From 0f90ed8753efabdca859538bd2fbc8ddbb27ac95 Mon Sep 17 00:00:00 2001
From: Alberto Diaz Dorado <albertodiazdorado@tngtech.com>
Date: Sun, 5 May 2024 18:19:25 +0200
Subject: [PATCH] Udate github action * Upload static files to the S3 bucket in
 AWS

---
 .github/workflows/main.yml | 63 ++++++++++++++++++++++++++++++++++++--
 1 file changed, 60 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml
index 60233c0..fa14ea4 100644
--- a/.github/workflows/main.yml
+++ b/.github/workflows/main.yml
@@ -12,28 +12,85 @@ on:
         description: 'Source branch'
         required: true
 
+env:
+  AWS_REGION: ${{ vars.AWS_REGION }}
+  DEPLOYMENT_ROLE_ARN: ${{ vars.DEPLOYMENT_ROLE_ARN }}
+  BUCKET_NAME: ${{ vars.BUCKET_NAME }}
+
+# Required to fetch OIDC token
+permissions:
+  id-token: write
+  contents: read
+
 jobs:
   build:
-    name: Build generator and compile site
+    name: Build
     runs-on: ubuntu-latest
     steps:
     - name: Checkout 🛎️
-      uses: actions/checkout@v3.5.2
+      uses: actions/checkout@v4
+
     - name: Install Nix ❄️
       uses: cachix/install-nix-action@v20
+
     - name: Install and setup Cachix 💽
       uses: cachix/cachix-action@v12
       with:
         name: munihac-website
         signingKey: '${{ secrets.CACHIX_SIGNING_KEY }}'
+
     - name: Build Generator and Site 👷
       run: |
         nix-build
         cp -RL result result-with-changed-permissions
         chmod -R +w result-with-changed-permissions/
+
+    - name: Upload build artifacts
+      uses: actions/upload-artifact@v4
+      with:
+        name: build-artifacts
+        path: result-with-changed-permissions/
+
+  deploy-github-pages:
+    name: Deploy to GitHub Pages
+    needs: build
+    runs-on: ubuntu-latest
+    steps:
+    - name: Download build artifacts
+      uses: actions/download-artifact@v4
+      with:
+        name: build-artifacts
+        path: result
+
     - name: Deploy 🚀
       uses: JamesIves/github-pages-deploy-action@v4
       with:
         GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
         BRANCH: master
-        FOLDER: result-with-changed-permissions
+        FOLDER: result/
+
+  deploy-aws:
+    name: Deploy to AWS
+    needs: build
+    runs-on: ubuntu-latest
+    steps:
+    - name: Checkout 🛎️
+      uses: actions/checkout@v4
+
+    - name: Download build artifacts
+      uses: actions/download-artifact@v4
+      with:
+        name: build-artifacts
+        path: result
+
+    - name: Obtain OIDC token
+      uses: aws-actions/configure-aws-credentials@v4
+      with:
+        aws-region: ${{ env.AWS_REGION }}
+        role-to-assume: ${{ env.DEPLOYMENT_ROLE_ARN }}
+
+    - name: Deploy static site to S3 bucket
+      run: |
+        aws sts get-caller-identity
+        aws s3api list-objects --bucket ${{ env.BUCKET_NAME }} --debug
+        aws s3 sync ./result/ s3://${{ env.BUCKET_NAME }} --delete