remove chains filter for staging env (#2573) #1084
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Deploy App | |
on: | |
push: | |
branches: | |
- main | |
- release/app | |
paths: | |
- 'app/**' | |
pull_request: | |
paths: | |
- 'app/**' | |
workflow_dispatch: | |
concurrency: | |
group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.sha }} | |
cancel-in-progress: true | |
env: | |
NIX_VERSION: nix-2.13.2 | |
NIXPKGS_CHANNEL: nixos-22.11 | |
NODE_OPTIONS: '--no-warnings' | |
ACTIONS_RUNNER_DEBUG: true | |
ASTRO_TELEMETRY_DISABLED: true | |
jobs: | |
build: | |
runs-on: ['ubuntu-latest'] | |
permissions: | |
contents: read | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
lfs: true | |
- uses: nixbuild/nix-quick-install-action@v26 | |
with: | |
nix_on_tmpfs: false | |
nix_conf: | | |
experimental-features = nix-command flakes | |
access-tokens = ${{ secrets.GITHUB_TOKEN }} | |
- uses: nixbuild/nixbuild-action@812f1ab2b51842b0d44b9b79574611502d6940a0 | |
with: | |
nixbuild_token: ${{secrets.nixbuild_token}} | |
- name: Build app | |
run: | | |
touch build.json | |
nix build .#packages.x86_64-linux.app \ | |
--print-build-logs \ | |
--eval-store auto \ | |
--store ssh-ng://eu.nixbuild.net \ | |
--builders "" --max-jobs 2 \ | |
--show-trace \ | |
--json | |
deploy-preview: | |
runs-on: ['ubuntu-latest'] | |
needs: [build] | |
permissions: | |
contents: read | |
pull-requests: write | |
env: | |
npm_config_yes: true | |
environment: 'app-preview' | |
if: github.event_name == 'pull_request' | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
lfs: true | |
- uses: nixbuild/nix-quick-install-action@v26 | |
- uses: nixbuild/nixbuild-action@812f1ab2b51842b0d44b9b79574611502d6940a0 | |
with: | |
nixbuild_token: ${{ secrets.nixbuild_token }} | |
- run: mkdir dump | |
- run: nix copy --to file://`pwd`/dump --from ssh-ng://eu.nixbuild.net `nix eval --raw .#packages.x86_64-linux.app` --extra-experimental-features nix-command | |
- run: cat dump/nar/*.nar.xz | xz -dc | nix-store --restore result | |
# create preview deployment when trigger is pull_request, then post preview deployment url as a pr comment | |
- name: '[preview] 🔶 Publish to Cloudflare Pages' | |
env: | |
CLOUDFLARE_ACCOUNT_ID: ${{ secrets.CLOUDFLARE_ACCOUNT_ID }} | |
CLOUDFLARE_API_TOKEN: ${{ secrets.CLOUDFLARE_WORKERS_API_TOKEN }} | |
run: npx --yes wrangler@latest pages --project-name="app" deploy result >> /tmp/app_deploy.txt | |
- name: Set Deploy Output | |
run: | | |
{ | |
echo 'DEPLOY_OUTPUT<<EOF' | |
tail -n 2 /tmp/app_deploy.txt | |
echo 'EOF' | |
} >> $GITHUB_ENV | |
- name: Comment Site Deploy Results | |
uses: thollander/actions-comment-pull-request@v2 | |
with: | |
message: | | |
# App 🤌 | |
${{ env.DEPLOY_OUTPUT }} | |
**${{ env.LAST_UPDATED_AT }}** | |
comment_tag: deploy-app-preview-result | |
deploy-manual: | |
runs-on: ['ubuntu-latest'] | |
needs: [build] | |
env: | |
npm_config_yes: true | |
if: github.event_name == 'workflow_dispatch' | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
lfs: true | |
- uses: nixbuild/nix-quick-install-action@v26 | |
- uses: nixbuild/nixbuild-action@812f1ab2b51842b0d44b9b79574611502d6940a0 | |
with: | |
nixbuild_token: ${{ secrets.nixbuild_token }} | |
- run: mkdir dump | |
- run: nix copy --to file://`pwd`/dump --from ssh-ng://eu.nixbuild.net `nix eval --raw .#packages.x86_64-linux.app` --extra-experimental-features nix-command | |
- run: cat dump/nar/*.nar.xz | xz -dc | nix-store --restore result | |
# create preview deployment when trigger is workflow_dispatch && branch is not main | |
- name: '[workflow-dispatch] 🔶 Publish to Cloudflare Pages' | |
env: | |
CLOUDFLARE_ACCOUNT_ID: ${{ secrets.CLOUDFLARE_ACCOUNT_ID }} | |
CLOUDFLARE_API_TOKEN: ${{ secrets.CLOUDFLARE_WORKERS_API_TOKEN }} | |
run: npx --yes wrangler@latest pages --project-name="app" deploy result | |
deploy-staging: | |
runs-on: ['ubuntu-latest'] | |
needs: [build] | |
env: | |
npm_config_yes: true | |
environment: 'app-staging' | |
if: github.event_name == 'push' && github.ref == 'refs/heads/main' | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
lfs: true | |
- uses: nixbuild/nix-quick-install-action@v26 | |
- uses: nixbuild/nixbuild-action@812f1ab2b51842b0d44b9b79574611502d6940a0 | |
with: | |
nixbuild_token: ${{ secrets.nixbuild_token }} | |
- run: mkdir dump | |
- run: nix copy --to file://`pwd`/dump --from ssh-ng://eu.nixbuild.net `nix eval --raw .#packages.x86_64-linux.app` --extra-experimental-features nix-command | |
- run: cat dump/nar/*.nar.xz | xz -dc | nix-store --restore result | |
- name: '[staging] 🔶 Publish to Cloudflare Pages' | |
env: | |
CLOUDFLARE_ACCOUNT_ID: ${{ secrets.CLOUDFLARE_ACCOUNT_ID }} | |
CLOUDFLARE_API_TOKEN: ${{ secrets.CLOUDFLARE_WORKERS_API_TOKEN }} | |
run: npx --yes wrangler@latest pages --project-name="app" --branch="staging" deploy result | |
deploy-production: | |
runs-on: ['ubuntu-latest'] | |
needs: [build] | |
env: | |
npm_config_yes: true | |
environment: 'app-production' | |
if: github.event_name == 'push' && github.ref == 'refs/heads/release/app' | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
lfs: true | |
- uses: nixbuild/nix-quick-install-action@v26 | |
- uses: nixbuild/nixbuild-action@812f1ab2b51842b0d44b9b79574611502d6940a0 | |
with: | |
nixbuild_token: ${{ secrets.nixbuild_token }} | |
- run: mkdir dump | |
- run: nix copy --to file://`pwd`/dump --from ssh-ng://eu.nixbuild.net `nix eval --raw .#packages.x86_64-linux.app` --extra-experimental-features nix-command | |
- run: cat dump/nar/*.nar.xz | xz -dc | nix-store --restore result | |
- name: '[production] 🔶 Publish to Cloudflare Pages' | |
env: | |
CLOUDFLARE_ACCOUNT_ID: ${{ secrets.CLOUDFLARE_ACCOUNT_ID }} | |
CLOUDFLARE_API_TOKEN: ${{ secrets.CLOUDFLARE_WORKERS_API_TOKEN }} | |
run: npx --yes wrangler@latest pages --project-name="app" --branch="main" deploy result |