-
Notifications
You must be signed in to change notification settings - Fork 7
87 lines (78 loc) · 3.57 KB
/
deploy-prod.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
name: DeployProd
on:
push:
branches:
- "master"
jobs:
deploy-prod:
runs-on: ubuntu-latest
permissions:
id-token: write
contents: read
steps:
- name: Checkout
uses: actions/[email protected]
- uses: actions/setup-node@v1
with:
node-version: "18"
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v1
with:
role-to-assume: arn:aws:iam::${{ secrets.AWS_ACCOUNT_ID }}:role/github-actions-frontend-access
aws-region: ap-south-1
- name: Build nginx and push on ECR
run: |
cd nginx
sed -i "s|WEBSITE_URL|canopas.com|g" conf.d/default.conf
sed -i "s|API_URL|prod-stack-api.canopas.com|g" conf.d/default.conf
sed -i "s|ARTICLES_URL|articles.canopas.com|g" conf.d/default.conf
bash ./../deploy/deploy-ecr-image.sh prod-nginx ${{ secrets.AWS_ACCOUNT_ID }}.dkr.ecr.$AWS_REGION.amazonaws.com/canopas-website-nginx
- name: Build frontend and push on ECR
run: |
cd vue-frontend
echo VITE_RECAPTCHA_SITE_KEY=${{ secrets.RECAPTCHA_SITE_KEY }} >> .env
mv src/config.prod.js src/config.js
sh ./../deploy/generate-sitemap.sh https://canopas.com https://prod-stack-api.canopas.com
bash ./../deploy/deploy-ecr-image.sh prod-frontend ${{ secrets.AWS_ACCOUNT_ID }}.dkr.ecr.$AWS_REGION.amazonaws.com/canopas-website-frontend
- name: Checkout
uses: actions/[email protected]
- uses: actions/setup-go@v2
with:
go-version: "^1.17.5"
- name: Build backend and push on ECR
run: |
bash ./deploy/deploy-ecr-image.sh prod-backend ${{ secrets.AWS_ACCOUNT_ID }}.dkr.ecr.$AWS_REGION.amazonaws.com/canopas-website-backend
- name: Deploy cloudformation stack
id: canopas-website-prod-ECS-EC2-stack
uses: aws-actions/aws-cloudformation-github-deploy@v1
with:
name: canopas-website-prod-ECS-EC2-stack
template: infrastructure/template.yml
capabilities: CAPABILITY_IAM,CAPABILITY_NAMED_IAM
timeout-in-minutes: "10"
no-fail-on-empty-changeset: "1"
parameter-overrides: >-
EnvName=prod,
Sender=${{ secrets.SENDER }},
ContactSender=${{ secrets.CONTACT_SENDER }},
JobsReceiver=${{ secrets.JOBS_RECEIVER }},
ContactReceiver=${{ secrets.CONTACT_RECEIVER }},
AccessKeyId=${{ secrets.ACCESS_KEY_ID }},
SecretAccessKey=${{ secrets.SECRET_ACCESS_KEY }},
Region=${{ secrets.AWS_REGION }},
DbUsername=${{ secrets.DB_USERNAME }},
DbPassword=${{ secrets.DB_PASSWORD }},
DbHost=${{ secrets.DB_HOST }},
DbPort=${{ secrets.DB_PORT }},
DbName=${{ secrets.DB_NAME }},
RecaptchaConfigJSONBase64=${{ secrets.RECAPTCHA_CONFIG_JSON_BASE64 }},
RecaptchaSiteKey=${{ secrets.RECAPTCHA_SITE_KEY }},
RecaptchaProjectId=${{ secrets.RECAPTCHA_PROJECT_ID }},
JobsSpreadsheetId=${{ secrets.JOBS_SPREADSHEET_ID }},
JobsSheetId=${{ secrets.JOBS_SHEET_ID }},
GithubAccessToken=${{ secrets.PERSONAL_ACCESS_TOKEN_GITHUB }},
ResourcesURL=${{secrets.RESOURCES_URL}},
ClusterName=canopas-website-prod,
ImageTag=${{ github.sha }}-${{ github.run_attempt }}-prod-frontend,
BackendImageTag=${{ github.sha }}-${{ github.run_attempt }}-prod-backend,
NginxImageTag=${{ github.sha }}-${{ github.run_attempt }}-prod-nginx