docs: review all production guidance #1158
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Deploy guidance site to production | |
| on: | |
| pull_request: | |
| push: | |
| branches: [main] | |
| workflow_dispatch: | |
| env: | |
| GITHUB_DEPLOY_KEY: ${{ secrets.GH_DEPLOY_KEY }} | |
| ECR_NAME: ${{ secrets.ECR_NAME }} | |
| KUBE_CLUSTER: ${{ secrets.KUBE_CLUSTER }} | |
| KUBE_NAMESPACE: ${{ secrets.KUBE_NAMESPACE }} | |
| jobs: | |
| build: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: actions/setup-node@v4 | |
| with: | |
| node-version-file: .nvmrc | |
| - run: npm ci | |
| - run: npm run build:package | |
| - uses: actions/upload-artifact@v4 | |
| with: | |
| name: mojds-package | |
| path: package | |
| - run: npm run build:dist | |
| - run: ENV="production" npm run build:docs | |
| - uses: actions/upload-artifact@v4 | |
| with: | |
| name: mojds-dist | |
| path: dist | |
| test: | |
| runs-on: ubuntu-latest | |
| needs: build | |
| steps: | |
| - name: Set commit status as pending | |
| uses: myrotvorets/set-commit-status-action@master | |
| with: | |
| token: ${{ secrets.GITHUB_TOKEN }} | |
| status: pending | |
| context: Tests | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Setup Node.js | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version-file: .nvmrc | |
| - name: npm install | |
| run: npm install | |
| - name: Lint Sass | |
| run: npm run lint:scss | |
| - name: Lint JavaScript | |
| run: npm run lint:js | |
| - name: Prettier | |
| run: npm run lint:prettier | |
| - name: JavaScript unit tests | |
| run: npm run test:js | |
| - name: Sass compilation | |
| run: npm run test:scss | |
| result: | |
| runs-on: ubuntu-latest | |
| needs: [test] | |
| if: always() | |
| steps: | |
| - name: Set final commit status | |
| uses: myrotvorets/set-commit-status-action@master | |
| with: | |
| token: ${{ secrets.GITHUB_TOKEN }} | |
| status: ${{ needs.test.result }} | |
| context: Tests | |
| deploy: | |
| runs-on: ubuntu-latest | |
| needs: [result] | |
| if: github.event_name == 'push' | |
| permissions: | |
| id-token: write | |
| contents: read | |
| pull-requests: write | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: aws-actions/configure-aws-credentials@v4 | |
| with: | |
| role-to-assume: ${{ secrets.ECR_ROLE_TO_ASSUME }} | |
| aws-region: ${{ vars.ECR_REGION }} | |
| - uses: aws-actions/amazon-ecr-login@v2 | |
| id: login-ecr | |
| - run: | | |
| docker build --build-arg GITHUB_DEPLOY_KEY="${GITHUB_DEPLOY_KEY}" --target=production -t $REGISTRY/$REPOSITORY:$IMAGE_TAG . | |
| docker push $REGISTRY/$REPOSITORY:$IMAGE_TAG | |
| cat kubernetes-deploy-production.tpl | envsubst > kubernetes-deploy-production.yaml | |
| env: | |
| REGISTRY: ${{ steps.login-ecr.outputs.registry }} | |
| REPOSITORY: ${{ vars.ECR_REPOSITORY }} | |
| IMAGE_TAG: ${{ github.sha }} | |
| BRANCH: 'production' | |
| - run: | | |
| echo "${KUBE_CERT}" > ca.crt | |
| kubectl config set-cluster ${KUBE_CLUSTER} --certificate-authority=./ca.crt --server=https://${KUBE_CLUSTER} | |
| kubectl config set-credentials deploy-user --token=${KUBE_TOKEN} | |
| kubectl config set-context ${KUBE_CLUSTER} --cluster=${KUBE_CLUSTER} --user=deploy-user --namespace=${KUBE_NAMESPACE} | |
| kubectl config use-context ${KUBE_CLUSTER} | |
| kubectl -n ${KUBE_NAMESPACE} apply -f kubernetes-deploy-production.yaml | |
| env: | |
| KUBE_CERT: ${{ secrets.KUBE_CERT }} | |
| KUBE_TOKEN: ${{ secrets.KUBE_TOKEN }} | |
| KUBE_CLUSTER: ${{ secrets.KUBE_CLUSTER }} |