|
| 1 | +# Copyright 2026 EPAM Systems |
| 2 | +# Licensed under the Apache License, Version 2.0 (the "License"); |
| 3 | +# you may not use this file except in compliance with the License. |
| 4 | +# You may obtain a copy of the License at |
| 5 | +# |
| 6 | +# http://www.apache.org/licenses/LICENSE-2.0 |
| 7 | +# |
| 8 | +# Unless required by applicable law or agreed to in writing, software |
| 9 | +# distributed under the License is distributed on an "AS IS" BASIS, |
| 10 | +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| 11 | +# See the License for the specific language governing permissions and |
| 12 | +# limitations under the License. |
| 13 | + |
| 14 | +name: Deploy to prod (AWS S3) |
| 15 | +env: |
| 16 | + AWS_S3_BUCKET_NAME : rpp-landing-prod |
| 17 | + AWS_REGION_NAME : eu-central-1 |
| 18 | + BUILD_DIR : "build/" |
| 19 | + DOCS_BASE_URL: "/docs/" |
| 20 | + |
| 21 | +on: |
| 22 | + push: |
| 23 | + branches: |
| 24 | + - master |
| 25 | + paths-ignore: |
| 26 | + - '.github/**' |
| 27 | + - README.md |
| 28 | + workflow_dispatch: |
| 29 | + |
| 30 | +permissions: |
| 31 | + id-token: write |
| 32 | + contents: write |
| 33 | + |
| 34 | +jobs: |
| 35 | + sync-versions: |
| 36 | + uses: ./.github/workflows/sync-releases.yml |
| 37 | + with: |
| 38 | + scope: 'last-2' |
| 39 | + secrets: |
| 40 | + GH_TOKEN: ${{ secrets.GH_TOKEN }} |
| 41 | + |
| 42 | + clean-docs-folder: |
| 43 | + runs-on: ubuntu-latest |
| 44 | + environment: production |
| 45 | + steps: |
| 46 | + - name: Configure AWS credentials (OIDC) |
| 47 | + uses: aws-actions/configure-aws-credentials@v4 |
| 48 | + with: |
| 49 | + role-to-assume: ${{ secrets.AWS_ROLE_ARN }} |
| 50 | + aws-region: ${{ env.AWS_REGION_NAME }} |
| 51 | + |
| 52 | + - name: Clear docs folder in S3 bucket |
| 53 | + run: | |
| 54 | + if aws s3 ls "s3://${{ env.AWS_S3_BUCKET_NAME }}/docs/" 2>/dev/null; then |
| 55 | + echo "docs/ folder exists, removing it..." |
| 56 | + aws s3 rm s3://${{ env.AWS_S3_BUCKET_NAME }}/docs/ --recursive |
| 57 | + else |
| 58 | + echo "docs/ folder does not exist, nothing to clean." |
| 59 | + fi |
| 60 | +
|
| 61 | + deploy: |
| 62 | + runs-on: ubuntu-latest |
| 63 | + needs: [sync-versions, clean-docs-folder] |
| 64 | + environment: production |
| 65 | + steps: |
| 66 | + - name: Checkout repository |
| 67 | + uses: actions/checkout@v4 |
| 68 | + with: |
| 69 | + ref: master |
| 70 | + |
| 71 | + - name: Pull latest changes |
| 72 | + run: git pull origin master |
| 73 | + |
| 74 | + - name: Set up Node.js |
| 75 | + uses: actions/setup-node@v4 |
| 76 | + with: |
| 77 | + node-version: 20 |
| 78 | + |
| 79 | + - name: Install of node dependencies |
| 80 | + run: npm ci |
| 81 | + |
| 82 | + - name: create env file |
| 83 | + run: | |
| 84 | + touch .env |
| 85 | + echo DOCS_BASE_URL=${{ env.DOCS_BASE_URL }} >> .env |
| 86 | +
|
| 87 | + - name: Build the source code |
| 88 | + run: npm run build |
| 89 | + |
| 90 | + - name: Configure AWS credentials (OIDC) |
| 91 | + uses: aws-actions/configure-aws-credentials@v4 |
| 92 | + with: |
| 93 | + role-to-assume: ${{ secrets.AWS_ROLE_ARN }} |
| 94 | + aws-region: ${{ env.AWS_REGION_NAME }} |
| 95 | + |
| 96 | + - name: Deploy to AWS S3 |
| 97 | + run: aws s3 sync ./${{ env.BUILD_DIR }} s3://${{ env.AWS_S3_BUCKET_NAME }}/docs/ |
| 98 | + |
| 99 | + - name: Trigger Amplify redeploy |
| 100 | + run: | |
| 101 | + aws s3 sync s3://${{ env.AWS_S3_BUCKET_NAME }} /tmp/full-site |
| 102 | +
|
| 103 | + DEPLOY_RESULT=$(aws amplify create-deployment \ |
| 104 | + --app-id ${{ secrets.AWS_AMPLIFY_APP_ID }} \ |
| 105 | + --branch-name production) |
| 106 | +
|
| 107 | + JOB_ID=$(echo "$DEPLOY_RESULT" | jq -r '.jobId') |
| 108 | + ZIP_URL=$(echo "$DEPLOY_RESULT" | jq -r '.zipUploadUrl') |
| 109 | +
|
| 110 | + cd /tmp/full-site |
| 111 | + zip -r /tmp/deploy.zip . |
| 112 | +
|
| 113 | + curl --fail -T /tmp/deploy.zip "$ZIP_URL" |
| 114 | +
|
| 115 | + aws amplify start-deployment \ |
| 116 | + --app-id ${{ secrets.AWS_AMPLIFY_APP_ID }} \ |
| 117 | + --branch-name production \ |
| 118 | + --job-id "$JOB_ID" |
| 119 | +
|
| 120 | + merge-to-develop: |
| 121 | + needs: deploy |
| 122 | + runs-on: ubuntu-latest |
| 123 | + steps: |
| 124 | + - name: Checkout repository |
| 125 | + uses: actions/checkout@v4 |
| 126 | + with: |
| 127 | + ref: master |
| 128 | + fetch-depth: 0 |
| 129 | + token: ${{ secrets.GH_TOKEN }} |
| 130 | + |
| 131 | + - name: Merge master into develop |
| 132 | + run: | |
| 133 | + git config user.name "github-actions[bot]" |
| 134 | + git config user.email "github-actions[bot]@users.noreply.github.com" |
| 135 | + if ! git fetch origin develop:develop 2>/dev/null; then |
| 136 | + echo "::warning::develop branch not found, skipping merge." |
| 137 | + exit 0 |
| 138 | + fi |
| 139 | + if git diff --quiet develop..master; then |
| 140 | + echo "No differences between master and develop, skipping merge." |
| 141 | + exit 0 |
| 142 | + fi |
| 143 | + git checkout develop |
| 144 | + if ! git merge --no-ff master -m "Sync || merge master into develop"; then |
| 145 | + echo "::error::Merge conflict detected when merging master into develop." |
| 146 | + git merge --abort |
| 147 | + exit 1 |
| 148 | + fi |
| 149 | + git push origin develop |
0 commit comments