE_PATH}" >> $GITHUB_ENV | |
| aws s3 sync "./goes-plume-viewer/build" s3://ghgc-custom-interfaces-staging${BASE_PATH}/ --cache-control max-age=30,must-revalidate,s-maxage=604800 --delete | |
| env: | |
| BASE_PATH: ${{ vars.REACT_APP_BASE_PATH_GOES }} | |
| - name: Request Invalidation to AWS Cloudfront | |
| uses: oneyedev/aws-cloudfront-invalidation@v1 | |
| with: | |
| distribution-id: ${{ secrets.CF_DISTRIBUTION_ID }} | |
| paths: | | |
| /ghgcenter/custom-interfaces/* | |
| deploy-production: | |
| needs: | |
| - build | |
| - define-environment | |
| if: github.ref == 'refs/heads/production' | |
| environment: ${{ needs.define-environment.outputs.env_name }} | |
| permissions: | |
| id-token: write | |
| contents: read | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout 🛎️ | |
| uses: actions/checkout@v4 | |
| - name: Download build folder | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: build_folder | |
| path: ./goes-plume-viewer/build | |
| - name: ConfigureAWS Credentials | |
| uses: aws-actions/configure-aws-credentials@v4 | |
| with: | |
| role-to-assume: ${{ secrets.DEPLOYMENT_ROLE_ARN }} | |
| role-session-name: ${{ github.repository_owner}} | |
| aws-region: us-west-2 | |
| - name: Upload to S3 | |
| run: | | |
| export BASE_PATH=${{ vars.REACT_APP_BASE_PATH_GOES }} | |
| echo "BASE_PATH=${BASE_PATH}" >> $GITHUB_ENV | |
| aws s3 sync "./goes-plume-viewer/build" s3://ghgc-custom-interfaces-production${BASE_PATH}/ --cache-control max-age=30,must-revalidate,s-maxage=604800 --delete | |
| env: | |
| BASE_PATH: ${{ vars.REACT_APP_BASE_PATH_GOES }} | |
| - name: Request Invalidation to AWS Cloudfront | |
| uses: oneyedev/aws-cloudfront-invalidation@v1 | |
| with: | |
| distribution-id: ${{ secrets.CF_DISTRIBUTION_ID }} | |
| paths: | | |
| /ghgcenter/custom-interfaces/* |