DEV-2303: Prepare Workflows for Production

.github/workflows/website-deploy-preview.yml

@@ -1,4 +1,4 @@
-name: "Website Deploy Preview"
+name: "🚀 Docs Preview"
 
 on:
   workflow_dispatch:
@@ -30,76 +30,26 @@ permissions:
   contents: read
 
 jobs:
-  website-deploy-preview:
-    # Do not deploy the website to the preview environment if the PR has the label 'website-no-deploy'
-    if: ${{ !contains(github.event.*.labels.*.name, 'website-no-deploy') }}
-
+  deploy:
     runs-on: ubuntu-latest
 
     environment:
       name: preview
       url: https://${{ env.DEPLOYMENT_HOST }}
 
     steps:
-      # https://github.com/marketplace/actions/configure-aws-credentials-action-for-github-actions
-      - name: Configure AWS Credentials
-        uses: aws-actions/configure-aws-credentials@v4
-        with:
-          aws-region: ${{ env.AWS_REGION }}
-          role-to-assume: ${{ env.IAM_ROLE_ARN }}
-          role-session-name: ${{ env.IAM_ROLE_SESSION_NAME }}
-
       - name: Checkout Repository
         uses: actions/checkout@v4
         with:
           fetch-depth: 0
 
-      - name: Setup Node
-        uses: actions/setup-node@v4
-        with:
-          node-version-file: ".nvmrc"
-
-      - name: "Checkout 'terraform-aws-components' Repository"
-        uses: actions/checkout@v4
+      - name: Build Website
+        uses: ./.github/actions/build-website
         with:
-          fetch-depth: 1
-          repository: cloudposse/terraform-aws-components
-          ref: main
-          path: tmp/components/terraform-aws-components
-
-      - name: "Setup Python"
-        uses: actions/setup-python@v5
-        with:
-          python-version: '3.10'
-
-      - name: "Install Python Dependencies"
-        run: |
-          make init
-          pip install -r scripts/docs-collator/requirements.txt
-
-      - name: "Render Documentation for Terraform Components"
-        run: |
-          ./scripts/render-docs-for-components.sh
-
-      - name: "Render Documentation for Terraform Modules"
-        env:
-          PUBLIC_REPO_ACCESS_TOKEN: ${{ secrets.REPO_ACCESS_TOKEN }}
-        run: |
-          ./scripts/render-docs-for-modules.sh
-
-      - name: "Render Documentation for GitHub Actions"
-        env:
-          PUBLIC_REPO_ACCESS_TOKEN: ${{ secrets.REPO_ACCESS_TOKEN }}
-        run: |
-          ./scripts/render-docs-for-github-actions.sh
-
-      - name: Install Dependencies and Build Website
-        env:
-          GOOGLE_TAG_MANAGER: ${{ env.GOOGLE_TAG_MANAGER }}
-          GOOGLE_SITE_VERIFICATION_ID: ${{ env.GOOGLE_SITE_VERIFICATION_ID }}
-        run: |
-          make init
-          make build-production
+          aws_region: ${{ env.AWS_REGION }}
+          iam_role_arn: ${{ env.IAM_ROLE_ARN }}
+          iam_role_session_name: ${{ env.IAM_ROLE_SESSION_NAME }}
+          repo_access_token: ${{ secrets.REPO_ACCESS_TOKEN }}
 
       - name: Copy Website to S3 Bucket PR Folder
         run: |

.github/workflows/website-deploy-release.yml

@@ -1,4 +1,4 @@
-name: "Website Deploy Release"
+name: "🚀 Docs Release"
 
 on:
   workflow_dispatch:
@@ -10,20 +10,49 @@ on:
     types:
       - published
 
+env:
+  AWS_REGION: us-east-2
+  IAM_ROLE_ARN: arn:aws:iam::557075604627:role/cplive-plat-ue2-prod-cloudposse-docs-gha
+  IAM_ROLE_SESSION_NAME: cloudposse-docs-ci-deploy-release
+  S3_BUCKET_NAME: cplive-plat-ue2-prod-cloudposse-docs-origin
+  DEPLOYMENT_HOST: docs.cloudposse.com
+  ALGOLIA_INDEX_NAME: docs.cloudposse.com
+  ALGOLIA_APP_ID: 32YOERUX83
+  GOOGLE_TAG_MANAGER: GTM-WQWH2XV
+  GOOGLE_SITE_VERIFICATION_ID: uY7FoBLCwsBfMMXefHxUz3lvHjZuWyURCIgpA-ia3_g
+
+# These permissions are needed to interact with the GitHub's OIDC Token endpoint
+permissions:
+  id-token: write
+  contents: read
+
 jobs:
-  trigger_documentation_deployment:
+  deploy:
     runs-on: ubuntu-latest
 
     environment:
-      name: production
-      url: https://docs.cloudposse.com
+      name: staging
+      url: https://${{ env.DEPLOYMENT_HOST }}
 
     steps:
-      - name: Trigger Documentation Deployment
+      - name: Checkout Repository
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+
+      - name: Build Website
+        uses: ./.github/actions/build-website
+        with:
+          aws_region: ${{ env.AWS_REGION }}
+          iam_role_arn: ${{ env.IAM_ROLE_ARN }}
+          iam_role_session_name: ${{ env.IAM_ROLE_SESSION_NAME }}
+          google_tag_manager: ${{ env.GOOGLE_TAG_MANAGER }}
+          google_site_verification_id: ${{ env.GOOGLE_SITE_VERIFICATION_ID }}
+          repo_access_token: ${{ secrets.REPO_ACCESS_TOKEN }}
+
+      - name: Copy Website to S3 Bucket
         run: |
-          curl \
-            -X POST \
-            -H "Authorization: Bearer ${{ secrets.TRIGGER_DOCS_REDEPLOY_WORKFLOW_REFARCH }}" \
-            -H "Accept: application/vnd.github.everest-preview+json" \
-            https://api.github.com/repos/cloudposse/refarch-scaffold/dispatches \
-            -d '{"event_type": "redeploy_documentation"}'
+          cd build
+          aws sts get-caller-identity
+          aws s3 sync . s3://${{ env.S3_BUCKET_NAME }} --delete --exclude "pr-*"
+          aws s3 ls s3://${{ env.S3_BUCKET_NAME }}/ --recursive --human-readable --summarize

.github/workflows/website-deploy-staging-preview.yml

@@ -1,4 +1,4 @@
-name: "🚀 Staging Preview"
+name: "🚧 Staging Preview"
 
 on:
   pull_request:

.github/workflows/website-deploy-staging-release.yml

@@ -1,4 +1,4 @@
-name: "🚀 Staging Release"
+name: "🚧 Staging Release"
 
 on:
   workflow_dispatch:

.github/workflows/website-destroy-preview.yml

@@ -1,11 +1,14 @@
-name: "Website Destroy Preview"
+name: "🗑️ Docs Preview"
 
 on:
   workflow_dispatch:
 
-  pull_request:
+  pull_request_target:
     types:
       - closed
+    branches:
+      - 'main'
+      - 'master'
 
 env:
   AWS_REGION: us-east-2
@@ -20,7 +23,7 @@ permissions:
   contents: read
 
 jobs:
-  website-destroy-preview:
+  destroy:
     runs-on: ubuntu-latest
     steps:
       # https://github.com/marketplace/actions/configure-aws-credentials-action-for-github-actions