-
Notifications
You must be signed in to change notification settings - Fork 116
148 lines (133 loc) · 5.1 KB
/
preview-deploy.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
name: Preview
on:
pull_request:
permissions:
contents: read
pages: write
id-token: write
env:
PR_NUMBER: ${{ github.event.number || github.run_id }}
COMMIT_REF: ${{ github.event.pull_request.head.sha || github.event.inputs.COMMIT_REF }}
PORT: 80
# This allows one deploy workflow to interrupt another
concurrency:
group: 'preview-env @ ${{ github.head_ref || github.run_id }} for ${{ github.event.number || github.event.inputs.PR_NUMBER }}'
cancel-in-progress: true
jobs:
demo:
name: Demo Build & Deploy
if: ${{ github.event.pull_request.head.repo.full_name == 'primer/view_components' && github.actor != 'dependabot[bot]' }}
runs-on: ubuntu-latest
environment:
name: preview
# The environment variable is computed later in this job in
# the "Get preview app info" step.
# That script sets environment variables which is used by Actions
# to link a PR to a list of environments later.
url: ${{ env.APP_URL }}
steps:
- uses: actions/checkout@v3
- name: Setup Ruby
uses: ruby/setup-ruby@v1
with:
ruby-version: '3.2'
bundler-cache: true
- name: Docker login
env:
AZURE_ACR_PASSWORD: ${{ secrets.AZURE_ACR_PASSWORD }}
run: echo $AZURE_ACR_PASSWORD | docker login primer.azurecr.io --username GitHubActions --password-stdin
- uses: Azure/login@v1
with:
# excluding a client secret here will cause a login via OpenID Connect (OIDC),
# which prevents us from having to rotate client credentials, etc
client-id: "5ad1a188-b944-40eb-a2f8-cc683a6a65a0"
tenant-id: "398a6654-997b-47e9-b12b-9515b896b4de"
subscription-id: "550eb99d-d0c7-4651-a337-f53fa6520c4f"
- name: Get preview app info
run: ./.github/workflows/demo-preview-app-info.sh
- name: Pull latest
run: |
docker pull ${{ env.IMAGE_URL }}:latest || true
docker pull ${{ env.IMAGE_URL }}:latest-assets || true
- name: Build
env:
RAILS_MASTER_KEY: ${{ secrets.RAILS_MASTER_KEY }}
run: |
bin/kuby -e production build --only app -- --tag=${{ env.DOCKER_IMAGE }} --cache-from ${{ env.IMAGE_URL }}:latest
bin/kuby -e production build --only assets -- --tag=${{ env.DOCKER_IMAGE }}-assets --cache-from ${{ env.IMAGE_URL }}:latest-assets
- name: Push
run: |
docker image push --all-tags ${{ env.IMAGE_URL }}
- name: Run ARM deploy
# This condition will be truthy if this workflow is...
# - run as a workflow_dispatch
# - run because of a push to main (or when added to a merge queue)
# - run as a regular pull request
# But if it's a pull request, *and* for whatever reason the pull
# request has "Auto-merge" enabled, don't bother.
# The idea is that if auto-merge has been abled, by humans or by
# bots, they have no intention of viewing the deployed preview anyway.
# This saves time because the PR can merge sooner.
if: ${{ !github.event.pull_request.auto_merge }}
uses: azure/arm-deploy@65ae74fb7aec7c680c88ef456811f353adae4d06
with:
resourceGroupName: primer
subscriptionId: 550eb99d-d0c7-4651-a337-f53fa6520c4f
template: ./.github/workflows/demo-preview-template.json
deploymentName: ${{env.DEPLOYMENT_NAME}}
parameters: appName="${{env.APP_NAME}}"
containerImage="${{ env.DOCKER_IMAGE }}"
dockerRegistryUrl="primer.azurecr.io"
dockerRegistryUsername="GitHubActions"
dockerRegistryPassword="${{ secrets.AZURE_ACR_PASSWORD }}"
railsMasterKey="${{ secrets.RAILS_MASTER_KEY }}"
docs_build:
if: ${{ github.event.pull_request.head.repo.full_name == 'primer/view_components' }}
name: Docs Build
runs-on: ubuntu-latest
steps:
- name: Checkout default branch
uses: actions/checkout@v3
with:
version: 14
- name: Setup Ruby
uses: ruby/setup-ruby@v1
with:
ruby-version: '3.2'
bundler-cache: true
- name: Setup Node
uses: actions/setup-node@v3
with:
node-version: 16
cache: 'npm'
cache-dependency-path: |
package-lock.json
docs/package-lock.json
- name: Install dependencies
run: npm ci && cd docs && npm ci && cd ..
- name: Generate static files
run: bundle exec rake utilities:build docs:build static:dump
- name: Build
run: npm run build:docs:preview
- name: Archive build output
run: 'tar --dereference --directory docs/public -cvf artifact.tar .'
- name: Upload artifact
uses: actions/upload-artifact@v3
with:
name: github-pages
path: artifact.tar
docs_deploy:
name: Docs Deploy
runs-on: ubuntu-latest
needs: docs_build
environment:
name: github-pages
url: ${{ steps.deployment.outputs.page_url }}
outputs:
deployment_url: ${{ steps.deployment.outputs.page_url }}
steps:
- name: Deploy to GitHub Pages
id: deployment
uses: actions/deploy-pages@v2
with:
preview: true