-
Notifications
You must be signed in to change notification settings - Fork 9
57 lines (52 loc) · 1.7 KB
/
staging-deploy.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
name: Deploy to staging
on:
push:
branches:
- main
paths:
- 'frontend/**'
# https://docs.github.com/en/actions/deployment/security-hardening-your-deployments/configuring-openid-connect-in-amazon-web-services
permissions:
id-token: write
contents: read
jobs:
deploy-to-staging:
concurrency:
group: staging-frontend-deploy-${{ github.ref }}
cancel-in-progress: true
name: deploy staging branch
runs-on: ubuntu-latest
environment: staging
if: github.repository == 'chanzuckerberg/cryoet-data-portal'
steps:
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v4
with:
mask-aws-account-id: true
aws-region: ${{ secrets.AWS_REGION }}
role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }}
role-duration-seconds: 1200
- name: Create or update stack
uses: chanzuckerberg/github-actions/.github/actions/[email protected]
env:
# Force using BuildKit instead of normal Docker, required so that metadata
# is written/read to allow us to use layers of previous builds as cache.
DOCKER_BUILDKIT: 1
COMPOSE_DOCKER_CLI_BUILD: 1
DOCKER_REPO: ${{ secrets.ECR_REPO }}/
ENV: staging
with:
stack-name: frontend
create-tag: true
tag: ${{ env.STACK_NAME }}
tfe-token: ${{ secrets.TFE_TOKEN }}
working-directory: ./frontend
env: staging
operation: create-or-update
e2e-test-staging:
name: E2E Tests
needs: deploy-to-staging
uses: ./.github/workflows/frontend-e2e-tests.yml
secrets: inherit
with:
environment: staging