Deploy static site to AWS (S3+CDN+R53)

GitHub action to deploy anything into a bucket, adding the options to add a CDN and use a Domain (if hosted in Route53) with certificates.

This action will copy the files from the defined folder into an S3 bucket, defining the content type and serving ALL OF THEM PUBLICLY.

Requirements

Files to publish
An AWS Account
If domain and cert wanted, registered domain in AWS.

1. Files to publish

Will grab everything defined in aws_spa_source_folder and push it to a bucket. Define aws_spa_root_object if different than index.html

2. An AWS account

You'll need Access Keys from an AWS account

3. CERTIFICATES - Only for AWS Managed domains with Route53

If aws_r53_domain_name is defined, we will look up for a certificate with the name of that domain (eg. example.com). We expect that certificate to contain both example.com and *.example.com.

Setting aws_r53_create_root_cert to true will create this certificate with both example.com and *.example.com for you, and validate them. (DNS validation).

Setting aws_r53_create_sub_cert to true will create a certificate just for the subdomain, and validate it.

⚠️ Be very careful here! Created certificates are fully managed by Terraform. Therefor they will be destroyed upon stack destruction.

Example usage

Create .github/workflow/deploy.yaml with the following to build on push.

Example usage

name: Basic deploy
on:
  push:
    branches: [ main ]

jobs:
  Deploy-SPA:
    runs-on: ubuntu-latest

    steps:
    - name: Create deploy-bucket
      uses: bitovi/github-actions-deploy-static-site-to-aws@v0.0.1
      with:
        aws_access_key_id: ${{ secrets.AWS_ACCESS_KEY_ID_SANDBOX}}
        aws_secret_access_key: ${{ secrets.AWS_SECRET_ACCESS_KEY_SANDBOX}}
        aws_default_region: us-east-1

        tf_action: 'apply'
        tf_state_bucket_destroy: true
        
        aws_spa_cdn_enabled: true
        
        # You should own and have this domain available
        aws_r53_domain_name: example.com
        aws_r53_sub_domain_name: spa

Customizing

The following inputs can be used as step.with keys

Action defaults Inputs

Name	Type	Description
`checkout`	Boolean	Set to `false` if the code is already checked out. (Default is `true`).

AWS Inputs

Name	Type	Description
`aws_access_key_id`	String	AWS access key ID
`aws_secret_access_key`	String	AWS secret access key
`aws_default_region`	String	AWS default region. Defaults to `us-east-1`
`aws_role_to_assume`	String	AWS Role to assume. Default is empty.
`aws_resource_identifier`	String	Set to override the AWS resource identifier for the deployment. Defaults to `${GITHUB_ORG_NAME}-${GITHUB_REPO_NAME}-${GITHUB_BRANCH_NAME}`. Use with destroy to destroy specific resources.
`additional_tags`	JSON	Add additional tags to the terraform default tags, any tags put here will be added to all provisioned resources.

Terraform options inputs

Name	Type	Description
`tf_action`	String	Option to run Terraform `apply` / `destroy` action. Will run `plan` if nothing defined.
`tf_plan_show_details`	Boolean	Set to true to show a detailed output from Terraform plan.
`tf_state_bucket`	String	AWS S3 bucket name to use for Terraform state. Defaults to `${org}-${repo}-{branch}-tf-state`
`tf_state_bucket_destroy`	Boolean	Force purge and deletion of S3 bucket defined if terraform destroy action succeded.

SPA Settings inputs

Name	Type	Description
`aws_spa_source_folder`	String	Source folder for files to be published. Will ignore any hidden file. Defaults to root folder of the calling repo if nothing defined.
`aws_spa_root_object`	Boolean	Root object to be served as entry-point. Defaults to `index.html`.
`aws_spa_website_bucket_name`	String	AWS S3 bucket name to use for the public files. Defaults to `${org}-${repo}-{branch}-sp`
`aws_spa_cdn_enabled`	Boolean	Enable or disables the use of CDN. Defaults to `false`.

Certificate Inputs

Name	Type	Description
`aws_r53_domain_name`	String	Define the root domain name for the application. e.g. `bitovi.com`.
`aws_r53_sub_domain_name`	String	Define the sub-domain part of the URL. Defaults to `${GITHUB_ORG_NAME}-${GITHUB_REPO_NAME}-${GITHUB_BRANCH_NAME}`.
`aws_r53_root_domain_deploy`	Boolean	Deploy application to root domain. Will create root and www records. Default is `false`.
`aws_r53_cert_arn`	String	Define the certificate ARN to use for the application.
`aws_r53_create_root_cert`	Boolean	Generates and manage the root cert for the application. Default is `false`.
`aws_r53_create_sub_cert`	Boolean	Generates and manage the sub-domain certificate for the application. Default is `false`.

Note about resource identifiers

Most resources will contain the tag ${GITHUB_ORG_NAME}-${GITHUB_REPO_NAME}-${GITHUB_BRANCH_NAME}, some of them, even the resource name after. We limit this to a 60 characters string because some AWS resources have a length limit and short it if needed.

We use the kubernetes style for this. For example, kubernetes -> k(# of characters)s -> k8s. And so you might see some compressions are made.

For some specific resources, we have a 32 characters limit. If the identifier length exceeds this number after compression, we remove the middle part and replace it for a hash made up from the string itself.

Contributing

We would love for you to contribute to bitovi/bitovi/github-actions-deploy-static-site-to-aws. Would you like to see additional features? Create an issue or a Pull Requests. We love discussing solutions!

License

The scripts and documentation in this project are released under the MIT License.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Action

Deploy static site to AWS (S3+CDN+R53)