fix: adjust oidc url and capture build timestamp in page #3

	name: Deploy Site

	on:
	push:
	branches:
	- main
	paths-ignore:
	- "infra/**"
	workflow_dispatch:

	permissions:
	contents: read
	id-token: write

	env:
	TF_IN_AUTOMATION: "true"
	TF_VAR_aws_region: ${{ secrets.AWS_REGION }}
	TF_VAR_github_repository: ${{ github.repository }}

	jobs:
	deploy:
	runs-on: ubuntu-latest
	steps:
	- name: Checkout
	uses: actions/checkout@v4

	- name: Setup Node
	uses: actions/setup-node@v4
	with:
	node-version: "20"
	cache: "npm"

	- name: Install dependencies
	run: npm ci

	- name: Build
	run: npm run build
	env:
	STORYBLOK_DELIVERY_API_TOKEN: ${{ secrets.STORYBLOK_DELIVERY_API_TOKEN }}

	- name: Setup OpenTofu
	uses: opentofu/setup-opentofu@v1

	- name: Configure AWS credentials
	uses: aws-actions/configure-aws-credentials@v4
	with:
	role-to-assume: ${{ secrets.AWS_DEPLOY_ROLE_ARN }}
	aws-region: ${{ secrets.AWS_REGION }}

	- name: Init (state access)
	working-directory: infra
	run: tofu init

	- name: Export infrastructure outputs
	working-directory: infra
	run: \|
	echo "SITE_BUCKET_NAME=$(tofu output -raw site_bucket_name)" >> "$GITHUB_ENV"
	echo "CLOUDFRONT_DISTRIBUTION_ID=$(tofu output -raw cloudfront_distribution_id)" >> "$GITHUB_ENV"

	- name: Upload site with short cache
	working-directory: dist
	run: aws s3 sync . "s3://${SITE_BUCKET_NAME}" --delete --cache-control "public,max-age=300"

	- name: Invalidate CloudFront cache
	run: \|
	aws cloudfront create-invalidation \
	--distribution-id "${CLOUDFRONT_DISTRIBUTION_ID}" \
	--paths "/*"

Provide feedback