-
Notifications
You must be signed in to change notification settings - Fork 5
136 lines (114 loc) · 3.77 KB
/
ci-master.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
on:
push:
branches:
- master
pull_request:
branches:
- master
types: [opened, reopened, synchronize]
workflow_dispatch:
name: ci-master
# REGISTRY and IMAGE_NAME are for building and tagging the container.
# TARGET_ENV is used by Webpack to determine the build target.
env:
REGISTRY: ghcr.io
ARTIFACT_NAME: openshock-webui.zip
IMAGE_NAME: ${{ github.repository_owner }}/webui
TARGET_ENV: container
NODE_ENV: production
jobs:
build:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-node@v4
with:
node-version: 17.x
- uses: actions/cache@v4
with:
path: |
~/.npm
~/node_modules
key: npm-${{ hashFiles('package-lock.json') }}
restore-keys: npm-
- name: Install dependencies
run: npm install --production=false
# ^
# This is necessary since NODE_ENV=production, but we need dev dependencies to build.
- name: Build
run: npm run build --if-present
- name: Compress internal artifacts
run: |
cd dist
zip -r ${{ env.ARTIFACT_NAME }} .
cd ..
mv dist/${{ env.ARTIFACT_NAME }} .
- name: Upload internal artifacts
uses: actions/upload-artifact@v4
with:
name: ${{ env.ARTIFACT_NAME }}
path: ${{ github.workspace }}/${{ env.ARTIFACT_NAME }}
retention-days: 1
containerize:
runs-on: ubuntu-latest
needs: build
steps:
- uses: actions/checkout@v4
with:
sparse-checkout: |
Dockerfile
- name: Download internal artifacts
uses: actions/download-artifact@v4
with:
name: ${{ env.ARTIFACT_NAME }}
- name: Extract artifacts
run: unzip ${{ env.ARTIFACT_NAME }} -d dist
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Log in to Container Registry
uses: docker/login-action@v3
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Find latest tag
uses: oprypin/find-latest-tag@v1
id: latest-tag
with:
repository: ${{ github.repository }}
regex: '^[0-9]+.[0-9]+.[0-9]+$'
releases-only: false
- name: Extract metadata (tags, labels) for Docker
id: meta
uses: docker/metadata-action@v5
with:
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
flavor: |
latest=false
tags: |
type=raw,value={{branch}},enable=${{ github.ref_type == 'branch' && github.event_name != 'pull_request' }}
type=raw,value=latest,enable=${{ steps.latest-tag.outputs.tag == github.ref_name }}
type=ref,event=branch
type=ref,event=pr
type=semver,pattern={{major}},enable=${{ !startsWith(github.ref, 'refs/tags/v0.') }}
type=semver,pattern={{major}}.{{minor}}
type=semver,pattern={{major}}.{{minor}}.{{patch}}
- name: Build image
uses: docker/build-push-action@v5
with:
context: .
push: ${{ github.event_name != 'pull_request' }}
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
deploy:
runs-on: ubuntu-latest
needs: containerize
if: ${{ github.ref_type == 'branch' && github.ref_protected && github.event_name != 'pull_request' }}
environment: production
steps:
- name: Call deployment webhook
shell: bash
env:
WEBHOOK_URL: ${{ secrets.WEBHOOK_URL }}
run: |
curl -X POST -d "" "$WEBHOOK_URL"