-
Notifications
You must be signed in to change notification settings - Fork 2
123 lines (104 loc) · 3.84 KB
/
deploy-preview.yml
File metadata and controls
123 lines (104 loc) · 3.84 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
name: Deploy-Preview
on:
pull_request:
types: [opened, synchronize, reopened]
branches: ['develop']
concurrency:
group: preview-${{ github.event.pull_request.number }}
cancel-in-progress: true
jobs:
deploy-preview:
runs-on: ubuntu-latest
environment: PREVIEW_ENV
permissions:
pull-requests: write
contents: read
steps:
- name: Setup NodeJS
uses: actions/setup-node@v4
with:
node-version: 20
- name: Checkout Code
uses: actions/checkout@v4
- name: Setup .env
run: |
echo "${{ vars.ENV }}" > .env
echo "${{ secrets.ENV }}" >> .env
echo "VITE_BASE_PATH=/pr-${{ github.event.pull_request.number }}" >> .env
- name: Install Dependencies
run: npm ci
- name: Build Preview
run: npm run build
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v4
with:
aws-access-key-id: ${{ secrets.AWS_PREVIEW_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_PREVIEW_SECRET_ACCESS_KEY }}
aws-region: ap-northeast-2
- name: Deploy to S3 Preview Bucket
run: |
aws s3 sync ./dist s3://${{ secrets.AWS_PREVIEW_BUCKET_NAME }}/pr-${{ github.event.pull_request.number }}/ --delete
- name: Deploy OAuth Redirect Handler
run: |
cat > /tmp/oauth-handler.html << 'OAUTH_EOF'
<!DOCTYPE html>
<html>
<head><title>Redirecting...</title></head>
<body>
<script>
var params = new URLSearchParams(window.location.search);
var state = params.get('state');
var validStateRegex = /^\/pr-\d+$/;
if (state && validStateRegex.test(state)) {
params.delete('state');
window.location.replace(state + '/oauth?' + params.toString());
} else {
document.title = 'Error';
document.body.textContent = '잘못된 접근입니다. (Invalid OAuth State)';
}
</script>
</body>
</html>
OAUTH_EOF
aws s3 cp /tmp/oauth-handler.html s3://${{ secrets.AWS_PREVIEW_BUCKET_NAME }}/oauth --content-type "text/html"
- name: Invalidate CloudFront Cache
run: |
aws cloudfront create-invalidation \
--distribution-id ${{ secrets.AWS_PREVIEW_CLOUDFRONT_ID }} \
--paths "/pr-${{ github.event.pull_request.number }}/*" "/oauth"
- name: Comment Preview URL on PR
uses: actions/github-script@v7
with:
script: |
const prNumber = context.payload.pull_request.number;
const url = `https://preview.debate-timer.com/pr-${prNumber}/`;
const body = `## 🚀 Preview 배포 완료!
| 환경 | URL |
|-----|-----|
| Preview | [열기](${url}) |
| API | Dev 환경 |
> PR이 닫히면 자동으로 정리됩니다.`;
const { data: comments } = await github.rest.issues.listComments({
owner: context.repo.owner,
repo: context.repo.repo,
issue_number: prNumber,
});
const existing = comments.find(c =>
c.user.login === 'github-actions[bot]' &&
c.body.includes('Preview 배포 완료')
);
if (existing) {
await github.rest.issues.updateComment({
owner: context.repo.owner,
repo: context.repo.repo,
comment_id: existing.id,
body
});
} else {
await github.rest.issues.createComment({
owner: context.repo.owner,
repo: context.repo.repo,
issue_number: prNumber,
body
});
}