From a34ae555fc9d455285b5c8c746dfd8478d242779 Mon Sep 17 00:00:00 2001 From: Mayo Jordanov Date: Wed, 2 Oct 2024 17:39:10 -0700 Subject: [PATCH] Rewrite build process - Flatten out build steps - Add cache purging --- .github/workflows/build.yml | 62 ++++++++++++++++++++++++++++++++---- .github/workflows/deploy.yml | 57 --------------------------------- 2 files changed, 56 insertions(+), 63 deletions(-) delete mode 100644 .github/workflows/deploy.yml diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 374adcc..b72e59d 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -32,10 +32,60 @@ jobs: name: website-${{ github.ref_name }} path: public/ - call-deploy-workflow: - uses: ./.github/workflows/deploy.yml + deploy: + runs-on: ubuntu-latest needs: build - with: - artifact-name: website-${{ github.ref_name }} - secrets: - AWS_IAM_ROLE_GITHUB: ${{ secrets.AWS_IAM_ROLE_GITHUB }} + environment: ${{ github.ref_name }} + permissions: + id-token: write + steps: + - name: Download website artifact + uses: actions/download-artifact@v4 + with: + name: website-${{ github.ref_name }} + path: public + + - name: Download tools + run: curl -LO https://github.com/mayo/oyam.ca-tools/releases/download/v0.0.1/sync_s3-x86_64-linux.zip + + - name: Extract tools + run: unzip sync_s3-x86_64-linux.zip + + - name: Setup Credentials + uses: aws-actions/configure-aws-credentials@v4 + with: + role-to-assume: ${{ secrets.AWS_IAM_ROLE_GITHUB }} + role-session-name: GitHub-Action-Role + aws-region: ${{ vars.AWS_REGION }} + + - name: Upload website to S3 + #run: aws s3 sync --acl public-read --delete public/ s3://${{ env.S3_BUCKET }}/ + run: ./sync_s3 --bucket ${{ vars.S3_BUCKET }} -v -a public-read -d public/ | tee upload.log + + - name: Save sync artifact + uses: actions/upload-artifact@v4 + with: + name: sync-${{ github.ref_name }} + path: upload.log + + purge-cache: + runs-on: ubuntu-latest + needs: deploy + environment: ${{ github.ref_name }} + steps: + - name: Download sync artifact + uses: actions/download-artifact@v4 + with: + name: sync-${{ github.ref_name }} + + - name: Download tools + run: curl -LO https://github.com/mayo/oyam.ca-tools/releases/download/v0.0.1/cf_cache-x86_64-linux.zip + + - name: Extract tools + run: unzip cf_cache-x86_64-linux.zip + + - name: Purge cache + env: + CF_AUTH_TOKEN: ${{ secrets.CF_AUTH_TOKEN }} + CF_ZONE_ID: ${{ secrets.CF_ZONE_ID }} + run: cut -d ' ' -f 2 upload.log | sed -E "s%^%https://${{ vars.DOMAIN }}/%g" | ./cf_cache purge diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml deleted file mode 100644 index cdf2b14..0000000 --- a/.github/workflows/deploy.yml +++ /dev/null @@ -1,57 +0,0 @@ -name: Deploy site - -on: - workflow_call: - inputs: - artifact-name: - required: true - type: string - secrets: - AWS_IAM_ROLE_GITHUB: - required: true - -permissions: - id-token: write - -env: - AWS_REGION: us-east-1 - S3_BUCKET: oyam.ca - -concurrency: - group: site-deploy-${{ github.ref_name }} - cancel-in-progress: true - -jobs: - deploy: - runs-on: ubuntu-latest - steps: - - name: Download website artifact - uses: actions/download-artifact@v4 - with: - name: ${{ inputs.artifact-name }} - path: public - - - name: Download tools - run: curl -LO https://github.com/mayo/oyam.ca-tools/releases/download/v0.0.1/deploy_aws_s3-x86_64-linux.zip - - - name: Extract tools - run: unzip deploy_aws_s3-x86_64-linux.zip - - - name: Setup Credentials - uses: aws-actions/configure-aws-credentials@v4 - with: - role-to-assume: ${{ secrets.AWS_IAM_ROLE_GITHUB }} - role-session-name: GitHub-Action-Role - aws-region: ${{ env.AWS_REGION }} - - - name: debug - run: ls -la - - name: Upload website to S3 - #run: aws s3 sync --acl public-read --delete public/ s3://${{ env.S3_BUCKET }}/ - run: ./sync_s3 --bucket ${{ env.S3_BUCKET }} public/ -v -a public-read -d - - # invalidate-cache: - # runs-on: ubuntu-latest - # steps: - # - name: Foo - # uses: foo