Skip to content

Update SHEA Policy #326

Update SHEA Policy

Update SHEA Policy #326

Workflow file for this run

on: push
name: Build
jobs:
build:
name: Build
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
# Avoid rate limit errors by logging into Docker registries
- name: Log in to Docker Hub
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_PASSWORD }}
# Login to AWS to avoid rate limit
- name: Configure AWS credentials
id: aws-login
uses: aws-actions/configure-aws-credentials@v4
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }}
role-skip-session-tagging: true
role-duration-seconds: 3600
aws-region: ap-southeast-1
- name: Login to AWS Public ECR
uses: docker/login-action@v3
with:
registry: public.ecr.aws
env:
AWS_REGION: us-east-1
- name: Run docker compose
run: |
docker compose up -d
- name: Bootstrap DB
id: bootstrap_db
run: |
output=$(docker compose run -T somleng bundle exec rails db:setup)
account_sid=$(echo $output | grep -Po 'Account\s+SID:\s+\K\b[a-zA-Z0-9-]+\b')
auth_token=$(echo $output | grep -Po 'Auth\s+Token:\s+\K\b[a-zA-Z0-9_-]+\b')
phone_number=$(echo $output | grep -Po 'Phone\s+Number:\s+\K\b[a-zA-Z0-9-]+\b')
sms_gateway_device_token=$(echo $output | grep -Po 'SMS\s+Gateway\s+Device\s+Token:\s+\K\b[a-zA-Z0-9-]+\b')
echo "account_sid=$account_sid" >> $GITHUB_OUTPUT
echo "auth_token=$auth_token" >> $GITHUB_OUTPUT
echo "phone_number=$phone_number" >> $GITHUB_OUTPUT
echo "sms_gateway_device_token=$sms_gateway_device_token" >> $GITHUB_OUTPUT
- name: Start SMS Gateway
run: |
DEVICE_TOKEN="${{ steps.bootstrap_db.outputs.sms_gateway_device_token }}" docker compose up --wait -d sms-gateway
- name: Test an outbound call
run: |
curl --fail -s -X "POST" "http://api.lvh.me:3000/2010-04-01/Accounts/${{ steps.bootstrap_db.outputs.account_sid }}/Calls" \
-H 'Content-Type: application/x-www-form-urlencoded; charset=utf-8' \
-u "${{ steps.bootstrap_db.outputs.account_sid }}:${{ steps.bootstrap_db.outputs.auth_token }}" \
--data-urlencode "Url=https://demo.twilio.com/docs/voice.xml" \
--data-urlencode "Method=GET" \
--data-urlencode "To=+299221234" \
--data-urlencode "From=${{ steps.bootstrap_db.outputs.phone_number }}"
- name: Test an outbound SMS
run: |
curl --fail -s -X "POST" "http://api.lvh.me:3000/2010-04-01/Accounts/${{ steps.bootstrap_db.outputs.account_sid }}/Messages" \
-H 'Content-Type: application/x-www-form-urlencoded; charset=utf-8' \
-u "${{ steps.bootstrap_db.outputs.account_sid }}:${{ steps.bootstrap_db.outputs.auth_token }}" \
--data-urlencode "To=+299221234" \
--data-urlencode "Body=Hello World from Integration Test" \
--data-urlencode "From=${{ steps.bootstrap_db.outputs.phone_number }}"
- name: Assert SMS Gateway received message
run: |
docker compose logs sms-gateway | grep "Hello World from Integration Test"
deploy:
name: Deploy
runs-on: ubuntu-latest
needs: build
if: github.ref == 'refs/heads/main'
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v4
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }}
role-skip-session-tagging: true
role-duration-seconds: 3600
aws-region: ap-southeast-1
- name: Deploy Website
run: |
aws s3 sync --acl public-read --exclude "*" --include "*.html" --content-type "text/html; charset=utf-8" public/website s3://www.somleng.org
aws s3 sync --acl public-read --exclude "*.html" public/website s3://www.somleng.org
- name: Invalidate Cache
run: aws cloudfront create-invalidation --distribution-id E3962XCJFZ0KB1 --paths /\*