Merge pull request #17052 from cagov/create-pull-request/patch #5168
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: 11ty build Production Site | |
# site: https://headless.cannabis.ca.gov | |
# s3 bucket http://cannabis.ca.gov.live.s3-website-us-west-1.amazonaws.com | |
# editor: https://api.cannabis.ca.gov | |
on: | |
workflow_run: | |
workflows: ["Update static content [main]"] | |
types: ['completed'] | |
branches: | |
- main | |
push: | |
branches: | |
- main | |
concurrency: | |
group: sync_deployments | |
cancel-in-progress: true | |
jobs: | |
build_deploy: | |
runs-on: ubuntu-20.04 | |
steps: | |
- uses: actions/checkout@master | |
- uses: actions/setup-node@master | |
with: | |
node-version: 18.16.0 | |
cache: 'npm' | |
- name: Install packages | |
run: | | |
mkdir dist | |
npm ci --production | |
- name: Build 11ty | |
run: | | |
SITE_ENV=production DOMAIN=cannabis.ca.gov npm run build | |
- name: Write robots.txt | |
run: | | |
echo 'User-agent: *' > docs/robots.txt | |
echo 'Allow: /' >> docs/robots.txt | |
echo 'Sitemap: https://cannabis.ca.gov/sitemap.xml' >> docs/robots.txt | |
# deploy built files to separate branch that contains only built files that github pages uses to serve site | |
- name: Deploy to github pages branch | |
uses: peaceiris/[email protected] | |
with: | |
github_token: ${{ secrets.GITHUB_TOKEN }} | |
publish_dir: ./docs | |
publish_branch: deploy_production | |
# Set up AWS CLI | |
- name: Configure AWS Credentials | |
uses: aws-actions/configure-aws-credentials@master | |
with: | |
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID_MUKHTAR }} | |
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY_MUKHTAR }} | |
aws-region: us-west-1 | |
# Deploy to cannabis.ca.gov | |
# jbum added exclude | |
- name: Deploy to S3 (cannabis.ca.gov.live) | |
run: aws s3 sync --follow-symlinks --delete ./docs s3://cannabis.ca.gov.live --exclude 'wp-content/uploads/*' | |
# Reset the cache-control headers on static assets on production S3 bucket | |
- name: Reset cache-control on fonts | |
uses: prewk/s3-cp-action@v2 | |
with: | |
aws_access_key_id: ${{ secrets.AWS_ACCESS_KEY_ID_MUKHTAR }} | |
aws_secret_access_key: ${{ secrets.AWS_SECRET_ACCESS_KEY_MUKHTAR }} | |
aws_region: 'us-west-1' # optional: defaults to us-east-1 | |
source: './docs/fonts' | |
dest: 's3://cannabis.ca.gov.live/fonts' | |
flags: --recursive --cache-control max-age=15552000 | |
- name: Reset cache-control on assets | |
uses: prewk/s3-cp-action@v2 | |
with: | |
aws_access_key_id: ${{ secrets.AWS_ACCESS_KEY_ID_MUKHTAR }} | |
aws_secret_access_key: ${{ secrets.AWS_SECRET_ACCESS_KEY_MUKHTAR }} | |
aws_region: 'us-west-1' # optional: defaults to us-east-1 | |
source: './docs/assets' | |
dest: 's3://cannabis.ca.gov.live/assets' | |
flags: --recursive --cache-control max-age=15552000 | |
# - name: Reset cache-control on media | |
# uses: prewk/s3-cp-action@v2 | |
# with: | |
# aws_access_key_id: ${{ secrets.AWS_ACCESS_KEY_ID_MUKHTAR }} | |
# aws_secret_access_key: ${{ secrets.AWS_SECRET_ACCESS_KEY_MUKHTAR }} | |
# aws_region: 'us-west-1' # optional: defaults to us-east-1 | |
# source: './docs/wp-content/uploads/sites/2' | |
# dest: 's3://cannabis.ca.gov/wp-content/uploads/sites/2' | |
# flags: --recursive --cache-control max-age=15552000 | |
- name: Deploy redirects | |
run: | | |
AWS_ACCESS_KEY_ID=${{ secrets.AWS_ACCESS_KEY_ID_MUKHTAR }} AWS_SECRET_ACCESS_KEY=${{ secrets.AWS_SECRET_ACCESS_KEY_MUKHTAR }} npm run deploy:redirects | |
- name: Invalidate Cloudfront (cannabis.ca.gov) | |
env: | |
AWS_RETRY_MODE: standard | |
AWS_MAX_ATTEMPTS: 6 | |
run: aws cloudfront create-invalidation --distribution-id E314Q1K8WYSBBI --paths "/*" |