Skip to content

Commit bf9cd3a

Browse files
VishwajitNagulkarVishwajitNagulkar
authored
Feature: Updated SST Workflow with Add-ons
1 parent 7a232b8 commit bf9cd3a

File tree

1 file changed

+110
-30
lines changed

1 file changed

+110
-30
lines changed

.github/workflows/sst_workflow.yml

Lines changed: 110 additions & 30 deletions
Original file line numberDiff line numberDiff line change
@@ -1,65 +1,145 @@
1-
name: Shared workflow- SST APP
1+
name: Shared Workflow - SST Deploy
22

33
on:
44
workflow_call:
55
inputs:
66
app-env:
7-
description: 'Application environment'
7+
description: 'application environment'
8+
required: true
9+
type: string
10+
preview:
11+
description: 'create or destroy preview env'
812
required: false
913
type: string
14+
default: false
1015
working-directory:
11-
description: 'Working directory in the repository'
12-
required: true
16+
description: 'working directory in repo'
17+
required: false
18+
type: string
19+
default: ./
20+
stack-name:
21+
description: 'stack name'
22+
required: false
23+
default: ""
1324
type: string
25+
yarn-cache:
26+
description: 'cache required or not for yarn install'
27+
type: string
28+
default: false
29+
deploy:
30+
description: 'default deploy otherwise run diff command to detect changes in stacks'
31+
type: string
32+
default: true
33+
self-hosted:
34+
description: 'deploy stack with github self hosted runner or not'
35+
type: string
36+
default: true
1437

1538
secrets:
16-
aws-access-key-id:
17-
description: 'AWS Access Key ID'
18-
required: true
19-
aws-secret-access-key:
20-
description: 'AWS Secret Access Key'
39+
token:
40+
description: 'GitHub Token'
41+
required: false
42+
env-vars:
43+
description: 'environment-variables to store in .env file'
44+
required: false
45+
build-role:
46+
description: 'assume role arn'
2147
required: true
2248

49+
2350
jobs:
24-
deploy:
25-
runs-on: ubuntu-20.04
26-
environment:
27-
name: ${{ github.head_ref }}
28-
url: ${{ env.API_ENDPOINT_URL }}
51+
setup:
52+
runs-on: ubuntu-latest
53+
outputs:
54+
runner: ${{ steps.step1.outputs.runner }}
55+
steps:
56+
- name: Check branch
57+
id: step1
58+
run: |
59+
if [ ${{ inputs.self-hosted }} == 'true' ]; then
60+
echo "runner=flo-${{ inputs.app-env }}" >> "$GITHUB_OUTPUT"
61+
else
62+
echo "runner=ubuntu-latest" >> "$GITHUB_OUTPUT"
63+
fi
64+
sst-deploy:
65+
needs: [setup]
66+
runs-on: ${{ needs.setup.outputs.runner }}
67+
environment:
68+
name: ${{ (((github.event.action == 'opened' || github.event.action == 'synchronize') && inputs.preview == 'true') || (github.event.pull_request.merged == true && inputs.preview == 'false' && inputs.app-env == 'staging') || (inputs.app-env == 'production' && startsWith(github.ref, 'refs/tags/v'))) && ((inputs.preview == 'true' && (inputs.stack-name != '' && github.head_ref-inputs.stack-name || github.head_ref) || inputs.app-env)) || '' }}
69+
url: ${{ ((github.event.action == 'opened' && inputs.preview == 'true') || (github.event.action == 'synchronize' && inputs.preview == 'true') || (github.event.pull_request.merged == true && inputs.preview == 'false' && inputs.app-env == 'staging') || (inputs.app-env == 'production' && startsWith(github.ref, 'refs/tags/v'))) && env.API_ENDPOINT_URL }}
2970
defaults:
3071
run:
3172
working-directory: ${{ inputs.working-directory }}
3273

33-
name: Deploy SST APP
74+
name: Run sst-deploy
3475
steps:
3576
- name: Checkout git repo
3677
uses: actions/checkout@v3
3778

38-
- name: Configure AWS Credentials
39-
uses: aws-actions/configure-aws-credentials@v2
79+
- name: update environment variable in .env file
80+
run: |
81+
if [ -n "${{ secrets.env-vars }}" ]; then
82+
echo -e "${{ secrets.env-vars }}" > ./.env
83+
fi
84+
85+
- name: Configure AWS Creds via role
86+
uses: aws-actions/configure-aws-credentials@v1-node16
4087
with:
41-
aws-access-key-id: ${{ secrets.aws-access-key-id }}
42-
aws-secret-access-key: ${{ secrets.aws-secret-access-key }}
43-
aws-region: us-east-2
88+
aws-region: us-west-2
89+
role-to-assume: ${{ secrets.build-role }}
90+
role-duration-seconds: 900
91+
role-skip-session-tagging: true
92+
93+
- name: Install yarn
94+
run: sudo npm install -g yarn
4495

45-
- name: Install dependencies (yarn install)
46-
run: yarn install
47-
48-
- name: Extract branch name
96+
- name: Install dependencies
97+
if: ${{ inputs.yarn-cache != 'true' }}
98+
run: yarn install --frozen-lockfile
99+
100+
- name: Install dependencies with yarn cache
101+
if: ${{ inputs.yarn-cache == 'true' }}
102+
uses: ./.github/actions/yarn-nm-install
103+
104+
- name: Set branch name
49105
run: |
50-
BRANCH_NAME=$(echo "${{ github.head_ref }}" | cut -d'/' -f3)
106+
BRANCH_NAME=$(echo "${{ github.head_ref }}" | cut -d'|' -f2)
51107
echo "BRANCH_NAME=${BRANCH_NAME}"
52108
SLUG_BRANCH_NAME=$(echo "${BRANCH_NAME}" | sed 's/[^[:alnum:]]/-/g' | tr -s '-' | tr A-Z a-z)
53109
echo "SLUG_BRANCH_NAME=${SLUG_BRANCH_NAME}"
54110
echo "GITHUB_HEAD_REF_SLUG=${SLUG_BRANCH_NAME}" >> $GITHUB_ENV
55111
112+
- name: check diffrence in deployed and local stacks
113+
if: ${{ inputs.deploy != 'true' }}
114+
run: yarn sst diff --stage ${{ inputs.app-env }}
115+
56116
- name: Deploy and get API endpoint
57-
if: ${{ (github.event.action == 'opened' || github.event.action == 'synchronize' && inputs.app-env == 'preview') || ( github.event.pull_request.merged == true && (inputs.app-env == 'prod' || inputs.app-env == 'stage')) }}
117+
if: ${{ inputs.deploy == 'true' && ((github.event.action == 'opened' && inputs.preview == 'true') || (github.event.action == 'synchronize' && inputs.preview == 'true') || (github.event.pull_request.merged == true && inputs.preview == 'false' && inputs.app-env == 'staging') || (inputs.app-env == 'production' && startsWith(github.ref, 'refs/tags/v'))) }}
58118
run: |
59-
api_endpoint=$(yarn sst deploy --stage pr-${{ github.event.number }}-${{ env.GITHUB_HEAD_REF_SLUG }} | egrep "ApiEndpoint|SiteUrl" | awk '{print $2}')
119+
if [[ ${{ inputs.preview }} == true ]]; then
120+
if [[ -n "${{ inputs.stack-name }}" ]]; then
121+
yarn sst deploy --stage pr-${{ github.event.number }}-${{ env.GITHUB_HEAD_REF_SLUG }} ${{ inputs.stack-name }} | tee deploy-output.log
122+
else
123+
yarn sst deploy --stage pr-${{ github.event.number }}-${{ env.GITHUB_HEAD_REF_SLUG }} | tee deploy-output.log
124+
fi
125+
else
126+
if [[ -n "${{ inputs.stack-name }}" ]]; then
127+
yarn sst deploy --stage ${{ inputs.app-env }} ${{ inputs.stack-name }} | tee deploy-output.log
128+
else
129+
yarn sst deploy --stage ${{ inputs.app-env }} | tee deploy-output.log
130+
fi
131+
fi
132+
api_endpoint=$(cat deploy-output.log | egrep "ApiEndpoint|SiteUrl" | awk '{print $2}')
60133
echo "API endpoint: $api_endpoint"
61134
echo "API_ENDPOINT_URL=$api_endpoint" >> $GITHUB_ENV
62-
63-
- name: Destroy SST App for Preview app environment
64-
if: ${{ ( github.event.action == 'labeled' && github.event.label.name == 'destroy' && inputs.app-env == 'preview' ) || (github.event.action == 'closed' && inputs.app-env == 'preview' || github.event.pull_request.merged == true && inputs.app-env == 'preview') }}
135+
136+
- name: Destroy preview env
137+
if: ${{ ( github.event.action == 'labeled' && github.event.label.name == 'destroy' && inputs.preview == 'true' ) || (github.event.action == 'closed' && inputs.preview == 'true' || github.event.pull_request.merged == true && inputs.preview == 'true' ) }}
65138
run: yarn sst remove --stage pr-${{ github.event.number }}-${{ env.GITHUB_HEAD_REF_SLUG }}
139+
140+
- name: Cleanup preview env deployment
141+
if: ${{ ( github.event.action == 'labeled' && github.event.label.name == 'destroy' && inputs.preview == 'true' ) || (github.event.action == 'closed' && inputs.preview == 'true' || github.event.pull_request.merged == true && inputs.preview == 'true' ) }}
142+
uses: strumwolf/[email protected]
143+
with:
144+
token: ${{ secrets.token }}
145+
environment: ${{ github.head_ref }}

0 commit comments

Comments
 (0)