feat: big facelift #4112
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Based on https://docs.github.com/en/actions/deployment/deploying-to-your-cloud-provider/deploying-to-amazon-elastic-container-service | |
| name: PR Updated triggers | |
| on: | |
| pull_request: | |
| types: [labeled, unlabeled, synchronize, closed, reopened, opened] | |
| env: | |
| AWS_REGION: us-east-1 | |
| permissions: | |
| id-token: write | |
| contents: read | |
| jobs: | |
| path-filter: | |
| runs-on: ubuntu-latest | |
| if: github.event.action == 'opened' || github.event.action == 'reopened' || github.event.action == 'synchronize' || github.event.action == 'closed' | |
| outputs: | |
| docs: ${{ steps.changes.outputs.docs }} | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: dorny/paths-filter@v2 | |
| id: changes | |
| with: | |
| filters: | | |
| docs: | |
| - 'docs/**' | |
| ci: | |
| if: github.event.action == 'opened' || github.event.action == 'reopened' || github.event.action == 'synchronize' || (github.event.action == 'labeled' && github.event.label.name == 'preview') | |
| uses: ./.github/workflows/ci.yml | |
| build-all: | |
| if: (github.event.action == 'opened' || github.event.action == 'reopened' || github.event.action == 'synchronize' || (github.event.action == 'labeled' && github.event.label.name == 'preview')) | |
| uses: ./.github/workflows/ecrbuild-all.yml | |
| secrets: | |
| AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| e2e: | |
| if: github.event.action == 'opened' || github.event.action == 'reopened' || github.event.action == 'synchronize' | |
| needs: | |
| - build-all | |
| # could theoretically be skipped, but in practice is always faster | |
| # than waiting for the build-all job to finish anyway | |
| - ci | |
| uses: ./.github/workflows/e2e.yml | |
| secrets: | |
| AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| deploy-preview: | |
| uses: ./.github/workflows/pull-preview.yml | |
| needs: | |
| - build-all | |
| permissions: | |
| contents: read | |
| deployments: write | |
| pull-requests: write | |
| statuses: write | |
| with: | |
| # PLATFORM_IMAGE: 246372085946.dkr.ecr.us-east-1.amazonaws.com/pubpub-v7-core:2b9a81a279c4e405bbedcdbb697c897ded52fbc0 | |
| # JOBS_IMAGE: 246372085946.dkr.ecr.us-east-1.amazonaws.com/pubpub-v7-jobs:c786662f4899de16a621e366a485eca5adda4d6a | |
| # MIGRATIONS_IMAGE: 246372085946.dkr.ecr.us-east-1.amazonaws.com/pubpub-v7:c786662f4899de16a621e366a485eca5adda4d6a | |
| # SITE_BUILDER_IMAGE: 246372085946.dkr.ecr.us-east-1.amazonaws.com/pubpub-v7-site-builder:c786662f4899de16a621e366a485eca5adda4d6a | |
| PLATFORM_IMAGE: ${{ needs.build-all.outputs.core-image }} | |
| JOBS_IMAGE: ${{ needs.build-all.outputs.jobs-image }} | |
| MIGRATIONS_IMAGE: ${{ needs.build-all.outputs.base-image }} | |
| SITE_BUILDER_IMAGE: ${{ needs.build-all.outputs.site-builder-image }} | |
| AWS_REGION: "us-east-1" | |
| COMPOSE_FILES: docker-compose.preview.pr.yml | |
| secrets: | |
| AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| GH_PAT_PR_PREVIEW_CLEANUP: ${{ secrets.GH_PAT_PR_PREVIEW_CLEANUP }} | |
| PREVIEW_DATACITE_REPOSITORY_ID: ${{ secrets.PREVIEW_DATACITE_REPOSITORY_ID }} | |
| PREVIEW_DATACITE_PASSWORD: ${{ secrets.PREVIEW_DATACITE_PASSWORD }} | |
| close-preview: | |
| uses: ./.github/workflows/pull-preview.yml | |
| if: ${{(github.event.action == 'closed' && contains(github.event.pull_request.labels.*.name, 'preview')) || (github.event.action == 'unlabeled' && github.event.label.name == 'preview')}} | |
| permissions: | |
| contents: read | |
| deployments: write | |
| pull-requests: write | |
| statuses: write | |
| with: | |
| PLATFORM_IMAGE: "x" # not used | |
| JOBS_IMAGE: "x" # not used | |
| MIGRATIONS_IMAGE: "x" # not used | |
| SITE_BUILDER_IMAGE: "x" # not used | |
| AWS_REGION: "us-east-1" | |
| secrets: | |
| AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| GH_PAT_PR_PREVIEW_CLEANUP: ${{ secrets.GH_PAT_PR_PREVIEW_CLEANUP }} | |
| PREVIEW_DATACITE_REPOSITORY_ID: ${{ secrets.PREVIEW_DATACITE_REPOSITORY_ID }} | |
| PREVIEW_DATACITE_PASSWORD: ${{ secrets.PREVIEW_DATACITE_PASSWORD }} | |
| deploy-docs-preview: | |
| permissions: | |
| contents: write | |
| pages: write | |
| pull-requests: write | |
| needs: | |
| - path-filter | |
| if: (github.event.action == 'opened' || github.event.action == 'reopened' || github.event.action == 'synchronize') && needs.path-filter.outputs.docs == 'true' | |
| uses: ./.github/workflows/build-docs.yml | |
| with: | |
| preview: true | |
| close-docs-preview: | |
| needs: | |
| - path-filter | |
| permissions: | |
| contents: write | |
| pages: write | |
| pull-requests: write | |
| if: github.event.action == 'closed' && needs.path-filter.outputs.docs == 'true' | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Close docs preview | |
| uses: rossjrw/pr-preview-action@v1 | |
| with: | |
| source-dir: docs/out | |
| action: remove | |
| status-check: | |
| needs: | |
| - ci | |
| - e2e | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: ok | |
| run: | | |
| echo ok |