GitHub Action to Compile JS files using Google Closure, Sync to S3 Bucket and invalidate CloudFront cache
This simple action uses the Google Closure Compiler and AWS CLI to compile JS files in directory and sync a that directory (either from your repository or generated during your workflow) with a remote S3 bucket and afterwards invalidate the CloudFront cache.
Place in a .yml file such as this one in your .github/workflows folder. Refer to the documentation on workflow YAML syntax here.
As of v0.3.0, all aws s3 sync flags are optional to allow for maximum customizability (that's a word, I promise) and must be provided by you via args:.
--acl public-readmakes your files publicly readable (make sure your bucket settings are also set to public).--follow-symlinkswon't hurt and fixes some weird symbolic link problems that may come up.- Most importantly,
--deletepermanently deletes files in the S3 bucket that are not present in the latest version of your repository/build. - Optional tip: If you're uploading the root of your repository, adding
--exclude '.git/*'prevents your.gitfolder from syncing, which would expose your source code history if your project is closed-source. (To exclude more than one pattern, you must have one--excludeflag per exclusion. The single quotes are also important!)
name: Upload Website
on:
push:
branches:
- main
jobs:
deploy:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- uses: kersvers/[email protected]
with:
args: --acl public-read --follow-symlinks --delete
env:
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
AWS_S3_BUCKET: ${{ secrets.AWS_S3_BUCKET }}
DISTRIBUTION_ID: 'EQDXXXXO18XXX'
AWS_REGION: 'eu-west-1' # optional: defaults to us-east-1
SOURCE_DIR: 'public' # optional: defaults to entire repository
DEST_DIR: 'subdirectory' # optional: defaults to the root of the bucket
COMPILE_JS: 'min' #optional: defaults to none (no compile)The following settings must be passed as environment variables as shown in the example. Sensitive information, especially AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY, should be set as encrypted secrets — otherwise, they'll be public to anyone browsing your repository's source code and CI logs.
| Key | Value | Suggested Type | Required | Default |
|---|---|---|---|---|
AWS_ACCESS_KEY_ID |
Your AWS Access Key. More info here. | secret env |
Yes | N/A |
AWS_SECRET_ACCESS_KEY |
Your AWS Secret Access Key. More info here. | secret env |
Yes | N/A |
AWS_S3_BUCKET |
The name of the bucket you're syncing to. For example, jarv.is or my-app-releases. |
secret env |
Yes | N/A |
DISTRIBUTION_ID |
The ID of the CloudFront distribution you wish to invalidate the cache for. | env |
Yes | N/A |
AWS_REGION |
The region where you created your bucket. Set to us-east-1 by default. Full list of regions here. |
env |
No | us-east-1 |
AWS_S3_ENDPOINT |
The endpoint URL of the bucket you're syncing to. Can be used for VPC scenarios or for non-AWS services using the S3 API, like DigitalOcean Spaces. | env |
No | Automatic (s3.amazonaws.com or AWS's region-specific equivalent) |
SOURCE_DIR |
The local directory (or file) you wish to sync/upload to S3. For example, public. Defaults to your entire repository. |
env |
No | ./ (root of cloned repository) |
DEST_DIR |
The directory inside of the S3 bucket you wish to sync/upload to. For example, my_project/assets. Defaults to the root of the bucket. |
env |
No | / (root of bucket) |
COMPILE_JS |
Choose if to minify JS files using Google Clousure Library. min = Comile and replace, both = Compile to new file named FILE.min.js and keep original. Defaults to no. | env |
No | 0 |
This repo forked origanlly from https://github.com/marketplace/actions/aws-s3-sync-with-cloudfront-cache-invalidation and add Google Closure compiler as an option
This project is distributed under the MIT license.