Skip to content
Continuous Deployment

Continuous Deployment #15

Sign in to view logs

Continuous Deployment

Continuous Deployment #15

Workflow file for this run

.github/workflows/continuous-deployment.yml at f21a644
name: Continuous Deployment
on:
workflow_run:
workflows: ["Continuous Integration"]
types:
- completed
jobs:
staging-deployment:
name: staging-deployment
runs-on: ubuntu-latest
environment: staging
permissions:
id-token: write
steps:
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v5.1.0
with:
aws-region: ${{vars.AWS_REGION}}
role-to-assume: ${{ vars.AWS_ROLE_TO_ASSUME }}
- uses: actions/download-artifact@v5
with:
name: ${{ github.event.workflow_run.head_sha }}
path: ./dist
github-token: ${{ secrets.GITHUB_TOKEN }}
run-id: ${{ github.event.workflow_run.id }}
- name: Deploy to S3
run: aws s3 sync ./dist s3://${{vars.S3_BUCKET_NAME}} --delete
- name: Invalidate CloudFront Cache
run: aws cloudfront create-invalidation --distribution-id ${{vars.AWS_CLOUDFRONT_DISTRIBUTION_ID}} --paths "/*"
point-production-to-staging:
name: point-production-to-staging
needs: [staging-deployment]
runs-on: ubuntu-latest
environment: production
permissions:
id-token: write
steps:
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v5.1.0
with:
aws-region: ${{vars.AWS_REGION}}
role-to-assume: ${{ vars.AWS_ROLE_TO_ASSUME }}
- name: Shift Production to Staging Bucket
run: |
aws cloudfront get-distribution-config --id ${{vars.AWS_PROD_CLOUDFRONT_DISTRIBUTION_ID}} > dist.json
jq '.DistributionConfig.DefaultCacheBehavior.TargetOriginId = "${{vars.AWS_STAGING_BUCKET}}"' dist.json > new-dist.json
aws cloudfront update-distribution \
--id ${{vars.AWS_PROD_CLOUDFRONT_DISTRIBUTION_ID}} \
--distribution-config "$(jq '.DistributionConfig' new-dist.json)" \
--if-match "$(jq '.ETag' -r new-dist.json)"
- name: Invalidate CloudFront Cache
run: aws cloudfront create-invalidation --distribution-id ${{vars.AWS_PROD_CLOUDFRONT_DISTRIBUTION_ID}} --paths "/*"
fast-rollback:
name: fast-rollback
needs: [point-production-to-staging]
runs-on: ubuntu-latest
environment: production
permissions:
id-token: write
steps:
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v5.1.0
with:
aws-region: ${{vars.AWS_REGION}}
role-to-assume: ${{ vars.AWS_ROLE_TO_ASSUME }}
- name: Shift Staging back to Production Bucket
run: |
aws cloudfront get-distribution-config --id ${{vars.AWS_PROD_CLOUDFRONT_DISTRIBUTION_ID}} > dist.json
jq '.DistributionConfig.DefaultCacheBehavior.TargetOriginId = "${{vars.AWS_PROD_BUCKET}}"' dist.json > new-dist.json
aws cloudfront update-distribution \
--id ${{vars.AWS_PROD_CLOUDFRONT_DISTRIBUTION_ID}} \
--distribution-config "$(jq '.DistributionConfig' new-dist.json)" \
--if-match "$(jq '.ETag' -r new-dist.json)"
- name: Invalidate CloudFront Cache
run: aws cloudfront create-invalidation --distribution-id ${{vars.AWS_PROD_CLOUDFRONT_DISTRIBUTION_ID}} --paths "/*"
production-deployment:
name: production-deployment
needs: [fast-rollback, point-production-to-staging]
runs-on: ubuntu-latest
environment: production
permissions:
id-token: write
steps:
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v5.1.0
with:
aws-region: ${{vars.AWS_REGION}}
role-to-assume: ${{ vars.AWS_ROLE_TO_ASSUME }}
- name: Deploy to Production S3
run: |
aws s3 sync s3://${{vars.AWS_STAGING_BUCKET_NAME}} s3://${{vars.AWS_PROD_BUCKET_NAME}} --delete
- name: Invalidate CloudFront Cache
run: aws cloudfront create-invalidation --distribution-id ${{vars.AWS_PROD_CLOUDFRONT_DISTRIBUTION_ID}} --paths "/*"