Merge branch 'main' of https://github.com/Formula-Thoughts/flatshare-… #292
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: CI/CD Pipeline | |
on: | |
push: | |
branches: [main, prod-ready] | |
jobs: | |
# Determines the environment to deploy the backend to | |
setenv: | |
runs-on: ubuntu-latest | |
outputs: | |
env: ${{ steps.setenvstep.outputs.env }} | |
# Deploys to staging/prod environment depending on branch name | |
steps: | |
- name: determine env | |
id: setenvstep | |
run: | | |
if [[ "${{github.base_ref}}" == "main" || "${{github.ref}}" == "refs/heads/main" ]]; then | |
echo "env=staging" >> "$GITHUB_OUTPUT" | |
fi | |
if [[ "${{github.base_ref}}" == "prod-ready" || "${{github.ref}}" == "refs/heads/prod-ready" ]]; then | |
echo "env=prod" >> "$GITHUB_OUTPUT" | |
fi | |
# Change detection for filtering jobs | |
changes: | |
runs-on: ubuntu-latest | |
# Required permissions | |
permissions: | |
pull-requests: read | |
outputs: | |
backend: ${{ steps.filter.outputs.backend }} | |
frontend: ${{ steps.filter.outputs.frontend }} | |
steps: | |
- uses: actions/checkout@v4 | |
# For pull requests it's not necessary to checkout the code | |
- uses: dorny/paths-filter@v3 | |
id: filter | |
with: | |
filters: | | |
backend: | |
- 'backend/**' | |
frontend: | |
- 'frontend/**' | |
frontend: | |
defaults: | |
run: | |
working-directory: frontend | |
permissions: | |
id-token: write | |
contents: read | |
needs: changes | |
if: ${{needs.changes.outputs.frontend == 'true'}} | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: actions/setup-node@v4 | |
with: | |
node-version: 18 | |
- run: npm install | |
- run: npm run build | |
- name: Configure AWS Credentials | |
uses: aws-actions/configure-aws-credentials@v4 | |
with: | |
role-to-assume: arn:aws:iam::035306758865:role/gh-short-lived-creds | |
aws-region: us-east-1 | |
- run: aws s3 sync build/ s3://flatini.formulathoughts.com | |
- run: aws cloudfront create-invalidation --distribution-id ${{secrets.DISTRIBUTION_ID}} --paths "/*" | |
backend: | |
needs: [changes, setenv] | |
if: ${{ needs.changes.outputs.backend == 'true' }} | |
runs-on: ubuntu-latest | |
steps: | |
- name: checkout head | |
uses: actions/checkout@v4 | |
- name: Set up Python 3.10 | |
uses: actions/setup-python@v4 | |
with: | |
python-version: "3.10" | |
- name: backend tests | |
run: | | |
cd backend | |
python -m pip install --upgrade pip | |
pip install -r requirements.txt | |
pip install -r requirements-test.txt | |
python -m unittest | |
- name: setup aws cli | |
uses: aws-actions/configure-aws-credentials@v1 | |
with: | |
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
aws-region: eu-west-2 | |
- name: build and deploy to aws | |
run: | | |
cd backend && sh clean_build.sh | |
sam deploy --no-fail-on-empty-changeset --no-confirm-changeset --stack-name flatini-api-${{needs.setenv.outputs.env}} --s3-bucket flatini-api-${{needs.setenv.outputs.env}}-s3 --s3-prefix flatini --region eu-west-2 --capabilities CAPABILITY_IAM --parameter-overrides ParameterKey=GoogleClientSecret,ParameterValue="${{ secrets.GOOGLE_CLIENT_SECRET }}" ParameterKey=GoogleClientId,ParameterValue="${{ secrets.GOOGLE_CLIENT_ID }}" |