Merge pull request #760 from openva/master #62
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Deploy Process | |
| on: | |
| push: | |
| branches: | |
| - master | |
| - deploy | |
| pull_request: | |
| jobs: | |
| build: | |
| runs-on: ubuntu-20.04 | |
| steps: | |
| - uses: Firenza/[email protected] | |
| with: | |
| secrets: ${{ toJSON(secrets) }} | |
| - name: Specify PHP version | |
| uses: shivammathur/setup-php@v2 | |
| with: | |
| php-version: '5.6' | |
| - name: Make branch name available as Bash variable | |
| run: echo "GITHUB_BRANCH=${GITHUB_REF#refs/heads/}" >> $GITHUB_ENV | |
| - run: >- | |
| sudo apt-get update && | |
| sudo apt-get install -y awscli php5.6-cli php5.6-curl php5.6-memcached php5.6-mysql yarn zip | |
| - uses: actions/checkout@v2 | |
| - run: sudo apt-get update -qq | |
| - run: composer install | |
| - run: cd htdocs/js/vendor; yarn build | |
| - run: cd ../../.. | |
| - run: find htdocs/*.php -print0 |xargs -0 -n1 -P8 php5.6 -l | |
| - run: >- | |
| ./deploy/branch_deploy.sh && ./deploy/config_variables.sh && | |
| ./deploy/aws_credentials.sh && zip -qr rs-web-deploy . --exclude | |
| *.git* *.scannerwork* && mkdir -p upload && mv rs-web-deploy.zip | |
| upload/rs-web-deploy.zip | |
| - run: >- | |
| if [ "$GITHUB_BRANCH" = "master" ]; then | |
| ./deploy/increase_verbosity.sh; fi | |
| - run: >- | |
| if [ "$GITHUB_BRANCH" = "master" ]; then | |
| cp appspec-staging.yml appspec.yml | |
| elif [ "$GITHUB_BRANCH" = "deploy" ]; then | |
| cp appspec-deploy.yml appspec.yml | |
| fi | |
| - name: Save secret-populated code for a subsequent deploy step | |
| uses: actions/upload-artifact@v2 | |
| with: | |
| name: codebase | |
| path: . | |
| - name: Get the branch name for use in the build step | |
| shell: bash | |
| run: echo "##[set-output name=github_branch;]$(echo $GITHUB_BRANCH)" | |
| id: get_branch | |
| outputs: | |
| github_branch: ${{ steps.get_branch.outputs.github_branch }} | |
| deploy: | |
| runs-on: ubuntu-20.04 | |
| needs: build # Don't deploy unless the build succeeds | |
| steps: | |
| - run: echo "Deploy branch is ${{ needs.build.outputs.github_branch }}" | |
| - name: Get the secret-populated code | |
| uses: actions/download-artifact@v2 | |
| with: | |
| name: codebase | |
| - name: Configure AWS credentials | |
| uses: aws-actions/configure-aws-credentials@v1 | |
| with: | |
| aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY }} | |
| aws-secret-access-key: ${{ secrets.AWS_SECRET_KEY }} | |
| aws-region: us-east-1 | |
| - name: Staging CodeDeploy Deployment | |
| if: ${{ needs.build.outputs.github_branch == 'master' }} | |
| run: | | |
| aws deploy create-deployment \ | |
| --application-name RS-Web \ | |
| --deployment-group-name RS-Web-Staging \ | |
| --deployment-config-name CodeDeployDefault.OneAtATime \ | |
| --github-location repository=${{ github.repository }},commitId=${{ github.sha }} | |
| - name: Production CodeDeploy Deployment | |
| if: ${{ needs.build.outputs.github_branch == 'deploy' }} | |
| run: | | |
| aws deploy create-deployment \ | |
| --application-name RS-Web \ | |
| --deployment-group-name RS-Web-Fleet \ | |
| --deployment-config-name CodeDeployDefault.OneAtATime \ | |
| --github-location repository=${{ github.repository }},commitId=${{ github.sha }} |