.github/workflows/deploy.yml

name: Deployment

on:
  push:
    branches:
      - main
    paths:
      - '.cicd/**'
      - '.github/workflows/**'
      - 'src/**'
      - 'public/**'
      - 'package.json'
      - 'yarn.lock'
      - '*.js'
  workflow_dispatch:

jobs:
  terraform:
    runs-on: ubuntu-latest
    steps:
      - name: Clone the repository code
        uses: actions/checkout@v2
      - name: Setup the Terraform CLI
        uses: hashicorp/setup-terraform@v2
      - name: Setup AWS Credentials
        run: |
          mkdir ~/.aws
          echo "[default]" > ~/.aws/credentials
          echo "aws_access_key_id = ${{ secrets.AWS_ACCESS_KEY_ID }}" >> ~/.aws/credentials
          echo "aws_secret_access_key = ${{ secrets.AWS_SECRET_ACCESS_KEY }}" >> ~/.aws/credentials
          AWS_PROFILE=default && echo AWS_PROFILE=$AWS_PROFILE >> $GITHUB_ENV
      - name: Initialize the Terraform working directory
        working-directory: .cicd/terraform
        id: init
        run: terraform init -input=false
      - name: Apply the Terraform execution plan
        working-directory: .cicd/terraform
        id: plan
        run: terraform apply -no-color -auto-approve
        env:
          TF_VAR_github_pat: ${{ secrets.GH_PAT }}

  build_and_sync:
    name: Build project and Deploy
    runs-on: ubuntu-latest
    steps:
      - name: Clone the repository code
        uses: actions/checkout@v2
      - name: Setup NodeJS
        uses: actions/setup-node@v2
        with: 
          node-version: "lts/*"
      - name: Build project
        run: |
          yarn install
          PUBLIC_AUTH0_DOMAIN=${{ vars.AUTH0_DOMAIN }} \
          PUBLIC_AUTH0_CLIENT_ID=${{ vars.AUTH0_CLIENT_ID }} \
          AUTH0_SECRET=${{ secrets.AUTH0_SECRET }} \
          PUBLIC_AUTH0_REDIRECT_URI=${{ vars.AUTH0_REDIRECT_URI }} \
          PUBLIC_AUTH0_LOGOUT_URI=${{ vars.AUTH0_LOGOUT_URI }} \
          yarn build
      - name: Configure AWS credentials
        uses: aws-actions/configure-aws-credentials@v1
        with:
          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
          aws-region: sa-east-1
      - name: Create .env file
        run: |
          echo "PUBLIC_AUTH0_DOMAIN=${{ vars.AUTH0_DOMAIN }}" >> .env
          echo "PUBLIC_AUTH0_CLIENT_ID=${{ vars.AUTH0_CLIENT_ID }}" >> .env
          echo "AUTH0_SECRET=${{ secrets.AUTH0_SECRET }}" >> .env
          echo "PUBLIC_AUTH0_REDIRECT_URI=${{ vars.AUTH0_REDIRECT_URI }}" >> .env
          echo "PUBLIC_AUTH0_LOGOUT_URI=${{ vars.AUTH0_LOGOUT_URI }}" >> .env
      - name: serverless deploy
        uses: serverless/github-action@v3.2
        with:
          args: deploy