Deploy Process #566
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Deploy Process | |
on: | |
push: | |
branches: | |
- master | |
- deploy | |
pull_request: | |
schedule: | |
- cron: 0 4 * * * # Redeploy at 4 AM every day | |
jobs: | |
build: | |
runs-on: ubuntu-20.04 | |
steps: | |
- uses: Firenza/secrets-to-env@v1.2.0 | |
with: | |
secrets: ${{ toJSON(secrets) }} | |
- name: Specify PHP version | |
uses: shivammathur/setup-php@v2 | |
with: | |
php-version: '5.6' | |
- name: Make branch name available as Bash variable | |
run: echo "GITHUB_BRANCH=${GITHUB_REF#refs/heads/}" >> $GITHUB_ENV | |
- name: Install packages with APT | |
run: >- | |
sudo apt-get update && | |
sudo apt-get install -y awscli php5.6-cli php5.6-curl php5.6-memcached php5.6-mysql yarn zip | |
- uses: actions/checkout@v3 | |
- run: sudo apt-get update -qq | |
- name: Install Composer dependencies | |
run: composer install | |
- name: Install Node dependencies | |
run: cd htdocs/js/vendor; yarn build | |
- run: cd ../../.. | |
- run: find htdocs/*.php -print0 |xargs -0 -n1 -P8 php5.6 -l | |
- name: Set up Docker | |
uses: docker/setup-buildx-action@v1 | |
- name: Run Docker | |
run: ./docker-run.sh | |
- name: Run tests | |
run: docker exec -i rs_web /var/www/deploy/tests/run-all.sh | |
- name: Stop Docker | |
run: ./docker-stop.sh | |
- name: Populate secrets and ZIP | |
run: >- | |
./deploy/branch_deploy.sh && ./deploy/config_variables.sh && | |
./deploy/aws_credentials.sh && zip -qr rs-web-deploy . --exclude | |
*.git* *.scannerwork* && mkdir -p upload && mv rs-web-deploy.zip | |
upload/rs-web-deploy.zip | |
- run: >- | |
if [ "$GITHUB_BRANCH" = "master" ]; then | |
./deploy/increase_verbosity.sh; fi | |
- run: >- | |
if [ "$GITHUB_BRANCH" = "master" ]; then | |
cp appspec-staging.yml appspec.yml | |
elif [ "$GITHUB_BRANCH" = "deploy" ]; then | |
cp appspec-deploy.yml appspec.yml | |
fi | |
- name: Save secret-populated code for a subsequent deploy step | |
uses: actions/upload-artifact@v4 | |
with: | |
name: codebase | |
path: . | |
- name: Get the branch name for use in the build step | |
shell: bash | |
run: echo "##[set-output name=github_branch;]$(echo $GITHUB_BRANCH)" | |
id: get_branch | |
outputs: | |
github_branch: ${{ steps.get_branch.outputs.github_branch }} | |
deploy: | |
runs-on: ubuntu-20.04 | |
needs: build # Don't deploy unless the build succeeds | |
steps: | |
- run: echo "Deploy branch is ${{ needs.build.outputs.github_branch }}" | |
- name: Get the secret-populated code | |
uses: actions/download-artifact@v4 | |
with: | |
name: codebase | |
- name: Configure AWS credentials | |
uses: aws-actions/configure-aws-credentials@v2 | |
with: | |
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY }} | |
aws-secret-access-key: ${{ secrets.AWS_SECRET_KEY }} | |
aws-region: us-east-1 | |
- name: Staging CodeDeploy Deployment | |
if: ${{ needs.build.outputs.github_branch == 'master' }} | |
run: | | |
aws deploy push --application-name RS-Web \ | |
--s3-location s3://deploy.richmondsunlight.com/rs-web-staging.zip \ | |
--ignore-hidden-files | |
aws deploy create-deployment \ | |
--application-name RS-Web \ | |
--deployment-group-name RS-Web-Staging \ | |
--deployment-config-name CodeDeployDefault.OneAtATime \ | |
--s3-location bucket=deploy.richmondsunlight.com,key=rs-web-staging.zip,bundleType=zip | |
- name: Production CodeDeploy Deployment | |
if: ${{ needs.build.outputs.github_branch == 'deploy' }} | |
run: | | |
aws deploy push --application-name RS-Web \ | |
--s3-location s3://deploy.richmondsunlight.com/rs-web-deploy.zip \ | |
--ignore-hidden-files | |
aws deploy create-deployment \ | |
--application-name RS-Web \ | |
--deployment-group-name RS-Web-Fleet \ | |
--deployment-config-name CodeDeployDefault.OneAtATime \ | |
--s3-location bucket=deploy.richmondsunlight.com,key=rs-web-deploy.zip,bundleType=zip |