Skip to content

chore(deps): update terraform aws to v5.65.0 (#78) #64

chore(deps): update terraform aws to v5.65.0 (#78)

chore(deps): update terraform aws to v5.65.0 (#78) #64

name: Deploy blog to AWS PRD env
on:
push:
branches:
- source
workflow_dispatch:
permissions:
contents: read
pages: write
id-token: write
# Allow only one concurrent deployment, skipping runs queued between the run in-progress and latest queued.
# However, do NOT cancel in-progress runs as we want to allow these production deployments to complete.
concurrency:
group: "pages"
cancel-in-progress: false
env:
AWS_ROLE: 'arn:aws:iam::264585740784:role/JworksTechBlogGithubRole'
jobs:
build:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- name: Setup Ruby
uses: ruby/setup-ruby@a6e6f86333f0a2523ece813039b8b4be04560854 # v1.190.0
with:
ruby-version: '3.2'
bundler-cache: true # runs 'bundle install' and caches installed gems automatically
cache-version: 0 # Increment this number if you need to re-download cached gems
- name: Build with Jekyll
run: bundle exec jekyll build --baseurl ""
env:
JEKYLL_ENV: production
- name: Upload artifact
uses: actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a # v4.3.6
with:
name: blog
path: _site
if-no-files-found: error
retention-days: 5
deploy:
runs-on: ubuntu-latest
steps:
- uses: actions/create-github-app-token@31c86eb3b33c9b601a1f60f98dcbfd1d70f379b4 # v1.10.3
id: repository-token
with:
app-id: ${{ vars.ORDINA_GROUP_BOT_APP_ID }}
private-key: ${{ secrets.ORDINA_GROUP_BOT_CERT }}
owner: ${{ github.repository_owner }}
repositories: "jworks-terraform-modules"
- name: Checkout
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- name: Setup git creds
run: git config --global url."https://${{ vars.ORDINA_GROUP_BOT_APP_ID }}:${{ steps.repository-token.outputs.token }}@github".insteadOf https://github
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502 # v4.0.2
with:
role-to-assume: ${{ env.AWS_ROLE }}
aws-region: eu-west-1
- name: Setup Terraform
uses: hashicorp/setup-terraform@651471c36a6092792c552e8b1bef71e592b462d8 # v3.1.1
- name: Terraform Init
id: init
run: terraform init
working-directory: infra/env/prd
- name: Terraform Format
id: fmt
run: terraform fmt -check
working-directory: infra/env/prd
- name: Terraform Validate
id: validate
run: terraform validate -no-color
working-directory: infra/env/prd
- name: Terraform Plan
id: plan
run: terraform plan
working-directory: infra/env/prd
- name: Terraform Apply
id: apply
run: terraform apply -auto-approve
working-directory: infra/env/prd
upload:
runs-on: ubuntu-latest
needs: [build, deploy]
steps:
- name: Download artifact
uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8
with:
name: blog
path: blog
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502 # v4.0.2
with:
role-to-assume: ${{ env.AWS_ROLE }}
aws-region: eu-west-1
- name: Upload files to s3
run: aws s3 sync ./blog s3://blog.ordina-jworks.io