main.yml
name: Landing Page Deployment
on:
push:
branches:
- main
jobs:
build-and-deploy:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v1
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v1
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: us-east-1
- name: Deploy static site to S3 bucket
run: aws s3 sync . s3://hey-beast-landing-page --deleteThis project uses GitHub Actions to automatically deploy portfolio to an AWS S3 bucket whenever changes are pushed to the main branch.
The deployment process is handled by a GitHub Actions workflow that performs the following steps:
- Checkout the repository - Uses the
actions/checkout@v1action to checkout the repository so the build can access the latest code. - Configure AWS Credentials - Configures AWS credentials using the GitHub Secrets to securely authenticate with AWS.
- Deploy to S3 - Syncs the local files to the S3 bucket specified, making sure to delete any files in the bucket that no longer exist in the repository.
The workflow is defined in a YAML file (.github/workflows/deploy.yml). Here is a breakdown of the workflow:
This section defines when the workflow is triggered:
- push - The workflow is triggered whenever there is a push to the
mainbranch.
This section defines the steps to be run as part of the deployment job:
- runs-on - The job will run on the latest Ubuntu environment provided by GitHub Actions.
-
Checkout - The repository code is checked out to the runner using the
actions/checkout@v1action.- name: Checkout uses: actions/checkout@v1
-
Configure AWS Credentials - AWS credentials are configured using secrets stored in the GitHub repository. These secrets (
AWS_ACCESS_KEY_IDandAWS_SECRET_ACCESS_KEY) must be set up beforehand in your GitHub repository.- name: Configure AWS Credentials uses: aws-actions/configure-aws-credentials@v1 with: aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} aws-region: us-east-1
-
Deploy static site to S3 bucket - This step syncs the local directory with the S3 bucket using the AWS CLI command
aws s3 sync. The--deleteflag ensures that files in the bucket that no longer exist in the local directory are deleted.- name: Deploy static site to S3 bucket run: aws s3 sync . s3://hey-beast-landing-page --delete
- An AWS account and an S3 bucket (e.g.,
hey-beast-landing-page) created where the static site will be hosted. - AWS credentials (Access Key ID and Secret Access Key) should be stored as secrets in your GitHub repository:
AWS_ACCESS_KEY_IDAWS_SECRET_ACCESS_KEY
Ensure that S3 bucket is configured to host a static website. This can be done in the AWS S3 console:
- Go to S3 bucket.
- Click on the Properties tab.
- Scroll down to the Static website hosting section.
- Enable static website hosting and provide the appropriate index and error document names (e.g.,
index.html).
This S3 bucket (hey-beast-landing-page) is publicly accessible for reading the objects it contains. The following policy has been applied to allow public access.
This bucket policy allows any user, including anonymous users, to retrieve (download) objects from the hey-beast-landing-page bucket.
- Policy Version: 2012-10-17
- Effect: Allow public read access to objects in the bucket.
- Action Allowed:
s3:GetObject(Retrieve objects from the bucket). - Principal:
*(The policy applies to all users, including anonymous users). - Resource: Applies to all objects within the bucket
hey-beast-landing-page.
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "PublicReadGetObject",
"Effect": "Allow",
"Principal": "*",
"Action": "s3:GetObject",
"Resource": "arn:aws:s3:::hey-beast-landing-page/*"
}
]
}