diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 6e82773..92b1e13 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -11,14 +11,14 @@ # name: "CodeQL" -on: - push: - branches: [ master ] - pull_request: - # The branches below must be a subset of the branches above - branches: [ master ] - schedule: - - cron: '23 12 * * 4' +on: [ push ] + # push: + # branches: [ master ] + # pull_request: + # # The branches below must be a subset of the branches above + # branches: [ master ] + # schedule: + # - cron: '23 12 * * 4' jobs: analyze: @@ -43,7 +43,7 @@ jobs: # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@v2 + uses: github/codeql-action/init@v3 with: languages: ${{ matrix.language }} # If you wish to specify custom queries, you can do so here or in a config file. @@ -54,18 +54,8 @@ jobs: # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). # If this step fails, then you should remove it and run the build manually (see below) - name: Autobuild - uses: github/codeql-action/autobuild@v2 + uses: github/codeql-action/autobuild@v3 - # ℹī¸ Command-line programs to run using the OS shell. - # 📚 https://git.io/JvXDl - - # ✏ī¸ If the Autobuild fails above, remove it and uncomment the following three lines - # and modify them (or add more) to build your code if your project - # uses a compiled language - - #- run: | - # make bootstrap - # make release - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v2 + uses: github/codeql-action/analyze@v3 diff --git a/.github/workflows/s3-publish.yml b/.github/workflows/s3-publish.yml index 21b65c7..f139591 100644 --- a/.github/workflows/s3-publish.yml +++ b/.github/workflows/s3-publish.yml @@ -5,15 +5,15 @@ # # ref: https://github.com/mcliff1/cliffconsulting/new/master?filename=.github%2Fworkflows%2Faws.yml&workflow_template=aws name: AWS Publish -# -# on: -# pull_request: -# branches: -# - master -# - release/dev -# push: -# - feature/* -on: [push] + +on: + pull_request: + branches: + - master + - release/dev + #push: + # - feature/* +#on: [push] jobs: @@ -23,7 +23,7 @@ jobs: strategy: matrix: - node-version: [18.x, 20.x, 22.x] + node-version: [22.x] # See supported Node.js release schedule at https://nodejs.org/en/about/releases/ steps: @@ -46,7 +46,7 @@ jobs: # https://github.com/marketplace/actions/configure-aws-credentials-action-for-github-actions - name: Configuration for Test - uses: aws-actions/configure-aws-credentials@v2 + uses: aws-actions/configure-aws-credentials@v4 if: ${{ github.ref == 'refs/heads/release/dev' }} with: aws-access-key-id: ${{ secrets.TEST_AWS_ACCESS_KEY_ID }} @@ -56,7 +56,7 @@ jobs: role-duration-seconds: 1800 - name: Configuration for Production - uses: aws-actions/configure-aws-credentials@v2 + uses: aws-actions/configure-aws-credentials@v4 if: ${{ github.ref == 'refs/heads/master' }} with: aws-access-key-id: ${{ secrets.PROD_AWS_ACCESS_KEY_ID }} @@ -69,6 +69,7 @@ jobs: - name: Build And Deploy run: | nodejs -v + aws sts get-caller-identity ACCOUNT_NAME=$(aws ssm get-parameter --name /foundation/account/name --query 'Parameter.Value' --output text) echo $ACCOUNT_NAME BUCKET=$(aws ssm get-parameter --name /app/cdn/${ACCOUNT_NAME}-cliffconsulting/bucket --query 'Parameter.Value' --output text) @@ -76,5 +77,8 @@ jobs: npm install npm run build aws s3 sync ./build s3://${BUCKET}/ --delete + STACK_NAME=${ACCOUNT_NAME}-cliffconsulting + DISTRIBUTION=$(aws cloudformation --region us-east-1 describe-stacks --stack-name ${STACK_NAME} --query 'Stacks[0].Outputs[?OutputKey==`distributionid`].OutputValue' --output text) + aws cloudfront create-invalidation --distribution-id ${DISTRIBUTION} --paths "/*" if: ${{ github.ref == 'refs/heads/release/dev' || github.ref == 'refs/heads/master' }}