BRS:438 Convert Day Use front ends to use SAM (#452)

* Sam Changes

* Wrong path in workflow

.github/workflows/deploy-dev.yaml

@@ -1,117 +1,135 @@
-name: Deploy Dev
+name: Deploy DUP-Public Dev
+
+run-name: Deploying ${{ github.ref_name }} (Public) to dev
 
 on:
   push:
     branches: [main]
-
-env:
-  TF_VERSION: 0.14.7
-  TG_VERSION: 0.37.1
-  TG_SRC_PATH: terraform
-  TFC_WORKSPACE: dev
-  TARGET_ENV: dev
+    paths: "**"
+  workflow_dispatch:
 
 permissions:
   id-token: write
   contents: read
 
 jobs:
-  deploy:
-    name: Build and Deploy
+  deploy-admin:
     runs-on: ubuntu-latest
     environment: dev
     strategy:
+      max-parallel: 1
       matrix:
         node-version: [18.x]
+    defaults:
+      run:
+        working-directory: "./${{ vars.DUP_PUBLIC_DIRECTORY }}"
     steps:
-      - name: Checkout
+      ### Checkout GitHub Repo
+      - name: Checkout repo
         uses: actions/checkout@v3
 
+      - shell: bash
+        env:
+          WEBHOOK_URL: ${{ secrets.WEBHOOK_URL }}
+        run: |
+          curl -X POST -H 'Content-Type: application/json' $WEBHOOK_URL --data '{"text":"Dup - Deploy Public Dev"}'
+
       ### Install if no cache exists ###
       - name: Setup node
         uses: actions/setup-node@v3
         with:
           node-version: ${{ matrix.node-version }}
-          cache: 'yarn'
+          cache: "yarn"
+          cache-dependency-path: "${{ vars.DUP_PUBLIC_DIRECTORY }}/yarn.lock"
       - run: yarn install --silent --frozen-lockfile
 
       ### Build if no cache exists ###
-      - name: Cache Build
-        id: cache-build
+      - name: Cache Admin Build
+        id: cache-admin-build
         uses: actions/cache@v3
         with:
           path: |
-            **/dist
-          key: ${{ github.sha }}-dist
-      - name: Run Build
-        if: steps.cache-build.outputs.cache-hit != 'true'
+            **${{ vars.DUP_PUBLIC_DIRECTORY }}/dist
+          key: ${{ github.sha }}-${{ vars.DUP_PUBLIC_DIRECTORY }}-dist
+      - name: Run yarn build
+        if: steps.cache-admin-build.outputs.cache-hit != 'true'
         env:
-          GITHUB_SHA_SHORT: ${{ github.sha }}
+          GH_HASH: ${{ github.sha }}
         run: |
-          sed 's@localConfigEndpoint@'true'@g' src/env.js.template | sed 's@gitHubHash@'"$GITHUB_SHA_SHORT"'@g' > src/env.js
+          sed 's@localConfigEndpoint@'true'@g' src/env.js.template | sed 's@localGHHash@'"$GH_HASH"'@g' > src/env.js
           yarn build
-          ./node_modules/.bin/ngsw-config dist/parks-reso-public/ ./ngsw-config.json /dayuse
 
-      ### Get environment variables from AWS Parameter Store ###
-      - name: Configure AWS credentials
-        uses: aws-actions/configure-aws-credentials@v3
+      ### Setup AWS SAM
+      - name: Setup AWS SAM
+        uses: aws-actions/setup-sam@v2
         with:
-          aws-region: ${{ secrets.AWS_REGION }}
-          role-to-assume: ${{ vars.AWS_ROLE_ARN_TO_USE }}
-          role-duration-seconds: 900
-          role-session-name: parks-reso-public-dev-gh-action
-          role-skip-session-tagging: true
+          use-installer: true
 
-      - name: Get public variables
-        uses: dkershner6/aws-ssm-getparameters-action@v1
+      ### Assume AWS IAM Role
+      - name: Get AWS credentials
+        uses: aws-actions/configure-aws-credentials@v2
         with:
-          parameterPairs: '/parks-reso-public/s3-bucket = S3_BUCKET, /parks-reso-public/origin-id = ORIGIN_ID'
+          role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }}
+          role-session-name: GitHub_to_AWS_via_FederatedOIDC
+          aws-region: ${{ vars.AWS_REGION }}
 
-      - name: Get API variables
-        uses: dkershner6/aws-ssm-getparameters-action@v1
-        with:
-          parameterPairs: '/parks-reso-api/origin-domain = API_GATEWAY_ORIGIN_DOMAIN, /parks-reso-api/origin-id = API_GATEWAY_ORIGIN_ID, /parks-reso-api/gateway-path-pattern = API_GATEWAY_PATH_PATTERN'
-
-      - name: Get shared variables
-        uses: dkershner6/aws-ssm-getparameters-action@v1
+      ### SAM Build
+      - name: Cache SAM Build
+        id: cache-sam-build
+        uses: actions/cache@v3
         with:
-          parameterPairs: '/parks-reso-shared/s3-bucket-assets = S3_BUCKET_ASSETS, /parks-reso-shared/origin-id-assets = ORIGIN_ID_ASSETS'
+          path: |
+            **${{ vars.DUP_PUBLIC_DIRECTORY }}/.aws-sam
+          key: ${{ github.sha }}-${{ vars.DUP_PUBLIC_DIRECTORY }}-sam-cache
+      - name: Run sam build
+        if: steps.cache-sam-build.outputs.cache-hit != 'true'
+        run: |
+          sam build --cached
 
-      ### Upload dist to S3 ###
-      - name: Deploy to Dev S3
+      ### Prevent prompts and failure when the stack is unchanged
+      - name: SAM deploy
         env:
-          s3_bucket: '${{ env.S3_BUCKET }}-${{ env.TARGET_ENV }}'
-          dir_name: ${{ github.sha }}
+          STACK_NAME: ${{ vars.DUP_PUBLIC_STACK_NAME }}
+          PROJECT_NAME: ${{ vars.DUP_PUBLIC_PROJECT_NAME }}
+          DIST_ORIGIN_PATH: "latest"
+          API_GATEWAY_ID: ${{ vars.DUP_API_ID }}
+          ENV: ${{ vars.ENVIRONMENT_STAGE }}
+          AWS_REGION: ${{ vars.AWS_REGION }}
+          API_STAGE: ${{ vars.DUP_API_STAGE }}
+          DOMAIN_NAME: ${{ vars.DOMAIN_NAME }}
+          AWS_CERTIFICATE_ARN: ${{ vars.AWS_CERTIFICATE_ARN }}
+          BASE_HREF: "admin/"
         run: |
-          aws s3 sync dist/parks-reso-public s3://$s3_bucket/$dir_name/dayuse
-
-      ### Run Terragrunt ###
-      - name: Setup terraform
-        uses: hashicorp/setup-terraform@v2
-        with:
-          terraform_version: ${{ env.TF_VERSION }}
-
-      - name: Setup Terragrunt
-        uses: autero1/action-terragrunt@v1.3.0
-        with:
-          terragrunt_version: ${{ env.TG_VERSION }}
+          sam deploy --stack-name $STACK_NAME --no-confirm-changeset --no-fail-on-empty-changeset --parameter-overrides \
+          "ProjectName=$PROJECT_NAME \
+          DistOriginPath=$DIST_ORIGIN_PATH \
+          ApiGatewayId=$API_GATEWAY_ID \
+          Env=$ENV \
+          AWSRegion=$AWS_REGION \
+          ApiStage=$API_STAGE \
+          EnvDomainName=$DOMAIN_NAME \
+          DomainCertificateArn=$AWS_CERTIFICATE_ARN \
+          BaseHref=$BASE_HREF"
 
-      - name: Terragrunt Apply
-        working-directory: ${{ env.TG_SRC_PATH }}/${{ env.TFC_WORKSPACE }}
+      ### Upload dist to S3 ###
+      - name: Deploy to S3
         env:
-          app_version: ${{ github.sha }}
-          aws_region: ${{ secrets.AWS_REGION }}
-          s3_bucket: ${{ env.S3_BUCKET }}
-          s3_bucket_assets: ${{ env.S3_BUCKET_ASSETS }}
-          origin_id: ${{ env.ORIGIN_ID }}
-          api_gateway_origin_domain: ${{ env.API_GATEWAY_ORIGIN_DOMAIN }}
-          api_gateway_origin_id: ${{ env.API_GATEWAY_ORIGIN_ID }}
-          api_gateway_path_pattern: ${{ env.API_GATEWAY_PATH_PATTERN }}
-          origin_id_assets: ${{ env.ORIGIN_ID_ASSETS }}
-        run: terragrunt apply -auto-approve --terragrunt-non-interactive -var aws_region=${{ secrets.AWS_REGION }} -var target_aws_account_id=${{ vars.ACCOUNT_ID }} -var target_env=dev
+          S3_BUCKET: ${{ vars.DUP_PUBLIC_PROJECT_NAME }}-${{ vars.ENVIRONMENT_STAGE }}
+          DIR_NAME: ${{ github.event.release.tag_name }}
+          WORKING_DIRECTORY: ${{ vars.DUP_PUBLIC_DIRECTORY }}
+        run: |
+          aws s3 sync dist/$WORKING_DIRECTORY s3://$S3_BUCKET/$DIR_NAME
+          aws s3 rm s3://$S3_BUCKET/ --recursive --exclude "*" --include "latest/admin/*"
+          aws s3 sync dist/$WORKING_DIRECTORY s3://$S3_BUCKET/latest/admin
 
       - name: Invalidate CloudFront
         uses: chetan/invalidate-cloudfront-action@v2
         env:
           DISTRIBUTION: ${{ secrets.DISTRIBUTION }}
-          PATHS: "/*"
+          PATHS: "/*"
+
+      - shell: bash
+        env:
+          WEBHOOK_URL: ${{ secrets.WEBHOOK_URL }}
+        run: |
+          curl -X POST -H 'Content-Type: application/json' $WEBHOOK_URL --data '{"text":"DUP Deploy Public Dev Complete"}'