chore(deps): bump actions/checkout from 6 to 7 #335
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Deploy | |
| permissions: | |
| contents: read | |
| on: | |
| push: | |
| branches: | |
| - main | |
| - deploy-* | |
| workflow_dispatch: | |
| inputs: | |
| branch: | |
| description: Branch to deploy | |
| required: true | |
| env: | |
| working_dir: terragrunt | |
| concurrency: | |
| group: ${{ github.workflow }} | |
| jobs: | |
| deploy: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout selected branch | |
| uses: actions/checkout@v7 | |
| with: | |
| ref: ${{ github.event.inputs.branch || github.ref_name }} | |
| - name: Configure AWS Credentials | |
| uses: aws-actions/configure-aws-credentials@v6.2.0 | |
| with: | |
| aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| aws-region: us-east-1 | |
| - name: Initialize Terragrunt (backend + providers) | |
| uses: gruntwork-io/terragrunt-action@v3 | |
| env: | |
| TERRAGRUNT_DISABLE_COPY: true | |
| with: | |
| tg_dir: ${{ env.working_dir }} | |
| tg_command: "run-all init" | |
| - name: Terragrunt Plan | |
| uses: gruntwork-io/terragrunt-action@v3 | |
| env: | |
| TERRAGRUNT_DISABLE_COPY: true | |
| with: | |
| tg_dir: ${{ env.working_dir }} | |
| tg_command: "run-all plan" | |
| - name: Terragrunt Apply | |
| uses: gruntwork-io/terragrunt-action@v3 | |
| env: | |
| TERRAGRUNT_DISABLE_COPY: true | |
| with: | |
| tg_dir: ${{ env.working_dir }} | |
| tg_command: "run-all apply" | |
| # TODO(j4y): Replace hard-coded path once multiple stacks exist. | |
| - name: Read Values | |
| id: terragrunt_output | |
| run: | | |
| ./scripts/read_terragrunt_outputs.sh terragrunt/live/website | |
| - name: Build Jekyll project | |
| run: | | |
| bundle install | |
| mise build | |
| - name: Validate Outputs | |
| run: | | |
| echo "Verifying CloudFront Distribution..." | |
| aws cloudfront get-distribution --id "${{ steps.terragrunt_output.outputs.distribution_id }}" | |
| echo "\nVerifying S3 Bucket..." | |
| aws s3 ls | grep "${{ steps.terragrunt_output.outputs.bucket_name }}" | |
| - name: Copy output to S3 | |
| run: aws s3 sync ./_site/ s3://${{ steps.terragrunt_output.outputs.bucket_name }} --acl public-read --delete --cache-control max-age=604800 | |
| - name: Invalidate Cloudfront | |
| run: aws cloudfront create-invalidation --distribution-id ${{ steps.terragrunt_output.outputs.distribution_id }} --paths "/*" |