58c165749d
Some checks failed
Deploy / deploy (push) Failing after 6m11s
- Add Gitea Actions workflow for automated frontend and API deployment - Update all raw download URLs from GitHub to Gitea - Remove deprecated Amplify config and GitHub-specific Terraform variables - Clean up commented-out Amplify resources from Terraform - Update documentation to reflect new repository and CI/CD setup
118 lines
4.0 KiB
YAML
118 lines
4.0 KiB
YAML
name: Deploy
|
|
|
|
on:
|
|
push:
|
|
branches: [main]
|
|
|
|
jobs:
|
|
deploy:
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- name: Checkout
|
|
uses: actions/checkout@v4
|
|
with:
|
|
fetch-depth: 2
|
|
|
|
- name: Detect changes
|
|
id: changes
|
|
run: |
|
|
FRONTEND_CHANGED=false
|
|
API_CHANGED=false
|
|
|
|
if git diff --name-only HEAD~1 HEAD | grep -qvE '^api/'; then
|
|
FRONTEND_CHANGED=true
|
|
fi
|
|
|
|
if git diff --name-only HEAD~1 HEAD | grep -qE '^api/'; then
|
|
API_CHANGED=true
|
|
fi
|
|
|
|
echo "frontend=$FRONTEND_CHANGED" >> $GITHUB_OUTPUT
|
|
echo "api=$API_CHANGED" >> $GITHUB_OUTPUT
|
|
echo "Frontend changed: $FRONTEND_CHANGED"
|
|
echo "API changed: $API_CHANGED"
|
|
|
|
# ── Frontend Deploy ──────────────────────────────────────────────
|
|
- name: Setup Node.js
|
|
if: steps.changes.outputs.frontend == 'true'
|
|
uses: actions/setup-node@v4
|
|
with:
|
|
node-version: 18
|
|
cache: npm
|
|
|
|
- name: Install dependencies
|
|
if: steps.changes.outputs.frontend == 'true'
|
|
run: npm ci
|
|
|
|
- name: Security check
|
|
if: steps.changes.outputs.frontend == 'true'
|
|
run: npm run security:check
|
|
|
|
- name: Run tests
|
|
if: steps.changes.outputs.frontend == 'true'
|
|
run: npm test -- --passWithNoTests
|
|
|
|
- name: Build Next.js
|
|
if: steps.changes.outputs.frontend == 'true'
|
|
run: npm run build
|
|
env:
|
|
NEXT_PUBLIC_API_URL: ${{ vars.NEXT_PUBLIC_API_URL }}
|
|
NEXT_PUBLIC_MATOMO_URL: ${{ vars.NEXT_PUBLIC_MATOMO_URL }}
|
|
NEXT_PUBLIC_MATOMO_SITE_ID: ${{ vars.NEXT_PUBLIC_MATOMO_SITE_ID }}
|
|
|
|
- name: Configure AWS credentials
|
|
if: steps.changes.outputs.frontend == 'true' || steps.changes.outputs.api == 'true'
|
|
uses: aws-actions/configure-aws-credentials@v4
|
|
with:
|
|
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
|
|
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
|
|
aws-region: ${{ vars.AWS_REGION }}
|
|
|
|
- name: Deploy to S3
|
|
if: steps.changes.outputs.frontend == 'true'
|
|
run: |
|
|
S3_BUCKET="${{ vars.S3_BUCKET }}"
|
|
|
|
# Upload HTML files with no-cache
|
|
aws s3 sync out/ s3://$S3_BUCKET/ \
|
|
--delete \
|
|
--exclude "*" \
|
|
--include "*.html" \
|
|
--cache-control "public, max-age=0, must-revalidate" \
|
|
--content-type "text/html"
|
|
|
|
# Upload _next static assets with immutable 1-year cache
|
|
aws s3 sync out/_next/ s3://$S3_BUCKET/_next/ \
|
|
--cache-control "public, max-age=31536000, immutable"
|
|
|
|
# Upload other assets with 1-day cache
|
|
aws s3 sync out/ s3://$S3_BUCKET/ \
|
|
--exclude "*.html" \
|
|
--exclude "_next/*" \
|
|
--cache-control "public, max-age=86400"
|
|
|
|
- name: Invalidate CloudFront
|
|
if: steps.changes.outputs.frontend == 'true'
|
|
run: |
|
|
aws cloudfront create-invalidation \
|
|
--distribution-id ${{ secrets.CLOUDFRONT_DISTRIBUTION_ID }} \
|
|
--paths "/*"
|
|
|
|
# ── API Deploy ───────────────────────────────────────────────────
|
|
- name: Deploy API via SSM
|
|
if: steps.changes.outputs.api == 'true'
|
|
run: |
|
|
aws ssm send-command \
|
|
--region ${{ vars.AWS_REGION }} \
|
|
--instance-ids "${{ vars.INSTANCE_ID }}" \
|
|
--document-name "AWS-RunShellScript" \
|
|
--parameters 'commands=[
|
|
"cd /home/ubuntu/filamenteka-api",
|
|
"cp server.js server.js.backup",
|
|
"curl -o server.js https://git.demirix.dev/dax/Filamenteka/raw/branch/main/api/server.js",
|
|
"sudo systemctl restart node-api",
|
|
"sudo systemctl status node-api"
|
|
]' \
|
|
--output json
|
|
echo "API deploy command sent via SSM"
|