From 60a3f6f4cc638fa60c389ec6b32123d2a8cd0cc3 Mon Sep 17 00:00:00 2001 From: Ju4tCode <42488585+yanyongyu@users.noreply.github.com> Date: Sun, 21 Jul 2024 11:23:15 +0800 Subject: [PATCH] =?UTF-8?q?:construction=5Fworker:=20Security:=20=E6=8B=86?= =?UTF-8?q?=E5=88=86=20PR=20Website=20CI/CD=20(#2829)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .github/workflows/website-preview-cd.yml | 96 ++++++++++++++++++++++++ .github/workflows/website-preview-ci.yml | 42 +++++++++++ .github/workflows/website-preview.yml | 46 ------------ 3 files changed, 138 insertions(+), 46 deletions(-) create mode 100644 .github/workflows/website-preview-cd.yml create mode 100644 .github/workflows/website-preview-ci.yml delete mode 100644 .github/workflows/website-preview.yml diff --git a/.github/workflows/website-preview-cd.yml b/.github/workflows/website-preview-cd.yml new file mode 100644 index 00000000..c113ef8d --- /dev/null +++ b/.github/workflows/website-preview-cd.yml @@ -0,0 +1,96 @@ +name: Site Deploy (Preview CD) + +on: + workflow_run: + workflows: ["Site Deploy (Preview CI)"] + types: + - completed + +jobs: + preview-cd: + runs-on: ubuntu-latest + concurrency: + group: pull-request-preview-${{ github.event.workflow_run.head_repository.full_name }}-${{ github.event.workflow_run.head_branch }} + cancel-in-progress: true + + if: ${{ github.event.workflow_run.conclusion == 'success' }} + + environment: pull request + + permissions: + actions: read + statuses: write + pull-requests: write + + steps: + - name: Set Commit Status + uses: actions/github-script@v7 + with: + script: | + github.repos.createCommitStatus({ + owner: context.repo.owner, + repo: context.repo.repo, + sha: context.payload.workflow_run.head_sha, + context: 'Website Preview', + description: 'Deploying...', + state: 'pending', + }) + + - name: Download Artifact + uses: actions/download-artifact@v4 + with: + name: website-preview + github-token: ${{ secrets.GITHUB_TOKEN }} + run-id: ${{ github.event.workflow_run.id }} + + - name: Restore Context and Set Deploy Name + run: | + cat action.env >> $GITHUB_ENV + echo "DEPLOY_NAME=deploy-preview-${{ env.PR_NUMBER }}" >> $GITHUB_ENV + + - name: Deploy to Netlify + id: deploy + uses: nwtgck/actions-netlify@v3 + with: + publish-dir: ./website/build + production-deploy: false + deploy-message: "Deploy ${{ env.DEPLOY_NAME }}@${{ github.event.workflow_run.head_sha }}" + alias: ${{ env.DEPLOY_NAME }} + env: + NETLIFY_AUTH_TOKEN: ${{ secrets.NETLIFY_AUTH_TOKEN }} + NETLIFY_SITE_ID: ${{ secrets.SITE_ID }} + + # action netlify has no pull request context, so we need to comment by ourselves + - name: Comment on Pull Request + uses: marocchino/sticky-pull-request-comment@v2 + with: + header: website + number: ${{ env.PR_NUMBER }} + message: | + :rocket: Deployed to ${{ steps.deploy.outputs.deploy-url }} + + - name: Set Commit Status + uses: actions/github-script@v7 + if: always() + with: + script: | + if (context.job.status === 'success') { + github.repos.createCommitStatus({ + owner: context.repo.owner, + repo: context.repo.repo, + sha: context.payload.workflow_run.head_sha, + context: 'Website Preview', + description: `Deployed to ${{ steps.deploy.outputs.deploy-url }}`, + state: 'success', + target_url: `${{ steps.deploy.outputs.deploy-url }}`, + }) + } else { + github.repos.createCommitStatus({ + owner: context.repo.owner, + repo: context.repo.repo, + sha: context.payload.workflow_run.head_sha, + context: 'Website Preview', + description: 'Deploy ' + context.job.status, + state: 'failure', + }) + } diff --git a/.github/workflows/website-preview-ci.yml b/.github/workflows/website-preview-ci.yml new file mode 100644 index 00000000..1898bd57 --- /dev/null +++ b/.github/workflows/website-preview-ci.yml @@ -0,0 +1,42 @@ +name: Site Deploy (Preview CI) + +on: + pull_request: + +jobs: + preview-ci: + runs-on: ubuntu-latest + concurrency: + group: pull-request-preview-${{ github.event.number }} + cancel-in-progress: true + + steps: + - uses: actions/checkout@v4 + with: + ref: ${{ github.event.pull_request.head.sha }} + fetch-depth: 0 + + - name: Setup Python Environment + uses: ./.github/actions/setup-python + + - name: Setup Node Environment + uses: ./.github/actions/setup-node + + - name: Build API Doc + uses: ./.github/actions/build-api-doc + + - name: Build Doc + run: yarn build + + - name: Export Context + run: | + echo "PR_NUMBER=${{ github.event.number }}" >> ./action.env + + - name: Upload Artifact + uses: actions/upload-artifact@v4 + with: + name: website-preview + path: | + ./website/build + ./action.env + retention-days: 1 diff --git a/.github/workflows/website-preview.yml b/.github/workflows/website-preview.yml deleted file mode 100644 index f3cdaf23..00000000 --- a/.github/workflows/website-preview.yml +++ /dev/null @@ -1,46 +0,0 @@ -name: Site Deploy(Preview) - -on: - pull_request_target: - -jobs: - preview: - runs-on: ubuntu-latest - concurrency: - group: pull-request-preview-${{ github.event.number }} - cancel-in-progress: true - - steps: - - uses: actions/checkout@v4 - with: - ref: ${{ github.event.pull_request.head.sha }} - fetch-depth: 0 - - - name: Setup Python Environment - uses: ./.github/actions/setup-python - - - name: Setup Node Environment - uses: ./.github/actions/setup-node - - - name: Build API Doc - uses: ./.github/actions/build-api-doc - - - name: Build Doc - run: yarn build - - - name: Get Deploy Name - run: | - echo "DEPLOY_NAME=deploy-preview-${{ github.event.number }}" >> $GITHUB_ENV - - - name: Deploy to Netlify - uses: nwtgck/actions-netlify@v3 - with: - publish-dir: "./website/build" - production-deploy: false - github-token: ${{ secrets.GITHUB_TOKEN }} - deploy-message: "Deploy ${{ env.DEPLOY_NAME }}@${{ github.sha }}" - enable-commit-comment: false - alias: ${{ env.DEPLOY_NAME }} - env: - NETLIFY_AUTH_TOKEN: ${{ secrets.NETLIFY_AUTH_TOKEN }} - NETLIFY_SITE_ID: ${{ secrets.SITE_ID }}