element-web/.github/workflows/netlify.yaml

95 lines
4 KiB
YAML
Raw Normal View History

# Triggers after the layered build has finished, taking the artifact
# and uploading it to netlify
name: Upload Preview Build to Netlify
on:
2022-04-21 11:55:32 +00:00
workflow_run:
workflows: [ "Element Web - Build and Test" ]
types:
- completed
jobs:
deploy:
2022-04-21 11:55:32 +00:00
runs-on: ubuntu-latest
if: github.event.workflow_run.conclusion == 'success' && github.event.workflow_run.event == 'pull_request'
2022-04-21 11:55:32 +00:00
steps:
2022-04-27 11:39:14 +00:00
- name: "🔍 Read PR number"
2022-04-21 11:55:32 +00:00
id: readctx
2022-04-27 11:39:14 +00:00
# We need to find the PR number that corresponds to the branch, which we do by searching the GH API
2022-04-21 11:55:32 +00:00
# The workflow_run event includes a list of pull requests, but it doesn't get populated for
# forked PRs: https://docs.github.com/en/rest/reference/checks#create-a-check-run
run: |
head_branch='${{github.event.workflow_run.head_repository.owner.login}}:${{github.event.workflow_run.head_branch}}'
2022-04-27 10:11:48 +00:00
echo "Head branch: $head_branch"
2022-04-21 11:55:32 +00:00
pulls_uri="https://api.github.com/repos/${{ github.repository }}/pulls?head=$(jq -Rr '@uri' <<<$head_branch)"
2022-04-27 11:39:14 +00:00
pr_number=$(curl -s -H 'Authorization: Bearer ${{ secrets.GITHUB_TOKEN }}' "$pulls_uri" |
jq -r '.[] | .number')
2022-04-21 11:55:32 +00:00
echo "PR number: $pr_number"
echo "::set-output name=prnumber::$pr_number"
- name: Create Deployment
uses: bobheadxi/deployments@v1
id: deployment
with:
step: start
token: ${{ secrets.GITHUB_TOKEN }}
env: Netlify
2022-04-27 11:39:14 +00:00
ref: ${{ github.event.workflow_run.head_sha }}
desc: |
Do you trust the author of this PR? Maybe this build will steal your keys or give you malware.
Exercise caution. Use test accounts.
# There's a 'download artifact' action, but it hasn't been updated for the
2022-04-21 11:55:32 +00:00
# workflow_run action (https://github.com/actions/download-artifact/issues/60)
# so instead we get this mess:
- name: 'Download artifact'
uses: actions/github-script@v3.1.0
with:
script: |
const artifacts = await github.actions.listWorkflowRunArtifacts({
owner: context.repo.owner,
repo: context.repo.repo,
run_id: ${{ github.event.workflow_run.id }},
2022-04-21 11:55:32 +00:00
});
const matchArtifact = artifacts.data.artifacts.filter((artifact) => {
return artifact.name == "previewbuild"
2022-04-21 11:55:32 +00:00
})[0];
const download = await github.actions.downloadArtifact({
owner: context.repo.owner,
repo: context.repo.repo,
artifact_id: matchArtifact.id,
archive_format: 'zip',
2022-04-21 11:55:32 +00:00
});
const fs = require('fs');
2022-04-21 11:55:32 +00:00
fs.writeFileSync('${{github.workspace}}/previewbuild.zip', Buffer.from(download.data));
- name: Extract Artifacts
run: unzip -d webapp previewbuild.zip && rm previewbuild.zip
- name: Deploy to Netlify
id: netlify
uses: nwtgck/actions-netlify@v1.2
with:
publish-dir: webapp
deploy-message: "Deploy from GitHub Actions"
# These don't work because we're in workflow_run
enable-pull-request-comment: false
enable-commit-comment: false
alias: pr${{ steps.readctx.outputs.prnumber }}
env:
NETLIFY_AUTH_TOKEN: ${{ secrets.NETLIFY_AUTH_TOKEN }}
NETLIFY_SITE_ID: ${{ secrets.NETLIFY_SITE_ID }}
timeout-minutes: 1
- name: Update deployment status
uses: bobheadxi/deployments@v1
if: always()
with:
step: finish
token: ${{ secrets.GITHUB_TOKEN }}
status: ${{ job.status }}
env: ${{ steps.deployment.outputs.env }}
deployment_id: ${{ steps.deployment.outputs.deployment_id }}
env_url: ${{ steps.netlify.outputs.deploy-url }}
desc: |
Do you trust the author of this PR? Maybe this build will steal your keys or give you malware.
Exercise caution. Use test accounts.