How to deploy an AWS Amplify app from GitHub Actions?

Question

I want to control Amplify deployments from GitHub Actions because Amplify auto-build

• doesn't provide a GitHub Environment
• doesn't watch the CI for failures and will deploy anyways, or
• requires me to duplicate the CI setup and re-run it in Amplify
• didn't support running a cypress job out-of-the-box

Answer 1

• Turn off auto-build (in the App settings / General / Branches).
• Add the following script and job

scripts/amplify-deploy.sh

echo "Deploy app $1 branch $2"
JOB_ID=$(aws amplify start-job --app-id $1 --branch-name $2 --job-type RELEASE | jq -r '.jobSummary.jobId')
echo "Release started"
echo "Job ID is $JOB_ID"

while [[ "$(aws amplify get-job --app-id $1 --branch-name $2 --job-id $JOB_ID | jq -r '.job.summary.status')" =~ ^(PENDING|RUNNING)$ ]]; do sleep 1; done
JOB_STATUS="$(aws amplify get-job --app-id $1 --branch-name $2 --job-id $JOB_ID | jq -r '.job.summary.status')"
echo "Job finished"
echo "Job status is $JOB_STATUS"

  deploy:
    runs-on: ubuntu-latest
    env:
      AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
      AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
      AWS_DEFAULT_REGION: us-east-1
      AWS_DEFAULT_OUTPUT: json
    steps:
    - uses: actions/checkout@v2
    - name: Deploy
      run: ./scripts/amplify-deploy.sh xxxxxxxxxxxxx master

You could improve the script to fail if the release fails, add needed steps (e.g. lint, test), add a GitHub Environment, etc.

There's also amplify-cli-action but it didn't work for me.

Answer 2

1. Disable automatic builds:

• Go to App settings > general in the AWS Amplify console and disable automatic builds there.

2. Go to App settings > Build Settings and create a web hook which is a curl command that will trigger a build.

• Example: curl -X POST -d {} URL -H "Content-Type: application/json"

3. Save the URL in GitHub as a secret.
4. Add the curl script to the GitHub actions YAML script like this:

deploy:
  runs-on: ubuntu-latest
  steps:
  - name: deploy
    run: |
        URL="${{ secrets.WEBHOOK_URL }}"
        curl -X POST -d {} "$URL" -H "Content-Type: application/json"

Answer 3

Similar to answer 2 here, but I used tags instead.

Create an action like ci.yml, turn off auto-build on the staging & prod envs in amplify and create the webhook triggers.

name: CI-Staging
on:
  release:
    types: [prereleased]
permissions: read-all # This is required to read the secrets
jobs:
  deploy-staging:
    runs-on: ubuntu-latest
    permissions: read-all # This is required to read the secrets
    steps:
      - name: deploy
        run: |
          URL="${{ secrets.STAGING_DEPLOY_WEBHOOK }}"
          curl -X POST -d {} "$URL" -H "Content-Type: application/json"

name: CI-production
on:
  release:
    types: [released]
permissions: read-all # This is required to read the secrets
jobs:
  deploy-production:
    runs-on: ubuntu-latest
    permissions: read-all # This is required to read the secrets
    steps:
      - name: deploy
        run: |
          URL="${{ secrets.PRODUCTION_DEPLOY_WEBHOOK }}"
          curl -X POST -d {} "$URL" -H "Content-Type: application/json"