From c45892062d0e9a2f83064ee7ba3f4eaedf0fea0d Mon Sep 17 00:00:00 2001 From: "greg.moynihan" Date: Wed, 22 May 2024 15:03:29 -0700 Subject: [PATCH 1/7] Add a gh action for aws deployment --- .github/workflows/aws-deployment.yml | 95 ++++++++++++++++++++++++++++ 1 file changed, 95 insertions(+) create mode 100644 .github/workflows/aws-deployment.yml diff --git a/.github/workflows/aws-deployment.yml b/.github/workflows/aws-deployment.yml new file mode 100644 index 000000000..d2e044965 --- /dev/null +++ b/.github/workflows/aws-deployment.yml @@ -0,0 +1,95 @@ +--- + name: AWS Deployment + + on: + workflow_dispatch: + inputs: + environment: + description: "Environment to deploy to" + default: "staging" + options: + - staging + - production + required: true + type: choice + + env: + AWS_ACCOUNT_ID: ${{ vars.AWS_PUBLIC_DATA_RELEASES_ACCOUNT_ID }} + AWS_REGION: ${{ vars.AWS_DEFAULT_REGION }} + STAGING_CLOUDFRONT_DISTRIBUTION_ID: ${{ secrets.STAGING_CLOUDFRONT_DISTRIBUTION_ID }} + STAGING_S3_BUCKET: s3://staging.timelapse.allencell.org + PRODUCTION_CLOUDFRONT_DISTRIBUTION_ID: ${{ secrets.PRODUCTION_CLOUDFRONT_DISTRIBUTION_ID }} + PRODUCTION_S3_BUCKET: s3://timelapse.allencell.org + + permissions: + id-token: write # Required for requesting the JWT and OIDC + contents: write # Required for actions/checkout and OIDC tokens + + jobs: + build: + runs-on: ubuntu-latest + + steps: + - name: Checkout + uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 + + - uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 + with: + node-version: "18" + + - name: Install and Build + run: npm ci && npx vite build + + - name: Upload build files + uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 + with: + name: aws-deploy-files + path: ./dist + + deploy: + needs: build + runs-on: ubuntu-latest + + # Dynamically set the environment variable based on the input above: + environment: ${{ github.event.inputs.environment }} + + steps: + + # Compute a short sha for use in the OIDC session name, which has a 64 character limit + - name: Add SHORT_SHA env property with commit short sha + run: echo "SHORT_SHA=`echo ${{ github.sha }} | cut -c1-8`" >> $GITHUB_ENV + + - name: Configure AWS credentials with OIDC + uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502 + with: + role-to-assume: arn:aws:iam::${{ env.AWS_ACCOUNT_ID }}:role/github_biofile_finder + role-session-name: github_biofile_finder-${{ env.SHORT_SHA }} + aws-region: ${{ env.AWS_REGION }} + + # Setup variables based on the staging or production environment + - name: Set ECS variables based on environment + run: | + if [ "${{ github.event.inputs.environment }}" == "production" ]; then + echo "S3_BUCKET=${{ env.PRODUCTION_S3_BUCKET }}" >> $GITHUB_ENV + echo "CLOUDFRONT_DISTRIBUTION_ID=${{ env.PRODUCTION_CLOUDFRONT_DISTRIBUTION_ID }}" >> $GITHUB_ENV + elif [ "${{ github.event.inputs.environment }}" == "staging" ]; then + echo "S3_BUCKET=${{ env.STAGING_S3_BUCKET }}" >> $GITHUB_ENV + echo "CLOUDFRONT_DISTRIBUTION_ID=${{ env.STAGING_CLOUDFRONT_DISTRIBUTION_ID }}" >> $GITHUB_ENV + else + echo "Invalid environment specified" + exit 1 + fi + + - name: Download build artifacts + uses: actions/download-artifact@c850b930e6ba138125429b7e5c93fc707a7f8427 + with: + name: aws-deploy-files + path: ./dist + + # Note that the command below will copy the files to the root of the S3 bucket e.g., s3://timelapse.allencell.org/ + # If you want to copy files to a S3 prefix / subdirectory, you would want something like ${{ env.S3_BUCKET }}/your_prefix below + - name: Copy build files to S3 root + run: aws s3 sync ./dist ${{ env.S3_BUCKET }} + + - name: Invalidate CloudFront cache + run: aws cloudfront create-invalidation --distribution-id ${{ env.CLOUDFRONT_DISTRIBUTION_ID }} --paths "/*" \ No newline at end of file From 7678dbaddf85bcc1e7b4eb0da2d5fe3855cbb6da Mon Sep 17 00:00:00 2001 From: gmoynihan88 <47155250+gmoynihan88@users.noreply.github.com> Date: Wed, 22 May 2024 15:34:27 -0700 Subject: [PATCH 2/7] Update .github/workflows/aws-deployment.yml Co-authored-by: Andy Leonard --- .github/workflows/aws-deployment.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/aws-deployment.yml b/.github/workflows/aws-deployment.yml index d2e044965..f92875a9b 100644 --- a/.github/workflows/aws-deployment.yml +++ b/.github/workflows/aws-deployment.yml @@ -19,7 +19,7 @@ STAGING_CLOUDFRONT_DISTRIBUTION_ID: ${{ secrets.STAGING_CLOUDFRONT_DISTRIBUTION_ID }} STAGING_S3_BUCKET: s3://staging.timelapse.allencell.org PRODUCTION_CLOUDFRONT_DISTRIBUTION_ID: ${{ secrets.PRODUCTION_CLOUDFRONT_DISTRIBUTION_ID }} - PRODUCTION_S3_BUCKET: s3://timelapse.allencell.org + PRODUCTION_S3_BUCKET: s3://biofile-finder.allencell.org permissions: id-token: write # Required for requesting the JWT and OIDC From 5067168b6ba5a8dcb449a146e5a51acb761979a9 Mon Sep 17 00:00:00 2001 From: "greg.moynihan" Date: Wed, 22 May 2024 15:39:36 -0700 Subject: [PATCH 3/7] Fix spacing --- .github/workflows/aws-deployment.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/aws-deployment.yml b/.github/workflows/aws-deployment.yml index f92875a9b..57c391f42 100644 --- a/.github/workflows/aws-deployment.yml +++ b/.github/workflows/aws-deployment.yml @@ -92,4 +92,4 @@ run: aws s3 sync ./dist ${{ env.S3_BUCKET }} - name: Invalidate CloudFront cache - run: aws cloudfront create-invalidation --distribution-id ${{ env.CLOUDFRONT_DISTRIBUTION_ID }} --paths "/*" \ No newline at end of file + run: aws cloudfront create-invalidation --distribution-id ${{ env.CLOUDFRONT_DISTRIBUTION_ID }} --paths "/*" From 85518d22ae359195dab4ab6d3cdd2c2b2ea69f17 Mon Sep 17 00:00:00 2001 From: gmoynihan88 <47155250+gmoynihan88@users.noreply.github.com> Date: Wed, 22 May 2024 15:41:06 -0700 Subject: [PATCH 4/7] Update .github/workflows/aws-deployment.yml Co-authored-by: Andy Leonard --- .github/workflows/aws-deployment.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/aws-deployment.yml b/.github/workflows/aws-deployment.yml index 57c391f42..08b3c90dc 100644 --- a/.github/workflows/aws-deployment.yml +++ b/.github/workflows/aws-deployment.yml @@ -17,7 +17,7 @@ AWS_ACCOUNT_ID: ${{ vars.AWS_PUBLIC_DATA_RELEASES_ACCOUNT_ID }} AWS_REGION: ${{ vars.AWS_DEFAULT_REGION }} STAGING_CLOUDFRONT_DISTRIBUTION_ID: ${{ secrets.STAGING_CLOUDFRONT_DISTRIBUTION_ID }} - STAGING_S3_BUCKET: s3://staging.timelapse.allencell.org + STAGING_S3_BUCKET: s3://staging.biofile-finder.allencell.org PRODUCTION_CLOUDFRONT_DISTRIBUTION_ID: ${{ secrets.PRODUCTION_CLOUDFRONT_DISTRIBUTION_ID }} PRODUCTION_S3_BUCKET: s3://biofile-finder.allencell.org From a63d67807452dca4db588d55ba429662125c6953 Mon Sep 17 00:00:00 2001 From: "greg.moynihan" Date: Wed, 22 May 2024 15:56:58 -0700 Subject: [PATCH 5/7] Better comment example --- .github/workflows/aws-deployment.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/aws-deployment.yml b/.github/workflows/aws-deployment.yml index 08b3c90dc..93906e8ea 100644 --- a/.github/workflows/aws-deployment.yml +++ b/.github/workflows/aws-deployment.yml @@ -86,7 +86,7 @@ name: aws-deploy-files path: ./dist - # Note that the command below will copy the files to the root of the S3 bucket e.g., s3://timelapse.allencell.org/ + # Note that the command below will copy the files to the root of the S3 bucket e.g., s3://biofile-finder.allencell.org/ # If you want to copy files to a S3 prefix / subdirectory, you would want something like ${{ env.S3_BUCKET }}/your_prefix below - name: Copy build files to S3 root run: aws s3 sync ./dist ${{ env.S3_BUCKET }} From cf2fbc6cbb00d9539e64c9c55b72d5b14f23b0a6 Mon Sep 17 00:00:00 2001 From: "greg.moynihan" Date: Wed, 22 May 2024 16:22:33 -0700 Subject: [PATCH 6/7] Fix indents/ whitespace issues --- .github/workflows/aws-deployment.yml | 188 +++++++++++++-------------- 1 file changed, 94 insertions(+), 94 deletions(-) diff --git a/.github/workflows/aws-deployment.yml b/.github/workflows/aws-deployment.yml index 93906e8ea..96dbb7b63 100644 --- a/.github/workflows/aws-deployment.yml +++ b/.github/workflows/aws-deployment.yml @@ -1,95 +1,95 @@ --- - name: AWS Deployment - - on: - workflow_dispatch: - inputs: - environment: - description: "Environment to deploy to" - default: "staging" - options: - - staging - - production - required: true - type: choice - - env: - AWS_ACCOUNT_ID: ${{ vars.AWS_PUBLIC_DATA_RELEASES_ACCOUNT_ID }} - AWS_REGION: ${{ vars.AWS_DEFAULT_REGION }} - STAGING_CLOUDFRONT_DISTRIBUTION_ID: ${{ secrets.STAGING_CLOUDFRONT_DISTRIBUTION_ID }} - STAGING_S3_BUCKET: s3://staging.biofile-finder.allencell.org - PRODUCTION_CLOUDFRONT_DISTRIBUTION_ID: ${{ secrets.PRODUCTION_CLOUDFRONT_DISTRIBUTION_ID }} - PRODUCTION_S3_BUCKET: s3://biofile-finder.allencell.org - - permissions: - id-token: write # Required for requesting the JWT and OIDC - contents: write # Required for actions/checkout and OIDC tokens - - jobs: - build: - runs-on: ubuntu-latest - - steps: - - name: Checkout - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 - - - uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 - with: - node-version: "18" - - - name: Install and Build - run: npm ci && npx vite build - - - name: Upload build files - uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 - with: - name: aws-deploy-files - path: ./dist - - deploy: - needs: build - runs-on: ubuntu-latest - - # Dynamically set the environment variable based on the input above: - environment: ${{ github.event.inputs.environment }} - - steps: - - # Compute a short sha for use in the OIDC session name, which has a 64 character limit - - name: Add SHORT_SHA env property with commit short sha - run: echo "SHORT_SHA=`echo ${{ github.sha }} | cut -c1-8`" >> $GITHUB_ENV - - - name: Configure AWS credentials with OIDC - uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502 - with: - role-to-assume: arn:aws:iam::${{ env.AWS_ACCOUNT_ID }}:role/github_biofile_finder - role-session-name: github_biofile_finder-${{ env.SHORT_SHA }} - aws-region: ${{ env.AWS_REGION }} - - # Setup variables based on the staging or production environment - - name: Set ECS variables based on environment - run: | - if [ "${{ github.event.inputs.environment }}" == "production" ]; then - echo "S3_BUCKET=${{ env.PRODUCTION_S3_BUCKET }}" >> $GITHUB_ENV - echo "CLOUDFRONT_DISTRIBUTION_ID=${{ env.PRODUCTION_CLOUDFRONT_DISTRIBUTION_ID }}" >> $GITHUB_ENV - elif [ "${{ github.event.inputs.environment }}" == "staging" ]; then - echo "S3_BUCKET=${{ env.STAGING_S3_BUCKET }}" >> $GITHUB_ENV - echo "CLOUDFRONT_DISTRIBUTION_ID=${{ env.STAGING_CLOUDFRONT_DISTRIBUTION_ID }}" >> $GITHUB_ENV - else - echo "Invalid environment specified" - exit 1 - fi - - - name: Download build artifacts - uses: actions/download-artifact@c850b930e6ba138125429b7e5c93fc707a7f8427 - with: - name: aws-deploy-files - path: ./dist - - # Note that the command below will copy the files to the root of the S3 bucket e.g., s3://biofile-finder.allencell.org/ - # If you want to copy files to a S3 prefix / subdirectory, you would want something like ${{ env.S3_BUCKET }}/your_prefix below - - name: Copy build files to S3 root - run: aws s3 sync ./dist ${{ env.S3_BUCKET }} - - - name: Invalidate CloudFront cache - run: aws cloudfront create-invalidation --distribution-id ${{ env.CLOUDFRONT_DISTRIBUTION_ID }} --paths "/*" +name: AWS Deployment + +on: + workflow_dispatch: + inputs: + environment: + description: "Environment to deploy to" + default: "staging" + options: + - staging + - production + required: true + type: choice + +env: + AWS_ACCOUNT_ID: ${{ vars.AWS_PUBLIC_DATA_RELEASES_ACCOUNT_ID }} + AWS_REGION: ${{ vars.AWS_DEFAULT_REGION }} + STAGING_CLOUDFRONT_DISTRIBUTION_ID: ${{ secrets.STAGING_CLOUDFRONT_DISTRIBUTION_ID }} + STAGING_S3_BUCKET: s3://staging.biofile-finder.allencell.org + PRODUCTION_CLOUDFRONT_DISTRIBUTION_ID: ${{ secrets.PRODUCTION_CLOUDFRONT_DISTRIBUTION_ID }} + PRODUCTION_S3_BUCKET: s3://biofile-finder.allencell.org + +permissions: + id-token: write # Required for requesting the JWT and OIDC + contents: write # Required for actions/checkout and OIDC tokens + +jobs: + build: + runs-on: ubuntu-latest + + steps: + - name: Checkout + uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 + + - uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 + with: + node-version: "18" + + - name: Install and Build + run: npm ci && npx vite build + + - name: Upload build files + uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 + with: + name: aws-deploy-files + path: ./dist + + deploy: + needs: build + runs-on: ubuntu-latest + + # Dynamically set the environment variable based on the input above: + environment: ${{ github.event.inputs.environment }} + + steps: + + # Compute a short sha for use in the OIDC session name, which has a 64 character limit + - name: Add SHORT_SHA env property with commit short sha + run: echo "SHORT_SHA=`echo ${{ github.sha }} | cut -c1-8`" >> $GITHUB_ENV + + - name: Configure AWS credentials with OIDC + uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502 + with: + role-to-assume: arn:aws:iam::${{ env.AWS_ACCOUNT_ID }}:role/github_biofile_finder + role-session-name: github_biofile_finder-${{ env.SHORT_SHA }} + aws-region: ${{ env.AWS_REGION }} + + # Setup variables based on the staging or production environment + - name: Set ECS variables based on environment + run: | + if [ "${{ github.event.inputs.environment }}" == "production" ]; then + echo "S3_BUCKET=${{ env.PRODUCTION_S3_BUCKET }}" >> $GITHUB_ENV + echo "CLOUDFRONT_DISTRIBUTION_ID=${{ env.PRODUCTION_CLOUDFRONT_DISTRIBUTION_ID }}" >> $GITHUB_ENV + elif [ "${{ github.event.inputs.environment }}" == "staging" ]; then + echo "S3_BUCKET=${{ env.STAGING_S3_BUCKET }}" >> $GITHUB_ENV + echo "CLOUDFRONT_DISTRIBUTION_ID=${{ env.STAGING_CLOUDFRONT_DISTRIBUTION_ID }}" >> $GITHUB_ENV + else + echo "Invalid environment specified" + exit 1 + fi + + - name: Download build artifacts + uses: actions/download-artifact@c850b930e6ba138125429b7e5c93fc707a7f8427 + with: + name: aws-deploy-files + path: ./dist + + # Note that the command below will copy the files to the root of the S3 bucket e.g., s3://biofile-finder.allencell.org/ + # If you want to copy files to a S3 prefix / subdirectory, you would want something like ${{ env.S3_BUCKET }}/your_prefix below + - name: Copy build files to S3 root + run: aws s3 sync ./dist ${{ env.S3_BUCKET }} + + - name: Invalidate CloudFront cache + run: aws cloudfront create-invalidation --distribution-id ${{ env.CLOUDFRONT_DISTRIBUTION_ID }} --paths "/*" From aad2e14ffd10a7c64ec7d14ac469d6b0e949a209 Mon Sep 17 00:00:00 2001 From: SeanLeRoy Date: Wed, 22 May 2024 17:33:32 -0700 Subject: [PATCH 7/7] Test running build script and using dist in web package --- .github/workflows/aws-deployment.yml | 15 +++++++++------ 1 file changed, 9 insertions(+), 6 deletions(-) diff --git a/.github/workflows/aws-deployment.yml b/.github/workflows/aws-deployment.yml index 96dbb7b63..7cd18df39 100644 --- a/.github/workflows/aws-deployment.yml +++ b/.github/workflows/aws-deployment.yml @@ -35,16 +35,19 @@ jobs: - uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 with: - node-version: "18" + node-version: "16" - - name: Install and Build - run: npm ci && npx vite build + - name: Install Dependencies + run: npm ci + + - name: Build + run: npm run --prefix packages/web build - name: Upload build files uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 with: name: aws-deploy-files - path: ./dist + path: ./packages/web/dist deploy: needs: build @@ -84,12 +87,12 @@ jobs: uses: actions/download-artifact@c850b930e6ba138125429b7e5c93fc707a7f8427 with: name: aws-deploy-files - path: ./dist + path: ./packages/web/dist # Note that the command below will copy the files to the root of the S3 bucket e.g., s3://biofile-finder.allencell.org/ # If you want to copy files to a S3 prefix / subdirectory, you would want something like ${{ env.S3_BUCKET }}/your_prefix below - name: Copy build files to S3 root - run: aws s3 sync ./dist ${{ env.S3_BUCKET }} + run: aws s3 sync ./packages/web/dist ${{ env.S3_BUCKET }} - name: Invalidate CloudFront cache run: aws cloudfront create-invalidation --distribution-id ${{ env.CLOUDFRONT_DISTRIBUTION_ID }} --paths "/*"