chore(deps): update terraform aws to v5.65.0 (#78) #64
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Deploy blog to AWS PRD env | |
on: | |
push: | |
branches: | |
- source | |
workflow_dispatch: | |
permissions: | |
contents: read | |
pages: write | |
id-token: write | |
# Allow only one concurrent deployment, skipping runs queued between the run in-progress and latest queued. | |
# However, do NOT cancel in-progress runs as we want to allow these production deployments to complete. | |
concurrency: | |
group: "pages" | |
cancel-in-progress: false | |
env: | |
AWS_ROLE: 'arn:aws:iam::264585740784:role/JworksTechBlogGithubRole' | |
jobs: | |
build: | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout | |
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 | |
- name: Setup Ruby | |
uses: ruby/setup-ruby@a6e6f86333f0a2523ece813039b8b4be04560854 # v1.190.0 | |
with: | |
ruby-version: '3.2' | |
bundler-cache: true # runs 'bundle install' and caches installed gems automatically | |
cache-version: 0 # Increment this number if you need to re-download cached gems | |
- name: Build with Jekyll | |
run: bundle exec jekyll build --baseurl "" | |
env: | |
JEKYLL_ENV: production | |
- name: Upload artifact | |
uses: actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a # v4.3.6 | |
with: | |
name: blog | |
path: _site | |
if-no-files-found: error | |
retention-days: 5 | |
deploy: | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/create-github-app-token@31c86eb3b33c9b601a1f60f98dcbfd1d70f379b4 # v1.10.3 | |
id: repository-token | |
with: | |
app-id: ${{ vars.ORDINA_GROUP_BOT_APP_ID }} | |
private-key: ${{ secrets.ORDINA_GROUP_BOT_CERT }} | |
owner: ${{ github.repository_owner }} | |
repositories: "jworks-terraform-modules" | |
- name: Checkout | |
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 | |
- name: Setup git creds | |
run: git config --global url."https://${{ vars.ORDINA_GROUP_BOT_APP_ID }}:${{ steps.repository-token.outputs.token }}@github".insteadOf https://github | |
- name: Configure AWS credentials | |
uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502 # v4.0.2 | |
with: | |
role-to-assume: ${{ env.AWS_ROLE }} | |
aws-region: eu-west-1 | |
- name: Setup Terraform | |
uses: hashicorp/setup-terraform@651471c36a6092792c552e8b1bef71e592b462d8 # v3.1.1 | |
- name: Terraform Init | |
id: init | |
run: terraform init | |
working-directory: infra/env/prd | |
- name: Terraform Format | |
id: fmt | |
run: terraform fmt -check | |
working-directory: infra/env/prd | |
- name: Terraform Validate | |
id: validate | |
run: terraform validate -no-color | |
working-directory: infra/env/prd | |
- name: Terraform Plan | |
id: plan | |
run: terraform plan | |
working-directory: infra/env/prd | |
- name: Terraform Apply | |
id: apply | |
run: terraform apply -auto-approve | |
working-directory: infra/env/prd | |
upload: | |
runs-on: ubuntu-latest | |
needs: [build, deploy] | |
steps: | |
- name: Download artifact | |
uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 | |
with: | |
name: blog | |
path: blog | |
- name: Configure AWS credentials | |
uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502 # v4.0.2 | |
with: | |
role-to-assume: ${{ env.AWS_ROLE }} | |
aws-region: eu-west-1 | |
- name: Upload files to s3 | |
run: aws s3 sync ./blog s3://blog.ordina-jworks.io | |