Skip to content

Deploy

Deploy #17

Workflow file for this run

# Run locally with act:
#
# act pull_request [--input command=[command]] \
# --platform fusionauth-standard=[ecr-repo-name]/fusionauth-standard:latest] \
# --workflows ./.github/workflows/deploy.yaml \
# --env-file <(aws configure export-credentials --profile [aws-profile] --format env)
name: Deploy
on:
push:
branches:
- main
pull_request:
branches:
- main
workflow_dispatch:
inputs:
command:
type: choice
options:
- build # build only
- publish # build & publish to npmjs
- release # build & release to svn
default: build
permissions:
contents: read
jobs:
build:
if: |
github.event_name == 'pull_request' ||
github.event_name == 'push' ||
github.event_name == 'workflow_dispatch' && inputs.command == 'build'
runs-on: fusionauth-standard
steps:
- name: checkout
uses: actions/checkout@v4
- name: compile
shell: bash -l {0}
run: sb compile
deploy:
if: |
github.event_name == 'workflow_dispatch' &&
(inputs.command == 'release' || inputs.command == 'publish')
runs-on: fusionauth-standard
steps:
- name: checkout
uses: actions/checkout@v4
- name: set aws credentials
uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: arn:aws:iam::752443094709:role/github-actions
role-session-name: aws-auth-action
aws-region: us-west-2
- name: get secret
run: |
while IFS=$'\t' read -r key value; do
echo "::add-mask::${value}"
echo "${key}=${value}" >> $GITHUB_ENV
done < <(aws secretsmanager get-secret-value \
--region us-west-2 \
--secret-id platform/npmjs \
--query SecretString \
--output text | \
jq -r 'to_entries[] | [.key, .value] | @tsv')
- name: create npmrc
run: |
echo "color=false" > ~/.npmrc
echo "//registry.npmjs.org/:_authToken=${{ env.API_KEY }}" >> ~/.npmrc
chmod 600 ~/.npmrc
- name: release to svn
if: inputs.command == 'release'
shell: bash -l {0}
run: sb release
- name: publish to npmjs
if: inputs.command == 'publish'
shell: bash -l {0}
run: sb publish