mirror of https://github.com/vector-im/riot-web
104 lines
4.3 KiB
YAML
104 lines
4.3 KiB
YAML
# Triggers after the layered build has finished, taking the artifact
|
|
# and uploading it to netlify
|
|
name: Upload Preview Build to Netlify
|
|
on:
|
|
workflow_run:
|
|
workflows: [ "Element Web - Build and Test" ]
|
|
types:
|
|
- completed
|
|
jobs:
|
|
deploy:
|
|
runs-on: ubuntu-latest
|
|
if: github.event.workflow_run.conclusion == 'success' && github.event.workflow_run.event == 'pull_request'
|
|
steps:
|
|
- name: "🔍 Read PR number"
|
|
id: readctx
|
|
# We need to find the PR number that corresponds to the branch, which we do by searching the GH API
|
|
# The workflow_run event includes a list of pull requests, but it doesn't get populated for
|
|
# forked PRs: https://docs.github.com/en/rest/reference/checks#create-a-check-run
|
|
run: |
|
|
head_branch='${{github.event.workflow_run.head_repository.owner.login}}:${{github.event.workflow_run.head_branch}}'
|
|
echo "Head branch: $head_branch"
|
|
pulls_uri="https://api.github.com/repos/${{ github.repository }}/pulls?head=$(jq -Rr '@uri' <<<$head_branch)"
|
|
pr_number=$(curl -s -H 'Authorization: Bearer ${{ secrets.GITHUB_TOKEN }}' "$pulls_uri" |
|
|
jq -r '.[] | .number')
|
|
echo "PR number: $pr_number"
|
|
echo "::set-output name=prnumber::$pr_number"
|
|
|
|
- name: Create Deployment ID
|
|
uses: altinukshini/deployment-action@v1.2.6
|
|
id: deployment
|
|
with:
|
|
token: "${{ secrets.ELEMENT_BOT_TOKEN }}"
|
|
pr: true
|
|
pr_id: ${{ steps.readctx.outputs.prnumber }}
|
|
transient_environment: true
|
|
environment: Netlify
|
|
initial_status: in_progress
|
|
ref: ${{ github.event.workflow_run.head_sha }}
|
|
|
|
# There's a 'download artifact' action but it hasn't been updated for the
|
|
# workflow_run action (https://github.com/actions/download-artifact/issues/60)
|
|
# so instead we get this mess:
|
|
- name: 'Download artifact'
|
|
uses: actions/github-script@v3.1.0
|
|
with:
|
|
script: |
|
|
var artifacts = await github.actions.listWorkflowRunArtifacts({
|
|
owner: context.repo.owner,
|
|
repo: context.repo.repo,
|
|
run_id: ${{github.event.workflow_run.id }},
|
|
});
|
|
var matchArtifact = artifacts.data.artifacts.filter((artifact) => {
|
|
return artifact.name == "previewbuild"
|
|
})[0];
|
|
var download = await github.actions.downloadArtifact({
|
|
owner: context.repo.owner,
|
|
repo: context.repo.repo,
|
|
artifact_id: matchArtifact.id,
|
|
archive_format: 'zip',
|
|
});
|
|
var fs = require('fs');
|
|
fs.writeFileSync('${{github.workspace}}/previewbuild.zip', Buffer.from(download.data));
|
|
|
|
- name: Extract Artifacts
|
|
run: unzip -d webapp previewbuild.zip && rm previewbuild.zip
|
|
|
|
- name: Deploy to Netlify
|
|
id: netlify
|
|
uses: nwtgck/actions-netlify@v1.2
|
|
with:
|
|
publish-dir: webapp
|
|
deploy-message: "Deploy from GitHub Actions"
|
|
# These don't work because we're in workflow_run
|
|
enable-pull-request-comment: false
|
|
enable-commit-comment: false
|
|
alias: pr${{ steps.readctx.outputs.prnumber }}
|
|
env:
|
|
NETLIFY_AUTH_TOKEN: ${{ secrets.NETLIFY_AUTH_TOKEN }}
|
|
NETLIFY_SITE_ID: ${{ secrets.NETLIFY_SITE_ID }}
|
|
timeout-minutes: 1
|
|
|
|
- name: Update deployment status (success)
|
|
if: success()
|
|
uses: altinukshini/deployment-status@v1.0.1
|
|
with:
|
|
token: "${{ secrets.ELEMENT_BOT_TOKEN }}"
|
|
environment_url: ${{ steps.netlify.outputs.deploy-url }}
|
|
state: "success"
|
|
deployment_id: ${{ steps.deployment.outputs.deployment_id }}
|
|
pr: true
|
|
pr_id: ${{ steps.readctx.outputs.prnumber }}
|
|
description: |
|
|
Do you trust the author of this PR? Maybe this build will steal your keys or give you malware.
|
|
Exercise caution. Use test accounts.
|
|
- name: Update deployment status (failure)
|
|
if: failure()
|
|
uses: altinukshini/deployment-status@v1.0.1
|
|
with:
|
|
token: "${{ secrets.ELEMENT_BOT_TOKEN }}"
|
|
state: "failure"
|
|
deployment_id: ${{ steps.deployment.outputs.deployment_id }}
|
|
pr: true
|
|
pr_id: ${{ steps.readctx.outputs.prnumber }}
|