-
Notifications
You must be signed in to change notification settings - Fork 4
/
Copy pathamplify.yml
76 lines (76 loc) · 4.35 KB
/
amplify.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
version: 0.1
backend:
phases:
preBuild:
commands:
- echo Installing required packages for build...
- aws configure set cli_follow_urlparam false # fix for parameter store when storing URLs: https://github.com/aws/aws-cli/issues/2507
build:
commands:
- echo Amplify build...
- amplifyPush --simple
# Environment Variables for Backend
- echo Exporting environment variables from Amplify...
- if [ "${AWS_BRANCH}" = "master" ]; then export AMPLIFY_ENV=prod; fi
- if [ "${AWS_BRANCH}" = "development" ]; then export AMPLIFY_ENV=devel; fi
- if [ "${AWS_BRANCH}" = "next" ]; then export AMPLIFY_ENV=dev; fi
- export STACK_NAME=$(jq -r '.providers.awscloudformation.StackName' ./amplify/\#current-cloud-backend/amplify-meta.json)
- export DEPLOYMENT_BUCKET_NAME=$(jq -r '.providers.awscloudformation.DeploymentBucketName' ./amplify/\#current-cloud-backend/amplify-meta.json)
- export AWS_REGION=$(jq -r '.providers.awscloudformation.Region' ./amplify/\#current-cloud-backend/amplify-meta.json)
# Amplify generated resources
- export APPSYNC_API_ID=$(jq -r '.api[(.api | keys)[0]].output.GraphQLAPIIdOutput' ./amplify/\#current-cloud-backend/amplify-meta.json)
- make export.parameter NAME="/news/${AMPLIFY_ENV}/amplify/api/id" VALUE=${APPSYNC_API_ID}
- export APPSYNC_ENDPOINT=$(jq -r '.api[(.api | keys)[0]].output.GraphQLAPIEndpointOutput' ./amplify/\#current-cloud-backend/amplify-meta.json)
- make export.parameter NAME="/news/${AMPLIFY_ENV}/amplify/api/endpoint" VALUE=${APPSYNC_ENDPOINT}
- echo Generating datasources.json ....
- make init
- export BLOGS_TABLE_NAME=$(jq -r '.dataSources[] | select(.name == "BlogTable") | .dynamodbConfig.tableName' datasources.json)
- make export.parameter NAME="/news/${AMPLIFY_ENV}/amplify/storage/table/blogs" VALUE=${BLOGS_TABLE_NAME}
- export ARTICLES_TABLE_NAME=$(jq -r '.dataSources[] | select(.name == "ArticleTable") | .dynamodbConfig.tableName' datasources.json)
- make export.parameter NAME="/news/${AMPLIFY_ENV}/amplify/storage/table/articles" VALUE=${ARTICLES_TABLE_NAME}
- export CONTENT_BUCKET=$(jq -r '.storage[(.storage | keys)[0]].output.BucketName' ./amplify/\#current-cloud-backend/amplify-meta.json)
- make export.parameter NAME="/news/${AMPLIFY_ENV}/amplify/storage/bucket/content" VALUE=${CONTENT_BUCKET}
- export PINPOINT_APP_ID=$(jq -r '.analytics[(.analytics | keys)[0]].output.Id' ./amplify/\#current-cloud-backend/amplify-meta.json)
- make export.parameter NAME="/news/${AMPLIFY_ENV}/amplify/analytics/app/id" VALUE=${PINPOINT_APP_ID}
# Deploy backend, including content service and support layer
- echo Deploy backend components...
- make deploy
# this should only be done once....
# - if [ "${AMPLIFY_ENV}" = "prod" ]; then make deploy.cdn; fi
frontend:
phases:
preBuild:
commands:
- cd next
- yarn install
# write the value of the content service
- export CONTENT_API_URL=$(aws cloudformation describe-stacks --stack-name ${STACK_NAME}-services | jq -r '.Stacks[].Outputs[] | select(.OutputKey == "ContentApiUrl").OutputValue')
- if [ "${AMPLIFY_ENV}" = "prod" ]; then export CONTENT_API_URL=$(aws cloudformation describe-stacks --stack-name ${STACK_NAME}-cdn | jq -r '.Stacks[].Outputs[] | select(.OutputKey == "DistributionDNSName").OutputValue'); fi
- touch .env.local
- echo 'NEXT_PUBLIC_CONTENT_API=${CONTENT_API_URL}' > .env.local
build:
commands:
- yarn run build
artifacts:
baseDirectory: next/out
files:
- "**/*"
cache:
paths:
- node_modules/**/*
customHeaders:
- pattern: "**/*"
headers: # https://infosec.mozilla.org/guidelines/web_security
- key: "Strict-Transport-Security"
value: "max-age=31536000; includeSubDomains"
- key: "X-Content-Type-Options"
value: "nosniff"
- key: "X-XSS-Protection"
value: "1; mode=block"
- key: "X-Frame-Options"
value: "DENY"
- key: "Referrer-Policy"
value: "same-origin"
- key: "Feature-Policy"
value: "microphone 'none'; camera 'none'; notifications 'self'"
# CSP generated using Laboratory: https://github.com/april/laboratory