Skip to content

Commit

Permalink
aws transition prep
Browse files Browse the repository at this point in the history
  • Loading branch information
Mukhtar Mukhtar committed Aug 2, 2024
1 parent 1590e2d commit 4346521
Show file tree
Hide file tree
Showing 6 changed files with 196 additions and 54 deletions.
34 changes: 15 additions & 19 deletions .github/workflows/eleventy_build_main.yml
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
name: 11ty build Production Site
# site: https://headless.cannabis.ca.gov
# s3 bucket http://headless.cannabis.ca.gov.s3-website-us-west-1.amazonaws.com/
# s3 bucket http://cannabis.ca.gov.live.s3-website-us-west-1.amazonaws.com
# editor: https://api.cannabis.ca.gov
on:
workflow_run:
Expand Down Expand Up @@ -49,53 +49,49 @@ jobs:
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@master
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID_MUKHTAR }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY_MUKHTAR }}
aws-region: us-west-1

# Deploy to cannabis.ca.gov
# jbum added exclude
- name: Deploy to S3 (cannabis.ca.gov)
run: aws s3 sync --follow-symlinks --delete ./docs s3://cannabis.ca.gov --exclude 'wp-content/uploads/*'
- name: Deploy to S3 (cannabis.ca.gov.live)
run: aws s3 sync --follow-symlinks --delete ./docs s3://cannabis.ca.gov.live --exclude 'wp-content/uploads/*'
# Reset the cache-control headers on static assets on production S3 bucket
- name: Reset cache-control on fonts
uses: prewk/s3-cp-action@v2
with:
aws_access_key_id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws_secret_access_key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws_access_key_id: ${{ secrets.AWS_ACCESS_KEY_ID_MUKHTAR }}
aws_secret_access_key: ${{ secrets.AWS_SECRET_ACCESS_KEY_MUKHTAR }}
aws_region: 'us-west-1' # optional: defaults to us-east-1
source: './docs/fonts'
dest: 's3://cannabis.ca.gov/fonts'
dest: 's3://cannabis.ca.gov.live/fonts'
flags: --recursive --cache-control max-age=15552000
- name: Reset cache-control on assets
uses: prewk/s3-cp-action@v2
with:
aws_access_key_id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws_secret_access_key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws_access_key_id: ${{ secrets.AWS_ACCESS_KEY_ID_MUKHTAR }}
aws_secret_access_key: ${{ secrets.AWS_SECRET_ACCESS_KEY_MUKHTAR }}
aws_region: 'us-west-1' # optional: defaults to us-east-1
source: './docs/assets'
dest: 's3://cannabis.ca.gov/assets'
dest: 's3://cannabis.ca.gov.live/assets'
flags: --recursive --cache-control max-age=15552000
# - name: Reset cache-control on media
# uses: prewk/s3-cp-action@v2
# with:
# aws_access_key_id: ${{ secrets.AWS_ACCESS_KEY_ID }}
# aws_secret_access_key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
# aws_access_key_id: ${{ secrets.AWS_ACCESS_KEY_ID_MUKHTAR }}
# aws_secret_access_key: ${{ secrets.AWS_SECRET_ACCESS_KEY_MUKHTAR }}
# aws_region: 'us-west-1' # optional: defaults to us-east-1
# source: './docs/wp-content/uploads/sites/2'
# dest: 's3://cannabis.ca.gov/wp-content/uploads/sites/2'
# flags: --recursive --cache-control max-age=15552000

- name: Deploy redirects
run: |
AWS_ACCESS_KEY_ID=${{ secrets.AWS_ACCESS_KEY_ID }} AWS_SECRET_ACCESS_KEY=${{ secrets.AWS_SECRET_ACCESS_KEY }} npm run deploy:redirects
AWS_ACCESS_KEY_ID=${{ secrets.AWS_ACCESS_KEY_ID_MUKHTAR }} AWS_SECRET_ACCESS_KEY=${{ secrets.AWS_SECRET_ACCESS_KEY_MUKHTAR }} npm run deploy:redirects
- name: Invalidate Cloudfront (cannabis.ca.gov)
env:
AWS_RETRY_MODE: standard
AWS_MAX_ATTEMPTS: 6
run: aws cloudfront create-invalidation --distribution-id E2RLC9PDB1JLNI --paths "/*"




run: aws cloudfront create-invalidation --distribution-id E314Q1K8WYSBBI --paths "/*"
32 changes: 14 additions & 18 deletions ...workflows/eleventy_build_main_mukhtar.yml → ...hub/workflows/eleventy_build_main_old.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -49,53 +49,49 @@ jobs:
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@master
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID_MUKHTAR }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY_MUKHTAR }}
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: us-west-1

# Deploy to cannabis.ca.gov
# jbum added exclude
- name: Deploy to S3 (cannabis.ca.gov.live)
run: aws s3 sync --follow-symlinks --delete ./docs s3://cannabis.ca.gov.live --exclude 'wp-content/uploads/*'
- name: Deploy to S3 (cannabis.ca.gov)
run: aws s3 sync --follow-symlinks --delete ./docs s3://cannabis.ca.gov --exclude 'wp-content/uploads/*'
# Reset the cache-control headers on static assets on production S3 bucket
- name: Reset cache-control on fonts
uses: prewk/s3-cp-action@v2
with:
aws_access_key_id: ${{ secrets.AWS_ACCESS_KEY_ID_MUKHTAR }}
aws_secret_access_key: ${{ secrets.AWS_SECRET_ACCESS_KEY_MUKHTAR }}
aws_access_key_id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws_secret_access_key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws_region: 'us-west-1' # optional: defaults to us-east-1
source: './docs/fonts'
dest: 's3://cannabis.ca.gov.live/fonts'
dest: 's3://cannabis.ca.gov/fonts'
flags: --recursive --cache-control max-age=15552000
- name: Reset cache-control on assets
uses: prewk/s3-cp-action@v2
with:
aws_access_key_id: ${{ secrets.AWS_ACCESS_KEY_ID_MUKHTAR }}
aws_secret_access_key: ${{ secrets.AWS_SECRET_ACCESS_KEY_MUKHTAR }}
aws_access_key_id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws_secret_access_key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws_region: 'us-west-1' # optional: defaults to us-east-1
source: './docs/assets'
dest: 's3://cannabis.ca.gov.live/assets'
dest: 's3://cannabis.ca.gov/assets'
flags: --recursive --cache-control max-age=15552000
# - name: Reset cache-control on media
# uses: prewk/s3-cp-action@v2
# with:
# aws_access_key_id: ${{ secrets.AWS_ACCESS_KEY_ID_MUKHTAR }}
# aws_secret_access_key: ${{ secrets.AWS_SECRET_ACCESS_KEY_MUKHTAR }}
# aws_access_key_id: ${{ secrets.AWS_ACCESS_KEY_ID }}
# aws_secret_access_key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
# aws_region: 'us-west-1' # optional: defaults to us-east-1
# source: './docs/wp-content/uploads/sites/2'
# dest: 's3://cannabis.ca.gov/wp-content/uploads/sites/2'
# flags: --recursive --cache-control max-age=15552000

- name: Deploy redirects
run: |
AWS_ACCESS_KEY_ID=${{ secrets.AWS_ACCESS_KEY_ID_MUKHTAR }} AWS_SECRET_ACCESS_KEY=${{ secrets.AWS_SECRET_ACCESS_KEY_MUKHTAR }} npm run deploy:redirects
AWS_ACCESS_KEY_ID=${{ secrets.AWS_ACCESS_KEY_ID }} AWS_SECRET_ACCESS_KEY=${{ secrets.AWS_SECRET_ACCESS_KEY }} npm run deploy:redirects
- name: Invalidate Cloudfront (cannabis.ca.gov)
env:
AWS_RETRY_MODE: standard
AWS_MAX_ATTEMPTS: 6
run: aws cloudfront create-invalidation --distribution-id E314Q1K8WYSBBI --paths "/*"




run: aws cloudfront create-invalidation --distribution-id E2RLC9PDB1JLNI --paths "/*"
10 changes: 5 additions & 5 deletions .github/workflows/eleventy_build_pr.yml
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
name: Deploy PR Preview cannabis.ca.gov
# site: https://[branch-name].pr.cannabis.ca.gov
# s3 bucket http://pr.cannabis.ca.gov.s3-website-us-west-1.amazonaws.com/
# s3 bucket http://pr.cannabis.ca.gov.live.s3-website-us-west-1.amazonaws.com
# editor: https://api.cannabis.ca.gov
on:
pull_request:
Expand Down Expand Up @@ -47,14 +47,14 @@ jobs:
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@master
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID_MUKHTAR }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY_MUKHTAR }}
aws-region: us-west-1
# jbum added exclude
- name: Deploy to S3
run: aws s3 sync --follow-symlinks --delete ./docs s3://pr.cannabis.ca.gov/pr/${URLSAFE_BRANCH_NAME} --exclude 'wp-content/uploads/*'
run: aws s3 sync --follow-symlinks --delete ./docs s3://pr.cannabis.ca.gov.live/pr/${URLSAFE_BRANCH_NAME} --exclude 'wp-content/uploads/*'
- name: Invalidate CloudFront cache
run: aws cloudfront create-invalidation --distribution-id ELR9BZ6ZDNOSW --paths "/*"
run: aws cloudfront create-invalidation --distribution-id E36Q5U59Q91THE --paths "/*"
- name: Post URL to PR
uses: mshick/add-pr-comment@v1
with:
Expand Down
65 changes: 65 additions & 0 deletions .github/workflows/eleventy_build_pr_old.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,65 @@
name: Deploy PR Preview cannabis.ca.gov
# site: https://[branch-name].pr.cannabis.ca.gov
# s3 bucket http://pr.cannabis.ca.gov.s3-website-us-west-1.amazonaws.com/
# editor: https://api.cannabis.ca.gov
on:
pull_request:
types:
- opened
- synchronize
- ready_for_review
- reopened
jobs:
build_deploy:
runs-on: ubuntu-20.04
steps:
- uses: n1hility/cancel-previous-runs@v2
with:
token: ${{ secrets.GITHUB_TOKEN }}
- uses: actions/checkout@master
- name: Use Node.js 18.x
uses: actions/setup-node@v1
with:
node-version: 18.16.0
- name: Get branch name (merge)
if: github.event_name != 'pull_request'
shell: bash
run: echo "BRANCH_NAME=$(echo ${GITHUB_REF#refs/heads/})" >> $GITHUB_ENV
- name: Get branch name (pull request)
if: github.event_name == 'pull_request'
shell: bash
run: echo "BRANCH_NAME=$(echo ${GITHUB_HEAD_REF})" >> $GITHUB_ENV
- name: Escape branch name for URL
shell: bash
run: echo "URLSAFE_BRANCH_NAME=$(echo ${BRANCH_NAME} | tr '[:upper:]' '[:lower:]' | sed 's|[^A-Za-z0-9-]|-|g' | sed -E 's|-*([A-Za-z0-9]*.*[A-Za-z0-9]+)-*|\1|')" >> $GITHUB_ENV
- name: Report escaped branch name
shell: bash
run: echo ${URLSAFE_BRANCH_NAME}
- name: Build 11ty
run: |
mkdir dist
npm ci --legacy-peer-deps
SITE_ENV=production DOMAIN=${URLSAFE_BRANCH_NAME}.pr.cannabis.ca.gov npm run build
- name: Write robots.txt
run: |
echo 'User-agent: *' > docs/robots.txt
echo 'Disallow: /' >> docs/robots.txt
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@master
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: us-west-1
# jbum added exclude
- name: Deploy to S3
run: aws s3 sync --follow-symlinks --delete ./docs s3://pr.cannabis.ca.gov/pr/${URLSAFE_BRANCH_NAME} --exclude 'wp-content/uploads/*'
- name: Invalidate CloudFront cache
run: aws cloudfront create-invalidation --distribution-id ELR9BZ6ZDNOSW --paths "/*"
- name: Post URL to PR
uses: mshick/add-pr-comment@v1
with:
message: |
Preview site available at [${{ env.URLSAFE_BRANCH_NAME }}.pr.cannabis.ca.gov](https://${{ env.URLSAFE_BRANCH_NAME }}.pr.cannabis.ca.gov/).
repo-token: ${{ secrets.GITHUB_TOKEN }}
repo-token-user-login: 'github-actions[bot]'
allow-repeats: false
24 changes: 12 additions & 12 deletions .github/workflows/eleventy_build_staging.yml
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
name: 11ty build Staging Site
# site: https://staging.cannabis.ca.gov
# s3 bucket http://staging.cannabis.ca.gov.s3-website-us-west-1.amazonaws.com/
# s3 bucket http://staging.cannabis.ca.gov.live.s3-website-us-west-1.amazonaws.com
# editor: https://api.cannabis.ca.gov
on:
workflow_run:
Expand Down Expand Up @@ -48,38 +48,38 @@ jobs:
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@master
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID_MUKHTAR }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY_MUKHTAR }}
aws-region: us-west-1

- name: Deploy to S3 (staging.cannabis.ca.gov)
run: aws s3 sync --follow-symlinks --delete ./docs s3://staging.cannabis.ca.gov --exclude 'wp-content/uploads/*'
run: aws s3 sync --follow-symlinks --delete ./docs s3://staging.cannabis.ca.gov.live --exclude 'wp-content/uploads/*'

# Reset the cache-control headers on static assets on S3 bucket
- name: Reset cache-control on static files
uses: prewk/s3-cp-action@v2
with:
aws_access_key_id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws_secret_access_key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws_access_key_id: ${{ secrets.AWS_ACCESS_KEY_ID_MUKHTAR }}
aws_secret_access_key: ${{ secrets.AWS_SECRET_ACCESS_KEY_MUKHTAR }}
aws_region: 'us-west-1' # optional: defaults to us-east-1
source: './docs/fonts'
dest: 's3://staging.cannabis.ca.gov/fonts'
dest: 's3://staging.cannabis.ca.gov.live/fonts'
flags: --recursive --cache-control max-age=15552000
- name: Reset cache-control on assets
uses: prewk/s3-cp-action@v2
with:
aws_access_key_id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws_secret_access_key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws_access_key_id: ${{ secrets.AWS_ACCESS_KEY_ID_MUKHTAR }}
aws_secret_access_key: ${{ secrets.AWS_SECRET_ACCESS_KEY_MUKHTAR }}
aws_region: 'us-west-1' # optional: defaults to us-east-1
source: './docs/assets'
dest: 's3://staging.cannabis.ca.gov/assets'
dest: 's3://staging.cannabis.ca.gov.live/assets'
flags: --recursive --cache-control max-age=15552000


# - name: Deploy redirects
# run: |
# AWS_ACCESS_KEY_ID=${{ secrets.AWS_ACCESS_KEY_ID }} AWS_SECRET_ACCESS_KEY=${{ secrets.AWS_SECRET_ACCESS_KEY }} npm run deploy:redirects
# AWS_ACCESS_KEY_ID=${{ secrets.AWS_ACCESS_KEY_ID_MUKHTAR }} AWS_SECRET_ACCESS_KEY=${{ secrets.AWS_SECRET_ACCESS_KEY_MUKHTAR }} npm run deploy:redirects

# Invalidate Cloudfront production distribution
- name: Invalidate Cloudfront (cannabis.ca.gov)
run: aws cloudfront create-invalidation --distribution-id EQTK6QDHAMA8Z --paths "/*"
run: aws cloudfront create-invalidation --distribution-id E3DT30NBQC365Z --paths "/*"
85 changes: 85 additions & 0 deletions .github/workflows/eleventy_build_staging_old.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,85 @@
name: 11ty build Staging Site
# site: https://staging.cannabis.ca.gov
# s3 bucket http://staging.cannabis.ca.gov.s3-website-us-west-1.amazonaws.com/
# editor: https://api.cannabis.ca.gov
on:
workflow_run:
workflows: ["Update static content [staging]"]
types: ['completed']
branches:
- staging
push:
branches:
- staging

concurrency:
group: sync_staging_deployments
cancel-in-progress: true

jobs:
build_deploy:
runs-on: ubuntu-20.04
steps:
- uses: actions/checkout@master
- uses: actions/setup-node@master
with:
node-version: 18.16.0
cache: 'npm'
- name: Install packages
run: |
mkdir dist
npm ci --production
- name: Build 11ty
run: |
SITE_ENV=staging DOMAIN=staging.cannabis.ca.gov npm run build
- name: Write robots.txt
run: |
echo 'User-agent: *' > docs/robots.txt
echo 'Disallow: /' >> docs/robots.txt
# deploy built files to separate branch that contains only built files that github pages uses to serve site
- name: Deploy to github pages branch
uses: peaceiris/[email protected]
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
publish_dir: ./docs
publish_branch: deploy_staging

# Set up AWS CLI
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@master
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: us-west-1

- name: Deploy to S3 (staging.cannabis.ca.gov)
run: aws s3 sync --follow-symlinks --delete ./docs s3://staging.cannabis.ca.gov --exclude 'wp-content/uploads/*'

# Reset the cache-control headers on static assets on S3 bucket
- name: Reset cache-control on static files
uses: prewk/s3-cp-action@v2
with:
aws_access_key_id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws_secret_access_key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws_region: 'us-west-1' # optional: defaults to us-east-1
source: './docs/fonts'
dest: 's3://staging.cannabis.ca.gov/fonts'
flags: --recursive --cache-control max-age=15552000
- name: Reset cache-control on assets
uses: prewk/s3-cp-action@v2
with:
aws_access_key_id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws_secret_access_key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws_region: 'us-west-1' # optional: defaults to us-east-1
source: './docs/assets'
dest: 's3://staging.cannabis.ca.gov/assets'
flags: --recursive --cache-control max-age=15552000


# - name: Deploy redirects
# run: |
# AWS_ACCESS_KEY_ID=${{ secrets.AWS_ACCESS_KEY_ID }} AWS_SECRET_ACCESS_KEY=${{ secrets.AWS_SECRET_ACCESS_KEY }} npm run deploy:redirects

# Invalidate Cloudfront production distribution
- name: Invalidate Cloudfront (cannabis.ca.gov)
run: aws cloudfront create-invalidation --distribution-id EQTK6QDHAMA8Z --paths "/*"

0 comments on commit 4346521

Please sign in to comment.