Misc site fixes (#3079) #233
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Deploy Ceremony | |
on: | |
push: | |
branches: | |
- main | |
- release/ceremony | |
paths: | |
- 'ceremony/**' | |
pull_request: | |
paths: | |
- 'ceremony/**' | |
workflow_dispatch: | |
concurrency: | |
group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.sha }} | |
cancel-in-progress: true | |
env: | |
NODE_OPTIONS: '--no-warnings' | |
ACTIONS_RUNNER_DEBUG: true | |
ASTRO_TELEMETRY_DISABLED: true | |
jobs: | |
garnix: | |
name: Wait on Garnix CI | |
runs-on: ubuntu-latest | |
steps: | |
- name: Wait on Garnix CI Check Suite | |
env: | |
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
REPO: ${{ github.repository }} | |
REF: ${{ github.head_ref || github.sha }} | |
run: | | |
sleep 15 | |
status='' | |
while [[ $status != 'completed' ]]; do | |
check_suites=$(gh api \ | |
-H "Accept: application/vnd.github+json" \ | |
-H "X-GitHub-Api-Version: 2022-11-28" \ | |
"/repos/$REPO/commits/$REF/check-suites") | |
status=$(echo "$check_suites" | jq -r '.check_suites | .[] | select(.app.name == "Garnix CI") | .status') | |
sleep 15 | |
done | |
conclusion=$(echo "$check_suites" | jq -r '.check_suites | .[] | select(.app.name == "Garnix CI") | .conclusion') | |
case "$conclusion" in | |
failure | timed_out | action_required | stale | startup_failure) | |
echo "ERROR: Garnix CI concluded with $conclusion" | |
exit 1 | |
;; | |
*) | |
echo "INFO: Garnix CI concluded with $conclusion" | |
;; | |
esac | |
deploy-preview: | |
runs-on: ['ubuntu-latest'] | |
needs: [garnix] | |
permissions: | |
contents: read | |
pull-requests: write | |
env: | |
npm_config_yes: true | |
environment: 'ceremony-preview' | |
if: github.event_name == 'pull_request' | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
lfs: true | |
- uses: nixbuild/nix-quick-install-action@v28 | |
with: | |
nix_conf: | | |
trusted-public-keys = cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY= cache.garnix.io:CTFPyKSLcx5RMJKfLo5EEPUObbA78b0YQ2DTCJXqr9g= union.cachix.org-1:TV9o8jexzNVbM1VNBOq9fu8NK+hL6ZhOyOh0quATy+M= | |
trusted-substituters = https://cache.nixos.org https://cache.garnix.io https://union.cachix.org | |
- name: Fetch from Cache | |
run: | | |
nix build .#ceremony | |
- name: '[preview] 🔶 Publish to Cloudflare Pages' | |
env: | |
CLOUDFLARE_ACCOUNT_ID: ${{ secrets.CLOUDFLARE_ACCOUNT_ID }} | |
CLOUDFLARE_API_TOKEN: ${{ secrets.CLOUDFLARE_WORKERS_API_TOKEN }} | |
run: npx --yes wrangler@latest pages --project-name="ceremony" deploy result >> /tmp/ceremony_deploy.txt | |
- name: Set Deploy Output | |
run: | | |
{ | |
echo 'DEPLOY_OUTPUT<<EOF' | |
tail -n 2 /tmp/ceremony_deploy.txt | |
echo 'EOF' | |
} >> $GITHUB_ENV | |
- name: Comment Site Deploy Results | |
uses: thollander/actions-comment-pull-request@v2 | |
with: | |
message: | | |
# Ceremony 🤌 | |
${{ env.DEPLOY_OUTPUT }} | |
**${{ env.LAST_UPDATED_AT }}** | |
comment_tag: deploy-ceremony-preview-result | |
deploy-manual: | |
runs-on: ['ubuntu-latest'] | |
needs: [garnix] | |
env: | |
npm_config_yes: true | |
if: github.event_name == 'workflow_dispatch' | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
lfs: true | |
- uses: nixbuild/nix-quick-install-action@v28 | |
with: | |
nix_conf: | | |
trusted-public-keys = cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY= cache.garnix.io:CTFPyKSLcx5RMJKfLo5EEPUObbA78b0YQ2DTCJXqr9g= union.cachix.org-1:TV9o8jexzNVbM1VNBOq9fu8NK+hL6ZhOyOh0quATy+M= | |
trusted-substituters = https://cache.nixos.org https://cache.garnix.io https://union.cachix.org | |
- name: Fetch from Cache | |
run: | | |
nix build .#ceremony | |
- name: '[workflow-dispatch] 🔶 Publish to Cloudflare Pages' | |
env: | |
CLOUDFLARE_ACCOUNT_ID: ${{ secrets.CLOUDFLARE_ACCOUNT_ID }} | |
CLOUDFLARE_API_TOKEN: ${{ secrets.CLOUDFLARE_WORKERS_API_TOKEN }} | |
run: npx --yes wrangler@latest pages --project-name="ceremony" deploy result | |
deploy-staging: | |
runs-on: ['ubuntu-latest'] | |
needs: [garnix] | |
env: | |
npm_config_yes: true | |
environment: 'ceremony-staging' | |
if: github.event_name == 'push' && github.ref == 'refs/heads/main' | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
lfs: true | |
- uses: nixbuild/nix-quick-install-action@v28 | |
with: | |
nix_conf: | | |
trusted-public-keys = cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY= cache.garnix.io:CTFPyKSLcx5RMJKfLo5EEPUObbA78b0YQ2DTCJXqr9g= union.cachix.org-1:TV9o8jexzNVbM1VNBOq9fu8NK+hL6ZhOyOh0quATy+M= | |
trusted-substituters = https://cache.nixos.org https://cache.garnix.io https://union.cachix.org | |
- name: Fetch from Cache | |
run: | | |
nix build .#ceremony | |
- name: '[staging] 🔶 Publish to Cloudflare Pages' | |
env: | |
CLOUDFLARE_ACCOUNT_ID: ${{ secrets.CLOUDFLARE_ACCOUNT_ID }} | |
CLOUDFLARE_API_TOKEN: ${{ secrets.CLOUDFLARE_WORKERS_API_TOKEN }} | |
run: npx --yes wrangler@latest pages --project-name="ceremony" --branch="staging" deploy result | |
deploy-production: | |
runs-on: ['ubuntu-latest'] | |
needs: [garnix] | |
env: | |
npm_config_yes: true | |
environment: 'ceremony-production' | |
if: github.event_name == 'push' && github.ref == 'refs/heads/release/ceremony' | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
lfs: true | |
- uses: nixbuild/nix-quick-install-action@v28 | |
with: | |
nix_conf: | | |
trusted-public-keys = cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY= cache.garnix.io:CTFPyKSLcx5RMJKfLo5EEPUObbA78b0YQ2DTCJXqr9g= union.cachix.org-1:TV9o8jexzNVbM1VNBOq9fu8NK+hL6ZhOyOh0quATy+M= | |
trusted-substituters = https://cache.nixos.org https://cache.garnix.io https://union.cachix.org | |
- name: Fetch from Cache | |
run: | | |
nix build .#ceremony | |
- name: '[production] 🔶 Publish to Cloudflare Pages' | |
env: | |
CLOUDFLARE_ACCOUNT_ID: ${{ secrets.CLOUDFLARE_ACCOUNT_ID }} | |
CLOUDFLARE_API_TOKEN: ${{ secrets.CLOUDFLARE_WORKERS_API_TOKEN }} | |
run: npx --yes wrangler@latest pages --project-name="ceremony" --branch="main" deploy result |