Skip to content

feat: using cdn

feat: using cdn #12275

Workflow file for this run

name: CI/CD
on:
push:
branches:
- "*"
tags:
- "*"
workflow_dispatch:
defaults:
run:
shell: bash
jobs:
setup:
runs-on: ubuntu-22.04
outputs:
workflow_id: ${{ steps.generate-uuid.outputs.uuid }}
steps:
- name: Checkout 🛎
uses: actions/checkout@master
- name: Setup Node ⬢
uses: actions/setup-node@v3
with:
node-version: 20
cache: "yarn"
- name: Cache node modules 🗃
id: cache-nodemodules
uses: actions/cache@v3
with:
# npm packages are cached in node_modules
# npm also provides a local cache in .npm
# Cypress binary is stored in ~/.cache
path: |
node_modules
~/.npm
~/.cache
key: ${{ runner.os }}-node-modules-build-${{ hashFiles('**/yarn.lock') }}
- name: Cache Site Data ⏬
id: cache-downloaded-data
uses: actions/cache@v3
with:
path: |
dist/
key: ${{ runner.os }}-download-data-${{ github.sha }}
- name: Install Node Modules 📦
if: steps.cache-nodemodules.outputs.cache-hit != 'true'
run: yarn install --frozen-lockfile
linter:
runs-on: ubuntu-22.04
needs: setup
steps:
- name: Checkout 🛎️
uses: actions/checkout@v3
- name: Setup Node ⬢
uses: actions/setup-node@v3
with:
node-version: 20
cache: "yarn"
- name: Restore node modules from cache 📦
id: cache-nodemodules
uses: actions/cache@v3
with:
path: |
node_modules
~/.npm
~/.cache
key: ${{ runner.os }}-node-modules-build-${{ hashFiles('**/yarn.lock') }}
- name: Install 📦
if: steps.cache-nodemodules.outputs.cache-hit != 'true'
run: yarn install --frozen-lockfile
- name: Run linter 👀
run: yarn run lint
type-check:
runs-on: ubuntu-22.04
needs: setup
steps:
- name: Checkout 🛎️
uses: actions/checkout@v3
- name: Setup Node ⬢
uses: actions/setup-node@v3
with:
node-version: 20
cache: "yarn"
- name: Restore node modules from cache 📦
id: cache-nodemodules
uses: actions/cache@v3
with:
path: |
node_modules
~/.npm
~/.cache
key: ${{ runner.os }}-node-modules-build-${{ hashFiles('**/yarn.lock') }}
- name: Install 📦
if: steps.cache-nodemodules.outputs.cache-hit != 'true'
run: yarn install --frozen-lockfile
- name: Run typescript 👀
run: yarn tsc
build-push:
runs-on: ubuntu-latest
needs: [linter, type-check]
if: github.ref == 'refs/heads/main'
permissions:
id-token: write # This is required for requesting the JWT
contents: read # This is required for actions/checkout
steps:
- name: Checkout
uses: actions/checkout@v3
- name: Setup Docker Buildx
uses: docker/setup-buildx-action@v2
- name: Build and export image
uses: docker/build-push-action@v4
with:
push: false
load: true
tags: spellbook-client:latest
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v1
with:
role-to-assume: ${{ secrets.AWS_ROLE_ARN }}
role-session-name: github-actions
aws-region: ${{ secrets.AWS_REGION }}
- name: Copy Static Files to S3
env:
S3_BUCKET: ${{ secrets.S3_BUCKET }}
run: |
id=$(docker create spellbook-client:latest)
docker cp $id:/app/.next/static _next
docker rm -v $id
aws s3 cp \
--recursive \
--cache-control "max-age=2592000" \
--exclude "*" \
--include "*.js" \
--content-type "text/javascript; charset=utf-8" \
_next/ s3://$S3_BUCKET/_next/static
aws s3 cp \
--recursive \
--cache-control "max-age=2592000" \
--exclude "*" \
--include "*.css" \
--content-type "text/css; charset=utf-8" \
_next/ s3://$S3_BUCKET/_next/static
# Other files will not have UTF-8 set
aws s3 cp \
--recursive \
--cache-control "max-age=2592000" \
--exclude "*.js" \
--exclude "*.css" \
_next/ s3://$S3_BUCKET/_next/static
- name: Create Cloudfront Invalidation
env:
DISTRIBUTION_ID: ${{ secrets.DISTRIBUTION_ID }}
run: |
aws cloudfront create-invalidation \
--distribution-id $DISTRIBUTION_ID \
--paths "/*"
- name: Login to Amazon ECR
id: login-ecr
uses: aws-actions/amazon-ecr-login@v1
- name: Push image to Amazon ECR
env:
ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }}
ECR_REPOSITORY: ${{ secrets.AWS_ECR_REPO_NAME }}
IMAGE_TAG: ${{ github.sha }}
run: |
docker tag spellbook-client:latest $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG
docker tag spellbook-client:latest $ECR_REGISTRY/$ECR_REPOSITORY:latest
docker push --all-tags $ECR_REGISTRY/$ECR_REPOSITORY
rollout-pods:
runs-on: ubuntu-latest
needs: build-push
if: github.ref == 'refs/heads/main'
permissions:
id-token: write # This is required for requesting the JWT
contents: read # This is required for actions/checkout
steps:
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v1
with:
role-to-assume: ${{ secrets.AWS_ROLE_ARN }}
role-session-name: github-actions
aws-region: ${{ secrets.AWS_REGION }}
- name: Config kube
env:
CLUSTER_NAME: ${{ secrets.CLUSTER_NAME }}
run: aws eks --region us-east-2 update-kubeconfig --name $CLUSTER_NAME --kubeconfig kubeconfig.yaml
- name: Install and configure kubectl
uses: azure/setup-kubectl@v3
- name: Rollout pods
run: |
export KUBECONFIG=kubeconfig.yaml
kubectl rollout restart deployment/spellbook-client -n spellbook
# timeout 600 kubectl rollout status deployment/spellbook-client -n spellbook