Update SHEA Policy #326
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
on: push | |
name: Build | |
jobs: | |
build: | |
name: Build | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
# Avoid rate limit errors by logging into Docker registries | |
- name: Log in to Docker Hub | |
uses: docker/login-action@v3 | |
with: | |
username: ${{ secrets.DOCKERHUB_USERNAME }} | |
password: ${{ secrets.DOCKERHUB_PASSWORD }} | |
# Login to AWS to avoid rate limit | |
- name: Configure AWS credentials | |
id: aws-login | |
uses: aws-actions/configure-aws-credentials@v4 | |
with: | |
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }} | |
role-skip-session-tagging: true | |
role-duration-seconds: 3600 | |
aws-region: ap-southeast-1 | |
- name: Login to AWS Public ECR | |
uses: docker/login-action@v3 | |
with: | |
registry: public.ecr.aws | |
env: | |
AWS_REGION: us-east-1 | |
- name: Run docker compose | |
run: | | |
docker compose up -d | |
- name: Bootstrap DB | |
id: bootstrap_db | |
run: | | |
output=$(docker compose run -T somleng bundle exec rails db:setup) | |
account_sid=$(echo $output | grep -Po 'Account\s+SID:\s+\K\b[a-zA-Z0-9-]+\b') | |
auth_token=$(echo $output | grep -Po 'Auth\s+Token:\s+\K\b[a-zA-Z0-9_-]+\b') | |
phone_number=$(echo $output | grep -Po 'Phone\s+Number:\s+\K\b[a-zA-Z0-9-]+\b') | |
sms_gateway_device_token=$(echo $output | grep -Po 'SMS\s+Gateway\s+Device\s+Token:\s+\K\b[a-zA-Z0-9-]+\b') | |
echo "account_sid=$account_sid" >> $GITHUB_OUTPUT | |
echo "auth_token=$auth_token" >> $GITHUB_OUTPUT | |
echo "phone_number=$phone_number" >> $GITHUB_OUTPUT | |
echo "sms_gateway_device_token=$sms_gateway_device_token" >> $GITHUB_OUTPUT | |
- name: Start SMS Gateway | |
run: | | |
DEVICE_TOKEN="${{ steps.bootstrap_db.outputs.sms_gateway_device_token }}" docker compose up --wait -d sms-gateway | |
- name: Test an outbound call | |
run: | | |
curl --fail -s -X "POST" "http://api.lvh.me:3000/2010-04-01/Accounts/${{ steps.bootstrap_db.outputs.account_sid }}/Calls" \ | |
-H 'Content-Type: application/x-www-form-urlencoded; charset=utf-8' \ | |
-u "${{ steps.bootstrap_db.outputs.account_sid }}:${{ steps.bootstrap_db.outputs.auth_token }}" \ | |
--data-urlencode "Url=https://demo.twilio.com/docs/voice.xml" \ | |
--data-urlencode "Method=GET" \ | |
--data-urlencode "To=+299221234" \ | |
--data-urlencode "From=${{ steps.bootstrap_db.outputs.phone_number }}" | |
- name: Test an outbound SMS | |
run: | | |
curl --fail -s -X "POST" "http://api.lvh.me:3000/2010-04-01/Accounts/${{ steps.bootstrap_db.outputs.account_sid }}/Messages" \ | |
-H 'Content-Type: application/x-www-form-urlencoded; charset=utf-8' \ | |
-u "${{ steps.bootstrap_db.outputs.account_sid }}:${{ steps.bootstrap_db.outputs.auth_token }}" \ | |
--data-urlencode "To=+299221234" \ | |
--data-urlencode "Body=Hello World from Integration Test" \ | |
--data-urlencode "From=${{ steps.bootstrap_db.outputs.phone_number }}" | |
- name: Assert SMS Gateway received message | |
run: | | |
docker compose logs sms-gateway | grep "Hello World from Integration Test" | |
deploy: | |
name: Deploy | |
runs-on: ubuntu-latest | |
needs: build | |
if: github.ref == 'refs/heads/main' | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Configure AWS credentials | |
uses: aws-actions/configure-aws-credentials@v4 | |
with: | |
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }} | |
role-skip-session-tagging: true | |
role-duration-seconds: 3600 | |
aws-region: ap-southeast-1 | |
- name: Deploy Website | |
run: | | |
aws s3 sync --acl public-read --exclude "*" --include "*.html" --content-type "text/html; charset=utf-8" public/website s3://www.somleng.org | |
aws s3 sync --acl public-read --exclude "*.html" public/website s3://www.somleng.org | |
- name: Invalidate Cache | |
run: aws cloudfront create-invalidation --distribution-id E3962XCJFZ0KB1 --paths /\* |