-
Notifications
You must be signed in to change notification settings - Fork 0
137 lines (114 loc) · 5.96 KB
/
deploy-dev.yml
File metadata and controls
137 lines (114 loc) · 5.96 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
name: deploy-dev
env:
EB_PACKAGE_S3_BUCKET_NAME: 'nestjs-monolithic-boilerplate-deployment-artifacts'
EB_APPLICATION_NAME: 'nestjs-monolithic-boilerplate'
EB_ENVIRONMENT_NAME: 'nestjs-monolithic-boilerplate-api-dev-env'
EB_VERSION_LABEL: 'Ver-dev-${{ github.sha }}'
DEPLOY_PACKAGE_NAME: 'api-nestjs-monolithic-boilerplate-dev-${{ github.sha }}.zip'
AWS_REGION_NAME: 'ap-southeast-1'
on:
workflow_dispatch:
push:
branches:
- develop
jobs:
build:
name: build api.dev.nestjs-monolithic-boilerplate
runs-on: ubuntu-latest
strategy:
matrix:
node-version: [ 16.x ]
steps:
- name: checkout code
uses: actions/checkout@master
with:
ref: ${{ github.ref }}
- name: use node.js ${{ matrix.node-version }}
uses: actions/setup-node@master
with:
always-auth: true
node-version: ${{ matrix.node-version }}
- name: Make envfile
uses: SpicyPizza/create-envfile@v1.3
with:
envkey_NODE_ENV: 'development'
envkey_ENABLE_DOCUMENTATION: true
envkey_ENABLE_ORM_LOGS: true
envkey_TRANSPORT_PORT: 8080
envkey_JWT_EXPIRATION_TIME: 3600
envkey_FALLBACK_LANGUAGE: 'en_US'
envkey_ENABLE_SYNCHRONIZE: false
envkey_PORT: 80
envkey_API_VERSION: ${{ secrets.DEV_API_VERSION }}
envkey_DB_TYPE: 'postgres'
envkey_DB_DATABASE: ${{ secrets.DEV_DB_DATABASE }}
envkey_DB_HOST: ${{ secrets.DEV_DB_HOST }}
envkey_DB_PORT: ${{ secrets.DEV_DB_PORT }}
envkey_DB_USERNAME: ${{ secrets.DEV_DB_USERNAME }}
envkey_DB_PASSWORD: ${{ secrets.DEV_DB_PASSWORD }}
envkey_AWS_S3_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
envkey_AWS_S3_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
envkey_AWS_S3_BUCKET_NAME: ${{ secrets.DEV_AWS_S3_BUCKET_NAME }}
envkey_AWS_S3_BUCKET_REGION: ${{ secrets.DEV_AWS_S3_BUCKET_REGION }}
envkey_AWS_S3_BUCKET_ENDPOINT: ${{ secrets.DEV_AWS_S3_BUCKET_ENDPOINT }}
envkey_AWS_SES_ACCESS_KEY_ID: ${{ secrets.DEV_AWS_SES_ACCESS_KEY_ID }}
envkey_AWS_SES_SECRET_ACCESS_KEY: ${{ secrets.DEV_AWS_SES_SECRET_ACCESS_KEY }}
envkey_AWS_SES_REGION: ${{ secrets.DEV_AWS_SES_REGION }}
envkey_AWS_SES_SOURCE: ${{ secrets.DEV_AWS_SES_SOURCE }}
envkey_GOOGLE_AUTH_CLIENT_ID: ${{ secrets.DEV_GOOGLE_AUTH_CLIENT_ID }}
envkey_GOOGLE_AUTH_CLIENT_SECRET: ${{ secrets.DEV_GOOGLE_AUTH_CLIENT_SECRET }}
envkey_APPLE_AUTH_CLIENT_ID: ${{ secrets.DEV_APPLE_AUTH_CLIENT_ID }}
envkey_APPLE_AUTH_CLIENT_SECRET: ${{ secrets.DEV_APPLE_AUTH_CLIENT_SECRET }}
envkey_JWT_PRIVATE_KEY: ${{ secrets.JWT_PRIVATE_KEY }}
envkey_JWT_PUBLIC_KEY: ${{ secrets.JWT_PUBLIC_KEY }}
envkey_OTP_SECRET: ${{ secrets.OTP_SECRET }}
file_name: '.env'
- name: install dependencies
run: npm install --force
# - name: audit fix
# run: npm audit fix --force
- name: build application
run: npm run build:prod
- name: ls
run: ls -lah && cat .env
- name: create ZIP deployment package
run: zip -r ${{ env.DEPLOY_PACKAGE_NAME }} * .platform .env
- name: configure AWS credentials
uses: aws-actions/configure-aws-credentials@v1
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: ${{ env.AWS_REGION_NAME }}
- name: copy deployment package to S3 bucket
run: aws s3 cp ${{ env.DEPLOY_PACKAGE_NAME }} s3://${{ env.EB_PACKAGE_S3_BUCKET_NAME }}/
deploy:
needs: [ build ]
runs-on: ubuntu-latest
steps:
- name: configure AWS credentials
uses: aws-actions/configure-aws-credentials@v1
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: ${{ env.AWS_REGION_NAME }}
- name: create new Elastic Beanstalk application version
run: |
aws elasticbeanstalk create-application-version \
--application-name ${{ env.EB_APPLICATION_NAME }} \
--source-bundle S3Bucket="${{ env.EB_PACKAGE_S3_BUCKET_NAME }}",S3Key="${{ env.DEPLOY_PACKAGE_NAME }}" \
--version-label ${{ env.EB_VERSION_LABEL }} \
--description "CommittSHA-${{ github.sha }}"
- name: update Elastic Beanstalk with new application version
run: |
aws elasticbeanstalk update-application-version \
--application-name ${{ env.EB_APPLICATION_NAME }} \
--version-label ${{ env.EB_VERSION_LABEL }}
- name: debug credentials
run: |
echo "${{ secrets.AWS_ACCESS_KEY_ID }}"
- name: deploy application to Elastic Beanstalk
run: |
aws elasticbeanstalk update-environment \
--application-name ${{ env.EB_APPLICATION_NAME }} \
--environment-name ${{ env.EB_ENVIRONMENT_NAME }} \
--version-label ${{ env.EB_VERSION_LABEL }}