Merge pull request #242 from GDGoCINHA/master #174
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: DEV CI | |
| permissions: | |
| contents: read | |
| on: | |
| push: | |
| branches: [ develop, master ] | |
| tags: [ 'development-**' ] | |
| workflow_dispatch: | |
| concurrency: | |
| group: dev-${{ github.ref }} | |
| cancel-in-progress: true | |
| jobs: | |
| deploy: | |
| runs-on: ubuntu-latest | |
| env: | |
| NEXT_PUBLIC_GOOGLE_REDIRECT_CLIENT_ID: ${{ secrets.NEXT_PUBLIC_GOOGLE_REDIRECT_CLIENT_ID }} | |
| NEXT_PUBLIC_GOOGLE_REDIRECT_URI: ${{ secrets.NEXT_PUBLIC_GOOGLE_REDIRECT_URI }} | |
| steps: | |
| - name: Checkout source code | |
| uses: actions/checkout@v4 | |
| - name: Use Node.js 20 | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: '20' | |
| cache: 'yarn' | |
| - name: Set env for develop | |
| if: github.ref == 'refs/heads/develop' | |
| run: | | |
| echo "TARGET_BUCKET=${{ secrets.AWS_S3_BUCKET_DEV }}" >> $GITHUB_ENV | |
| echo "NEXT_PUBLIC_APP_ENV=dev" >> $GITHUB_ENV | |
| echo "NEXT_PUBLIC_BASE_API_URL=${{ secrets.NEXT_PUBLIC_BASE_API_URL_DEV }}" >> $GITHUB_ENV | |
| echo "NEXT_PUBLIC_GOOGLE_MAPS_API_KEY=${{ secrets.NEXT_PUBLIC_GOOGLE_MAPS_API_KEY }}" >> $GITHUB_ENV | |
| - name: Set env for main | |
| if: github.ref == 'refs/heads/master' | |
| run: | | |
| echo "TARGET_BUCKET=${{ secrets.AWS_S3_BUCKET }}" >> $GITHUB_ENV | |
| echo "NEXT_PUBLIC_APP_ENV=production" >> $GITHUB_ENV | |
| echo "NEXT_PUBLIC_BASE_API_URL=${{ secrets.NEXT_PUBLIC_BASE_API_URL }}" >> $GITHUB_ENV | |
| echo "NEXT_PUBLIC_GOOGLE_MAPS_API_KEY=${{ secrets.NEXT_PUBLIC_GOOGLE_MAPS_API_KEY }}" >> $GITHUB_ENV | |
| - name: Install dependencies | |
| run: yarn install --frozen-lockfile | |
| - name: Build | |
| run: yarn build | |
| - name: Configure AWS Credentials | |
| uses: aws-actions/configure-aws-credentials@v4 | |
| with: | |
| aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| aws-region: ${{ secrets.AWS_REGION }} | |
| # (선택) 캐시 헤더 전략: 해시된 자산은 장기 캐시, HTML은 no-cache | |
| # 프로젝트에 맞게 include/exclude 패턴 조정 | |
| - name: Upload static assets (long cache) | |
| run: | | |
| aws s3 cp ./out s3://$TARGET_BUCKET \ | |
| --recursive \ | |
| --exclude "*" \ | |
| --include "_next/**" --include "static/**" --include "assets/**" \ | |
| --cache-control "public, max-age=31536000, immutable" \ | |
| --metadata-directive REPLACE | |
| - name: Upload html (no cache) | |
| run: | | |
| aws s3 cp ./out s3://$TARGET_BUCKET \ | |
| --recursive \ | |
| --exclude "_next/*" --exclude "static/*" --exclude "assets/*" \ | |
| --cache-control "no-cache" \ | |
| --metadata-directive REPLACE | |
| # (단순화 원하면 기존 sync 한 줄 유지 가능) | |
| # - name: Deploy to S3 | |
| # run: aws s3 sync ./out s3://$TARGET_BUCKET --delete | |
| - name: Invalidate CloudFront Cache | |
| run: | | |
| aws cloudfront create-invalidation \ | |
| --distribution-id ${{ secrets.AWS_DISTRIBUTION_ID }} \ | |
| --paths "/*" |