-
Notifications
You must be signed in to change notification settings - Fork 35
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #2514 from responsible-ai-collaborative/staging
Deploy to Production
- Loading branch information
Showing
50 changed files
with
2,104 additions
and
1,281 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,206 +1,107 @@ | ||
| name: Deploy | ||
| name: Deploy to Netlify | ||
| on: | ||
| workflow_call: | ||
| inputs: | ||
| environment: | ||
| type: string | ||
| description: Environment to deploy to | ||
| required: true | ||
|
|
||
| jobs: | ||
| install-and-build: | ||
| name: NPM install and build site | ||
| jobs: | ||
| netlify-deploy: | ||
| environment: ${{ inputs.environment }} | ||
| runs-on: ubuntu-latest | ||
| defaults: | ||
| run: | ||
| shell: bash | ||
| working-directory: site/gatsby-site | ||
| permissions: | ||
| pull-requests: write | ||
| steps: | ||
| - name: Checkout | ||
| uses: actions/checkout@v2 | ||
| uses: actions/checkout@v4 | ||
| with: | ||
| ref: ${{ github.event.pull_request.head.sha }} | ||
|
|
||
| # Cache 'node_modules' and '~/.cache/Cypress' folder | ||
| - name: Cache node modules | ||
| - name: Read node modules from cache | ||
| id: cache-nodemodules | ||
| uses: actions/cache@v3.0.5 | ||
| uses: actions/cache/restore@v3 | ||
| env: | ||
| cache-name: cache-install-folder | ||
| with: | ||
| # caching node_modules | ||
| path: | | ||
| site/gatsby-site/node_modules | ||
| ~/.cache/Cypress | ||
| key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ hashFiles('**/package-lock.json') }} | ||
| restore-keys: | | ||
| ${{ runner.os }}-build-${{ env.cache-name }}- | ||
| ${{ runner.os }}-build- | ||
| ${{ runner.os }}- | ||
|
|
||
| # Install NPM dependencies | ||
| - name: Install NPM dependencies | ||
| - name: Set up Node.js | ||
| uses: actions/setup-node@v3 | ||
|
|
||
| - name: Install dependencies | ||
| if: steps.cache-nodemodules.outputs.cache-hit != 'true' | ||
| uses: cypress-io/github-action@v4 | ||
| with: | ||
| working-directory: site/gatsby-site | ||
| # just perform install | ||
| runTests: false | ||
| install-command: npm ci --legacy-peer-deps | ||
| run: npm ci | ||
|
|
||
| - name: Use new netlify.toml | ||
| run: | | ||
| rm -f netlify.toml | ||
| mv github-netlify.toml netlify.toml | ||
| - name: Install Netlify CLI | ||
| run: npm install netlify-cli -g | ||
|
|
||
| # Build Gatbsy site | ||
| - name: Build site | ||
| run: npm run build | ||
| - name: Build using Netlify | ||
| run: netlify build --context deploy-preview | ||
| env: | ||
| NETLIFY_SITE_ID: ${{ vars.NETLIFY_SITE_ID }} | ||
| NETLIFY_AUTH_TOKEN: ${{ secrets.NETLIFY_AUTH_TOKEN }} | ||
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | ||
| CYPRESS_PROJECT_ID: ${{ secrets.CYPRESS_PROJECT_ID }} | ||
| CYPRESS_PROJECT_ID: ${{ vars.CYPRESS_PROJECT_ID }} | ||
| CYPRESS_RECORD_KEY: ${{ secrets.CYPRESS_RECORD_KEY }} | ||
| E2E_ADMIN_USERNAME: ${{ secrets.E2E_ADMIN_USERNAME }} | ||
| E2E_ADMIN_PASSWORD: ${{ secrets.E2E_ADMIN_PASSWORD }} | ||
| ALGOLIA_ADMIN_KEY: ${{ secrets.ALGOLIA_ADMIN_KEY }} | ||
| GATSBY_ALGOLIA_APP_ID: ${{ secrets.GATSBY_ALGOLIA_APP_ID }} | ||
| GATSBY_ALGOLIA_SEARCH_KEY: ${{ secrets.GATSBY_ALGOLIA_SEARCH_KEY }} | ||
| GATSBY_AVAILABLE_LANGUAGES: ${{ secrets.GATSBY_AVAILABLE_LANGUAGES }} | ||
| GATSBY_REALM_APP_ID: ${{ secrets.GATSBY_REALM_APP_ID }} | ||
| GATSBY_ALGOLIA_APP_ID: ${{ vars.GATSBY_ALGOLIA_APP_ID }} | ||
| GATSBY_ALGOLIA_SEARCH_KEY: ${{ vars.GATSBY_ALGOLIA_SEARCH_KEY }} | ||
| GATSBY_AVAILABLE_LANGUAGES: ${{ vars.GATSBY_AVAILABLE_LANGUAGES }} | ||
| GATSBY_REALM_APP_ID: ${{ vars.GATSBY_REALM_APP_ID }} | ||
| GOOGLE_TRANSLATE_API_KEY: ${{ secrets.GOOGLE_TRANSLATE_API_KEY }} | ||
| MONGODB_CONNECTION_STRING: ${{ secrets.MONGODB_CONNECTION_STRING }} | ||
| MONGODB_REPLICA_SET: ${{ secrets.MONGODB_REPLICA_SET }} | ||
| MONGODB_TRANSLATIONS_CONNECTION_STRING: ${{ secrets.MONGODB_TRANSLATIONS_CONNECTION_STRING }} | ||
| MONGODB_MIGRATIONS_CONNECTION_STRING: ${{ secrets.MONGODB_MIGRATIONS_CONNECTION_STRING }} | ||
| GATSBY_REALM_APP_GRAPHQL_URL: ${{ secrets.GATSBY_REALM_APP_GRAPHQL_URL }} | ||
| GATSBY_PRISMIC_REPO_NAME: ${{ vars.GATSBY_PRISMIC_REPO_NAME }} | ||
| PRISMIC_ACCESS_TOKEN: ${{ secrets.PRISMIC_ACCESS_TOKEN }} | ||
| NODE_OPTIONS: --dns-result-order=ipv4first | ||
| GATSBY_ROLLBAR_TOKEN: ${{ secrets.GATSBY_ROLLBAR_TOKEN }} | ||
| SKIP_PAGE_CREATOR: ${{ vars.SKIP_PAGE_CREATOR }} | ||
| CLOUDFLARE_R2_ACCOUNT_ID: ${{ secrets.CLOUDFLARE_R2_ACCOUNT_ID }} | ||
| CLOUDFLARE_R2_BUCKET_NAME: ${{ secrets.CLOUDFLARE_R2_BUCKET_NAME }} | ||
| GATSBY_CLOUDFLARE_R2_PUBLIC_BUCKET_URL: ${{ vars.GATSBY_CLOUDFLARE_R2_PUBLIC_BUCKET_URL }} | ||
| CLOUDFLARE_R2_ACCESS_KEY_ID: ${{ secrets.CLOUDFLARE_R2_ACCESS_KEY_ID }} | ||
| CLOUDFLARE_R2_SECRET_ACCESS_KEY: ${{ secrets.CLOUDFLARE_R2_SECRET_ACCESS_KEY }} | ||
|
|
||
| # Extract commit hash to use as a cache key | ||
| - name: Extract commit hash | ||
| shell: bash | ||
| run: echo "##[set-output name=commit;]$(echo ${GITHUB_SHA})" | ||
| id: extract_commit_hash | ||
|
|
||
| # Cache 'public' folder | ||
| - name: Cache public folder | ||
| uses: actions/[email protected] | ||
| env: | ||
| cache-name: cache-public | ||
| with: | ||
| path: | | ||
| site/gatsby-site/public | ||
| key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ steps.extract_commit_hash.outputs.commit }} | ||
| restore-keys: | | ||
| ${{ runner.os }}-build-${{ env.cache-name }}- | ||
| ${{ runner.os }}-build- | ||
| ${{ runner.os }}- | ||
| test: | ||
| name: Run Cypress tests | ||
| environment: ${{ inputs.environment }} | ||
| runs-on: ubuntu-latest | ||
| needs: install-and-build | ||
| defaults: | ||
| run: | ||
| shell: bash | ||
| - name: Upload to netlify | ||
| id: deploy-netlify | ||
| working-directory: site/gatsby-site | ||
| strategy: | ||
| # when one test fails, DO NOT cancel the other | ||
| # containers, because this will kill Cypress processes | ||
| # leaving the Dashboard hanging ... | ||
| # https://github.com/cypress-io/github-action/issues/48 | ||
| fail-fast: false | ||
| matrix: | ||
| # run 10 copies of the current job in parallel | ||
| containers: [1, 2, 3, 4, 5, 6, 7, 8, 9, 10] | ||
| # stop the job if it runs over 20 minutes | ||
| # to prevent a hanging process from using all your CI minutes | ||
| timeout-minutes: 20 | ||
| steps: | ||
| - name: Checkout | ||
| uses: actions/checkout@v2 | ||
|
|
||
| # Cache node_modules folder | ||
| - name: Cache node modules | ||
| id: cache-nodemodules-2 | ||
| uses: actions/[email protected] | ||
| env: | ||
| cache-name: cache-install-folder | ||
| with: | ||
| # caching node_modules | ||
| path: | | ||
| site/gatsby-site/node_modules | ||
| ~/.cache/Cypress | ||
| key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ hashFiles('**/package-lock.json') }} | ||
| restore-keys: | | ||
| ${{ runner.os }}-build-${{ env.cache-name }}- | ||
| ${{ runner.os }}-build- | ||
| ${{ runner.os }}- | ||
| # Install NPM dependencies | ||
| - name: Install NPM dependencies | ||
| if: steps.cache-nodemodules-2.outputs.cache-hit != 'true' | ||
| uses: cypress-io/github-action@v4 | ||
| with: | ||
| working-directory: site/gatsby-site | ||
| # just perform install | ||
| runTests: false | ||
| install-command: npm ci --legacy-peer-deps | ||
|
|
||
| # Extract commit hash to use as a cache key | ||
| - name: Extract commit hash | ||
| shell: bash | ||
| run: echo "##[set-output name=commit;]$(echo ${GITHUB_SHA})" | ||
| id: extract_commit_hash | ||
|
|
||
| # Cache 'public' folder | ||
| - name: Cache public folder | ||
| uses: actions/[email protected] | ||
| run: | | ||
| set -e | ||
| OUTPUT=$(bash -c "netlify deploy --json --alias=pr-${{ github.event.pull_request.number }}" | tr '\n' ' ') | ||
| set +e | ||
| NETLIFY_OUTPUT=$(echo "$OUTPUT") | ||
| echo "deploy_log=$NETLIFY_OUTPUT" >> $GITHUB_OUTPUT | ||
| env: | ||
| cache-name: cache-public | ||
| with: | ||
| path: | | ||
| site/gatsby-site/public | ||
| key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ steps.extract_commit_hash.outputs.commit }} | ||
| restore-keys: | | ||
| ${{ runner.os }}-build-${{ env.cache-name }}- | ||
| ${{ runner.os }}-build- | ||
| ${{ runner.os }}- | ||
| NETLIFY_AUTH_TOKEN: ${{ secrets.NETLIFY_AUTH_TOKEN }} | ||
| NETLIFY_SITE_ID: ${{ vars.NETLIFY_SITE_ID }} | ||
|
|
||
| # Extract branch name | ||
| - name: Extract branch name | ||
| shell: bash | ||
| run: echo "##[set-output name=branch;]$(echo ${GITHUB_REF#refs/heads/})" | ||
| id: extract_branch | ||
|
|
||
| # Run all Cypress tests | ||
| - name: Cypress run | ||
| uses: cypress-io/github-action@v4 | ||
| - name: Comment on PR | ||
| uses: actions/github-script@v5 | ||
| with: | ||
| working-directory: site/gatsby-site | ||
| # we have already installed all dependencies above | ||
| install: false | ||
| config-file: cypress.config.js | ||
| record: true | ||
| parallel: true | ||
| group: "Cypress e2e tests" | ||
| tag: ${{ steps.extract_branch.outputs.branch }} | ||
| start: npm run serve | ||
| wait-on: http://localhost:8000/ | ||
| # wait for 10 minutes for the server to respond | ||
| wait-on-timeout: 600 | ||
| env: | ||
| # Recommended: pass the GitHub token lets this action correctly | ||
| # determine the unique run id necessary to re-run the checks | ||
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | ||
| CYPRESS_PROJECT_ID: ${{ secrets.CYPRESS_PROJECT_ID }} | ||
| CYPRESS_RECORD_KEY: ${{ secrets.CYPRESS_RECORD_KEY }} | ||
| E2E_ADMIN_USERNAME: ${{ secrets.E2E_ADMIN_USERNAME }} | ||
| E2E_ADMIN_PASSWORD: ${{ secrets.E2E_ADMIN_PASSWORD }} | ||
| ALGOLIA_ADMIN_KEY: ${{ secrets.ALGOLIA_ADMIN_KEY }} | ||
| GATSBY_ALGOLIA_APP_ID: ${{ secrets.GATSBY_ALGOLIA_APP_ID }} | ||
| GATSBY_ALGOLIA_SEARCH_KEY: ${{ secrets.GATSBY_ALGOLIA_SEARCH_KEY }} | ||
| GATSBY_AVAILABLE_LANGUAGES: ${{ secrets.GATSBY_AVAILABLE_LANGUAGES }} | ||
| GATSBY_REALM_APP_ID: ${{ secrets.GATSBY_REALM_APP_ID }} | ||
| GOOGLE_TRANSLATE_API_KEY: ${{ secrets.GOOGLE_TRANSLATE_API_KEY }} | ||
| MONGODB_CONNECTION_STRING: ${{ secrets.MONGODB_CONNECTION_STRING }} | ||
| MONGODB_REPLICA_SET: ${{ secrets.MONGODB_REPLICA_SET }} | ||
| MONGODB_TRANSLATIONS_CONNECTION_STRING: ${{ secrets.MONGODB_TRANSLATIONS_CONNECTION_STRING }} | ||
| MONGODB_MIGRATIONS_CONNECTION_STRING: ${{ secrets.MONGODB_MIGRATIONS_CONNECTION_STRING }} | ||
| GATSBY_REALM_APP_GRAPHQL_URL: ${{ secrets.GATSBY_REALM_APP_GRAPHQL_URL }} | ||
| # Since this is triggered on a pull request, we set the commit message to the pull request title | ||
| COMMIT_INFO_MESSAGE: ${{ github.event.pull_request.title }} | ||
|
|
||
| github-token: ${{secrets.GITHUB_TOKEN}} | ||
| script: | | ||
| const deployOutput = `${{ steps.deploy-netlify.outputs.deploy_log }}`; | ||
| const deployData = JSON.parse(deployOutput); | ||
| const comment = `🚀 Deployed to Netlify!\n\n✅ Build Log: \n${deployData.logs}\n\n🔗 Preview URL: ${deployData.deploy_url}`; | ||
| github.rest.issues.createComment({ | ||
| issue_number: context.issue.number, | ||
| owner: context.repo.owner, | ||
| repo: context.repo.repo, | ||
| body: comment | ||
| }); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,52 @@ | ||
| name: Deploy Preview Branch | ||
|
|
||
| on: | ||
| pull_request_target: | ||
| branches: | ||
| - staging | ||
| types: [opened, synchronize, reopened] | ||
| jobs: | ||
| permissions-check: | ||
| runs-on: ubuntu-latest | ||
| steps: | ||
| - name: Get User Permission | ||
| id: checkAccess | ||
| uses: actions-cool/check-user-permission@v2 | ||
| with: | ||
| require: write | ||
| username: ${{ github.triggering_actor }} | ||
| env: | ||
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | ||
| - name: Check User Permission | ||
| if: steps.checkAccess.outputs.require-result == 'false' | ||
| run: | | ||
| echo "${{ github.triggering_actor }} does not have permissions on this repo." | ||
| echo "Current permission level is ${{ steps.checkAccess.outputs.user-permission }}" | ||
| echo "Job originally triggered by ${{ github.actor }}" | ||
| exit 1 | ||
| call-test-build: | ||
| if: ${{ !failure() }} | ||
| uses: ./.github/workflows/test-build.yml | ||
| needs: permissions-check | ||
| secrets: inherit | ||
| with: | ||
| environment: staging | ||
|
|
||
| call-test: | ||
| if: ${{ !failure() }} | ||
| uses: ./.github/workflows/test.yml | ||
| needs: call-test-build | ||
| secrets: inherit | ||
| with: | ||
| environment: staging | ||
|
|
||
| call-deploy: | ||
| if: ${{ !failure() }} | ||
| uses: ./.github/workflows/deploy.yml | ||
| needs: permissions-check | ||
| secrets: inherit | ||
| permissions: | ||
| pull-requests: write | ||
| with: | ||
| environment: staging |
Oops, something went wrong.