# Deployment

This package generates code for deploying applications to AWS.

## Continuous Deployment

Deployment for standard React applications (not React Native) is intended to be run in a CI/CD pipeline using GitHub Actions, therefore most steps do not need to be run manually, but will instead run automatically.

### Overview

The overall strategy for deployment is to deploy to the staging environment on code pushes to the default branch. Then to deploy to the production environment manually.

In the future this should be changed to automatically deploy to production after a set number of hours but with a tagging system that allows for later/sooner/immediate deployments with handling to cancel or delay production deployments.

### Setup

The setup process in the CD environment is similar to the manual setup explained below, but requires defining Repository Secrets in GitHub for the following values:

- `NODE_AUTH_TOKEN` (from GitHub, not AWS)
- `AWS_ACCESS_KEY_ID`
- `AWS_SECRET_ACCESS_KEY`

And modifying the environment variables in the Actions files (`deploy.frontend.<environment-name>.yml`) instead of in the `.env.<environment-name>` files.

## Guide

### Setup

#### AWS User

1. Create a new IAM user for the project.

   1. Set the AWS credential type to "Access key - Programmatic access".
   2. Add the user to the "project-administrators" group (assuming working in the [Hex Insights AWS account](https://hexinsights.signin.aws.amazon.com/console)).
   3. Download the credentials CSV file.

2. (*local*) Import the credentials to the AWS CLI ([docs](https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-quickstart.html)).

   ```shell
   aws configure import --csv file://credentials.csv
   ```

3. (*local*) Define deployment environment variables in the `.env.staging` and `.env.production` files in the `deployment` directory.

3. (*remote*) Define the `AWS_ACCESS_KEY_ID` and `AWS_SECRET_ACCESS_KEY` repository secrets.

#### GitHub NPM Token

1. Create a new personal access token with the `read:packages` permission on it.
2. Define the `NODE_AUTH_TOKEN` repository secret.

### Deploying

1. Load the desired environment variables (`.env.staging` or `.env.production`).
2. Run `npm run deploy`.

## Changes

### Adding an Environment

To add an environment other than staging or production:

1. Add an environment file named `.env.<environment-name>` in the `deployment` directory.
1. Add a GitHub Actions Workflow file named `deploy.frontend.<environment-name>.yml` in the `.github/workflows` directory (from the repo root).

### Differentiating Environments

The default configuration is identical for all environments other than environment variables (e.g. domain name). If differentiated environments are needed, define separate `deploy.sh` and/or `template.yml` files depending on what is required.

#### Differentiating Deploy Scripts

1. Define  a new `deploy.<environment-name>.sh` file.
2. Add a `deploy:<environment-name>` script in the `package.json` file.
2. Update the deployment GitHub Actions Workflow files accordingly.

#### Differentiating Resource Templates

1. Define a new `template.<environment-name>.yml` file.
2. Update the `TEMPLATE_PATH` variable in `.env.<environment-name>`.
2. Update the deployment GitHub Actions Workflow files accordingly.