Skip to content

Merge pull request #17087 from cagov/create-pull-request/patch #5181

Merge pull request #17087 from cagov/create-pull-request/patch

Merge pull request #17087 from cagov/create-pull-request/patch #5181

name: 11ty build Production Site
# site: https://headless.cannabis.ca.gov
# s3 bucket http://cannabis.ca.gov.live.s3-website-us-west-1.amazonaws.com
# editor: https://api.cannabis.ca.gov
on:
workflow_run:
workflows: ["Update static content [main]"]
types: ['completed']
branches:
- main
push:
branches:
- main
concurrency:
group: sync_deployments
cancel-in-progress: true
jobs:
build_deploy:
runs-on: ubuntu-20.04
steps:
- uses: actions/checkout@master
- uses: actions/setup-node@master
with:
node-version: 18.16.0
cache: 'npm'
- name: Install packages
run: |
mkdir dist
npm ci --production
- name: Build 11ty
run: |
SITE_ENV=production DOMAIN=cannabis.ca.gov npm run build
- name: Write robots.txt
run: |
echo 'User-agent: *' > docs/robots.txt
echo 'Allow: /' >> docs/robots.txt
echo 'Sitemap: https://cannabis.ca.gov/sitemap.xml' >> docs/robots.txt
# deploy built files to separate branch that contains only built files that github pages uses to serve site
- name: Deploy to github pages branch
uses: peaceiris/[email protected]
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
publish_dir: ./docs
publish_branch: deploy_production
# Set up AWS CLI
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@master
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID_MUKHTAR }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY_MUKHTAR }}
aws-region: us-west-1
# Deploy to cannabis.ca.gov
# jbum added exclude
- name: Deploy to S3 (cannabis.ca.gov.live)
run: aws s3 sync --follow-symlinks --delete ./docs s3://cannabis.ca.gov.live --exclude 'wp-content/uploads/*'
# Reset the cache-control headers on static assets on production S3 bucket
- name: Reset cache-control on fonts
uses: prewk/s3-cp-action@v2
with:
aws_access_key_id: ${{ secrets.AWS_ACCESS_KEY_ID_MUKHTAR }}
aws_secret_access_key: ${{ secrets.AWS_SECRET_ACCESS_KEY_MUKHTAR }}
aws_region: 'us-west-1' # optional: defaults to us-east-1
source: './docs/fonts'
dest: 's3://cannabis.ca.gov.live/fonts'
flags: --recursive --cache-control max-age=15552000
- name: Reset cache-control on assets
uses: prewk/s3-cp-action@v2
with:
aws_access_key_id: ${{ secrets.AWS_ACCESS_KEY_ID_MUKHTAR }}
aws_secret_access_key: ${{ secrets.AWS_SECRET_ACCESS_KEY_MUKHTAR }}
aws_region: 'us-west-1' # optional: defaults to us-east-1
source: './docs/assets'
dest: 's3://cannabis.ca.gov.live/assets'
flags: --recursive --cache-control max-age=15552000
# - name: Reset cache-control on media
# uses: prewk/s3-cp-action@v2
# with:
# aws_access_key_id: ${{ secrets.AWS_ACCESS_KEY_ID_MUKHTAR }}
# aws_secret_access_key: ${{ secrets.AWS_SECRET_ACCESS_KEY_MUKHTAR }}
# aws_region: 'us-west-1' # optional: defaults to us-east-1
# source: './docs/wp-content/uploads/sites/2'
# dest: 's3://cannabis.ca.gov/wp-content/uploads/sites/2'
# flags: --recursive --cache-control max-age=15552000
- name: Deploy redirects
run: |
AWS_ACCESS_KEY_ID=${{ secrets.AWS_ACCESS_KEY_ID_MUKHTAR }} AWS_SECRET_ACCESS_KEY=${{ secrets.AWS_SECRET_ACCESS_KEY_MUKHTAR }} npm run deploy:redirects
- name: Invalidate Cloudfront (cannabis.ca.gov)
env:
AWS_RETRY_MODE: standard
AWS_MAX_ATTEMPTS: 6
run: aws cloudfront create-invalidation --distribution-id E314Q1K8WYSBBI --paths "/*"