diff --git a/.github/workflows/eleventy_build_main_mukhtar.yml b/.github/workflows/eleventy_build_main_mukhtar.yml new file mode 100644 index 00000000000..ceff578a6b0 --- /dev/null +++ b/.github/workflows/eleventy_build_main_mukhtar.yml @@ -0,0 +1,101 @@ +name: 11ty build Production Site +# site: https://headless.cannabis.ca.gov +# s3 bucket http://headless.cannabis.ca.gov.s3-website-us-west-1.amazonaws.com/ +# editor: https://api.cannabis.ca.gov +on: + workflow_run: + workflows: ["Update static content [main]"] + types: ['completed'] + branches: + - main + push: + branches: + - main + +concurrency: + group: sync_deployments + cancel-in-progress: true + +jobs: + build_deploy: + runs-on: ubuntu-20.04 + steps: + - uses: actions/checkout@master + - uses: actions/setup-node@master + with: + node-version: 18.16.0 + cache: 'npm' + - name: Install packages + run: | + mkdir dist + npm ci --production + - name: Build 11ty + run: | + SITE_ENV=production DOMAIN=cannabis.ca.gov npm run build + - name: Write robots.txt + run: | + echo 'User-agent: *' > docs/robots.txt + echo 'Allow: /' >> docs/robots.txt + echo 'Sitemap: https://cannabis.ca.gov/sitemap.xml' >> docs/robots.txt + # deploy built files to separate branch that contains only built files that github pages uses to serve site + - name: Deploy to github pages branch + uses: peaceiris/actions-gh-pages@v3.9.3 + with: + github_token: ${{ secrets.GITHUB_TOKEN }} + publish_dir: ./docs + publish_branch: deploy_production + + # Set up AWS CLI + - name: Configure AWS Credentials + uses: aws-actions/configure-aws-credentials@master + with: + aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID_MUKHTAR }} + aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY_MUKHTAR }} + aws-region: us-west-1 + + # Deploy to cannabis.ca.gov + # jbum added exclude + - name: Deploy to S3 (cannabis.ca.gov.live) + run: aws s3 sync --follow-symlinks --delete ./docs s3://cannabis.ca.gov.live --exclude 'wp-content/uploads/*' + # Reset the cache-control headers on static assets on production S3 bucket + - name: Reset cache-control on fonts + uses: prewk/s3-cp-action@v2 + with: + aws_access_key_id: ${{ secrets.AWS_ACCESS_KEY_ID_MUKHTAR }} + aws_secret_access_key: ${{ secrets.AWS_SECRET_ACCESS_KEY_MUKHTAR }} + aws_region: 'us-west-1' # optional: defaults to us-east-1 + source: './docs/fonts' + dest: 's3://cannabis.ca.gov.live/fonts' + flags: --recursive --cache-control max-age=15552000 + - name: Reset cache-control on assets + uses: prewk/s3-cp-action@v2 + with: + aws_access_key_id: ${{ secrets.AWS_ACCESS_KEY_ID_MUKHTAR }} + aws_secret_access_key: ${{ secrets.AWS_SECRET_ACCESS_KEY_MUKHTAR }} + aws_region: 'us-west-1' # optional: defaults to us-east-1 + source: './docs/assets' + dest: 's3://cannabis.ca.gov.live/assets' + flags: --recursive --cache-control max-age=15552000 + # - name: Reset cache-control on media + # uses: prewk/s3-cp-action@v2 + # with: + # aws_access_key_id: ${{ secrets.AWS_ACCESS_KEY_ID_MUKHTAR }} + # aws_secret_access_key: ${{ secrets.AWS_SECRET_ACCESS_KEY_MUKHTAR }} + # aws_region: 'us-west-1' # optional: defaults to us-east-1 + # source: './docs/wp-content/uploads/sites/2' + # dest: 's3://cannabis.ca.gov/wp-content/uploads/sites/2' + # flags: --recursive --cache-control max-age=15552000 + + - name: Deploy redirects + run: | + AWS_ACCESS_KEY_ID=${{ secrets.AWS_ACCESS_KEY_ID_MUKHTAR }} AWS_SECRET_ACCESS_KEY=${{ secrets.AWS_SECRET_ACCESS_KEY_MUKHTAR }} npm run deploy:redirects + + - name: Invalidate Cloudfront (cannabis.ca.gov) + env: + AWS_RETRY_MODE: standard + AWS_MAX_ATTEMPTS: 6 + run: aws cloudfront create-invalidation --distribution-id E314Q1K8WYSBBI --paths "/*" + + + +