Skip to content

Deploy to AWS

Deploy to AWS #25

Workflow file for this run

name: Deploy to AWS
on:
workflow_run:
workflows:
- CI Build
types:
- completed
branches:
- main
workflow_dispatch:
concurrency:
group: production-deployment
cancel-in-progress: true
permissions:
contents: read
jobs:
build:
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
with:
fetch-depth: 1
- name: Setup Node
uses: actions/setup-node@395ad3262231945c25e8478fd5baf05154b1d79f # v6.1.0
with:
node-version: 20.x
cache: npm
- name: Install dependencies
run: npm ci
- name: Build application
run: npm run build:prod
- name: Upload build artifacts
uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0
with:
name: devtoolbox-artifacts
path: dist/dev-tool-box/browser/
retention-days: 1
deploy:
needs: build
runs-on: ubuntu-latest
permissions:
contents: read
id-token: write
environment:
name: production
url: https://devtoolbox.raymondsplinter.com
env:
DEPLOY_URL: https://devtoolbox.raymondsplinter.com
AWS_REGION: eu-central-1
AWS_ROLE_ARN: ${{ secrets.AWS_ROLE_ARN }}
AWS_S3_BUCKET: ${{ secrets.S3_BUCKET }}
AWS_CLOUDFRONT_DISTRIBUTION_ID: ${{ secrets.CLOUDFRONT_DISTRIBUTION_ID }}
steps:
- name: Download build artifacts
uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131 # v7.0.0
with:
name: devtoolbox-artifacts
path: dist/dev-tool-box/browser/
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@61815dcd50bd041e203e49132bacad1fd04d2708 # v5.1.1
with:
aws-region: ${{ env.AWS_REGION }}
role-to-assume: ${{ env.AWS_ROLE_ARN }}
- name: Deploy application to S3
run: aws s3 sync dist/dev-tool-box/browser/ s3://${{ env.AWS_S3_BUCKET }}
- name: Invalidate CloudFront cache
id: invalidate
run: |
INVALIDATION_ID=$(aws cloudfront create-invalidation --distribution-id ${{ env.AWS_CLOUDFRONT_DISTRIBUTION_ID }} --paths "/*" --query 'Invalidation.Id' --output text)
echo "invalidation-id=$INVALIDATION_ID" >> $GITHUB_OUTPUT
- name: Wait for CloudFront invalidation
run: |
aws cloudfront wait invalidation-completed --distribution-id ${{ env.AWS_CLOUDFRONT_DISTRIBUTION_ID }} --id ${{ steps.invalidate.outputs.invalidation-id }}
echo "✅ CloudFront cache invalidation completed"
- name: Smoke test - Validate deployment
run: |
RESPONSE=$(curl -s -o /dev/null -w "%{http_code}" "$DEPLOY_URL")
echo "HTTP Response Code: $RESPONSE"
if [ "$RESPONSE" = "200" ]; then
echo "✅ Smoke test passed: Website is accessible at $DEPLOY_URL" >> $GITHUB_STEP_SUMMARY
else
echo "❌ Smoke test failed: HTTP $RESPONSE" >> $GITHUB_STEP_SUMMARY
exit 1
fi
- name: Deployment notification
if: success()
run: echo "✅ Deployment to production completed successfully" >> $GITHUB_STEP_SUMMARY
- name: Deployment failure notification
if: failure()
run: |
echo "❌ Deployment failed" >> $GITHUB_STEP_SUMMARY
exit 1