1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54name: Deploy Apps
on:
push:
branches: ["main", "staging"]
paths:
- 'apps/**'
- '.github/workflows/deploy-apps.yml'
permissions:
id-token: write
contents: read
env:
AWS_ROLE: arn:aws:iam::380610849750:role/github-deploy-equalifyeverything-equalify
AWS_REGION: us-east-2
jobs:
frontend:
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: ${{ env.AWS_ROLE }}
role-session-name: github-deploy-frontend
aws-region: ${{ env.AWS_REGION }}
- name: Create Vite build, sync to S3, & invalidate Cloudfront
run: |
cd apps/frontend
npm install --force
npx vite build --mode ${{ github.ref == 'refs/heads/main' && 'production' || 'staging' }}
aws s3 sync --delete ./dist ${{ github.ref == 'refs/heads/main' && 's3://equalifyuic-web' || 's3://equalifyuic-web-staging' }}
aws cloudfront create-invalidation --distribution-id ${{ github.ref == 'refs/heads/main' && 'ERS6SZU2YGMXQ' || 'ET2ZPWOHURCZ0' }} --paths "/*" > /dev/null
backend:
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: ${{ env.AWS_ROLE }}
role-session-name: github-deploy-backend
aws-region: ${{ env.AWS_REGION }}
- name: Deploy to Lambda
run: |
cd apps/backend
npm install
npx esbuild index.ts --bundle --platform=node --outdir=dist --external:@aws-sdk
cd dist
zip -r lambda.zip index.js > /dev/null
aws lambda update-function-code --function-name equalifyuic-api${{ github.ref != 'refs/heads/main' && '-staging' || '' }} --zip-file fileb://lambda.zip > /dev/null