on: push: branches: - main paths-ignore: - '*.md' concurrency: group: deploy cancel-in-progress: true env: TEA_SECRET: ${{ secrets.TEA_SECRET }} jobs: deploy: runs-on: ubuntu-latest steps: - name: Create Deployment uses: bobheadxi/deployments@v1 id: deployment with: step: start env: aws - uses: actions/checkout@v3 # TODO: # add action here to download updates packages.json into src/data/packages.json - run: .github/mk-pantry-accessible.sh ${{ secrets.TEMP_JACOBS_GITHUB_PAT }} - uses: teaxyz/setup@v0 with: target: build - name: Check for broken links uses: lycheeverse/lychee-action@v1 with: fail: true args: --verbose --no-progress './public/**/*.md' './public/**/*.html' env: GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}} ## means s3 sync will only sync things we need sync’d - uses: chetan/git-restore-mtime-action@v1 - uses: aws-actions/configure-aws-credentials@v1 with: aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} aws-region: us-east-1 # cache-control of 10 mins because we *need* to be able to update # this and have people see the results can be fixed well with a static site builder - run: | aws s3 sync public s3://www.tea.xyz \ --metadata-directive REPLACE \ --cache-control max-age=600 \ --exclude '.git/*' --exclude '.github/*' \ --exclude 'pour.sh' \ --exclude 'tea.white-paper*.pdf' \ --exclude '*.md' \ --delete #TODO create a github-action that can be used to parse the # output from `s3 sync` into invalidation commands. NOTE # I have already looked for something to do this and failed. - run: | aws cloudfront create-invalidation \ --distribution-id ${{ secrets.AWS_CF_DISTRIBUTION_ID }} \ --paths '/*' - name: Seal Deployment uses: bobheadxi/deployments@v1 if: always() with: step: finish status: ${{ job.status }} deployment_id: ${{ steps.deployment.outputs.deployment_id }} env: ${{ steps.deployment.outputs.env }}