diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml new file mode 100644 index 0000000..423fd2f --- /dev/null +++ b/.github/workflows/deploy.yml @@ -0,0 +1,68 @@ +name: waggle deployment (PR to deploy) + +on: + pull_request: + branches: [ deploy ] + types: [ opened, synchronize, reopened, ready_for_review ] + +jobs: + build: + runs-on: ubuntu-latest + permissions: + contents: read + + steps: + - name: Checkout source + uses: actions/checkout@v4 + with: + fetch-depth: 0 + + - name: Node.js + uses: actions/setup-node@v4 + with: + node-version: 22 + cache: 'npm' + + - name: Install dependencies + run: npm ci + + - name: Build React App + run: npm run build + env: + VITE_BASE_URL: ${{ secrets.VITE_BASE_URL }} + + - name: Configure AWS Credentials + uses: aws-actions/configure-aws-credentials@v4 + with: + aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} + aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + aws-region: ${{ secrets.AWS_REGION }} + + - name: Deploy to S3 (validate & upload) + shell: bash + run: | + set -euo pipefail + + test -f dist/index.html + + BUCKET="${{ secrets.AWS_BUCKET_NAME }}" + [[ -n "$BUCKET" ]] + [[ "$BUCKET" != s3://* ]] + + aws s3 ls "s3://$BUCKET" >/dev/null + + aws s3 sync "dist" "s3://$BUCKET" \ + --delete \ + --cache-control "public, max-age=31536000, immutable" \ + --exclude "index.html" + + # HTML: no-cache + aws s3 cp "dist/index.html" "s3://$BUCKET/index.html" \ + --cache-control "no-cache, no-store, must-revalidate" \ + --content-type "text/html" + + - name: Invalidate CloudFront cache (HTML only) + run: | + aws cloudfront create-invalidation \ + --distribution-id ${{ secrets.AWS_DISTRIBUTION_ID }} \ + --paths "/index.html" \ No newline at end of file