Function Junction

Github Action - Publish and Deploy

11 May 20252 min read

name: Release Storybook and Publish Package  
  
on:  
  workflow_dispatch:  
  
concurrency: ${{ github.workflow }}-${{ github.ref }}  
  
jobs:  
  release:  
    name: Release and Publish  
    runs-on: ubuntu-latest  
    permissions:  
      id-token: write # This is required for requesting the JWT  
      contents: write # This is required for actions/checkout  
      checks: read  
      pull-requests: write  
      packages: write  
    steps:  
      - name: Checkout  
        uses: actions/checkout@v4  
        with:  
          fetch-depth: 0  
  
      - name: Setup Node.js  
        uses: actions/setup-node@v4  
        with:  
          node-version: 'lts/iron'  
          registry-url: 'https://npm.pkg.github.com'  
          scope: '@${{ github.repository_owner }}'  
  
      - name: git config  
        run: |  
          git config user.name "${GITHUB_ACTOR}"  
          git config user.email "${GITHUB_ACTOR}@users.noreply.github.com"  
  
      - name: Install dependencies  
        run: npm ci  
        env:  
          NODE_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }}  
  
      - name: Build  
        run: npm run build:storybook  
  
      - name: Run release-it  
        run: npm run release  
        env:  
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}  
          NODE_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }}  
  
      - name: Configure AWS Credentials  
        uses: aws-actions/configure-aws-credentials@v4  
        with:  
          aws-region: eu-west-2  
          role-to-assume: arn:aws:iam::474164913222:role/GITHUB-OIDC-TRUST-ROLE-TO-EXECUTE-BUILDS  
  
      - name: Setup Terraform  
        uses: hashicorp/setup-terraform@v3  
  
      - name: Terraform Init  
        run: cd build/env/prod && terraform init -backend-config='key=front_end/storybook/production/terraform.tfstate' -input=false -lock=false -var='hosted_zone_domain_name=developer-hub.pfida.com'  
  
      - name: Terraform Format  
        run: terraform fmt -check  
  
      - name: Terraform Apply  
        run: cd build/env/prod && terraform apply -auto-approve -input=false -lock=false -var='hosted_zone_domain_name=developer-hub.pfida.com'  
  
      - name: Configure AWS Credentials  
        uses: aws-actions/configure-aws-credentials@v4  
        with:  
          aws-region: eu-west-2  
          role-to-assume: arn:aws:iam::474164913222:role/DeveloperCICDAssumeableDeploymentRole  
          role-chaining: true  
  
      - name: Upload App Source  
        run: aws s3 sync ${{ github.workspace }}/apps/workshop/storybook-static s3://storybook.developer-hub.pfida.com/  
  
      - name: Get Cloudfront ID  
        uses: dkershner6/aws-ssm-getparameters-action@v2  
        with:  
          parameterPairs: '/storybook.developer-hub.pfida.com/cloudfront_dist_id = CLOUDFRONT_ID'  
          # The part before equals is the ssm parameterName, and after is the ENV Variable name for the workflow.  
          withDecryption: 'true'  
  
      - name: Invalidate  
        run: aws cloudfront create-invalidation --distribution-id ${{env.CLOUDFRONT_ID}} --paths /\*

Recent Notes

Backlinks