|
| 1 | +name: Production (Azure) - Build and Deploy |
| 2 | + |
| 3 | +# **What it does**: Builds and deploys the default branch to production |
| 4 | +# **Why we have it**: To enable us to deploy the latest to production whenever necessary rather than relying on PR merges. |
| 5 | +# **Who does it impact**: All contributors. |
| 6 | + |
| 7 | +on: |
| 8 | + push: |
| 9 | + branches: |
| 10 | + - main |
| 11 | + workflow_dispatch: |
| 12 | + |
| 13 | +permissions: |
| 14 | + contents: read |
| 15 | + deployments: write |
| 16 | + |
| 17 | +# This allows a subsequently queued workflow run to take priority over |
| 18 | +# previously queued runs but NOT interrupt currently executing runs |
| 19 | +concurrency: |
| 20 | + group: '${{ github.workflow }}' |
| 21 | + cancel-in-progress: false |
| 22 | + |
| 23 | +jobs: |
| 24 | + build-and-deploy: |
| 25 | + if: ${{ github.repository == 'github/docs-internal' }} |
| 26 | + runs-on: ubuntu-latest |
| 27 | + timeout-minutes: 15 |
| 28 | + env: |
| 29 | + IMAGE_TAG_BASE: ${{ secrets.PROD_REGISTRY_SERVER }}/${{ github.repository }} |
| 30 | + |
| 31 | + steps: |
| 32 | + - name: 'Docker login' |
| 33 | + uses: azure/docker-login@81744f9799e7eaa418697cb168452a2882ae844a |
| 34 | + with: |
| 35 | + login-server: ${{ secrets.PROD_REGISTRY_SERVER }} |
| 36 | + username: ${{ secrets.PROD_REGISTRY_USERNAME }} |
| 37 | + password: ${{ secrets.PROD_REGISTRY_PASSWORD }} |
| 38 | + |
| 39 | + - name: Set up Docker Buildx |
| 40 | + uses: docker/setup-buildx-action@94ab11c41e45d028884a99163086648e898eed25 |
| 41 | + |
| 42 | + - name: Check out repo |
| 43 | + uses: actions/checkout@ec3a7ce113134d7a93b817d10a8272cb61118579 |
| 44 | + with: |
| 45 | + ref: ${{ github.sha }} |
| 46 | + # To prevent issues with cloning early access content later |
| 47 | + persist-credentials: 'false' |
| 48 | + lfs: 'true' |
| 49 | + |
| 50 | + - name: Check out LFS objects |
| 51 | + run: git lfs checkout |
| 52 | + |
| 53 | + - name: Setup node |
| 54 | + uses: actions/setup-node@04c56d2f954f1e4c69436aa54cfef261a018f458 |
| 55 | + with: |
| 56 | + node-version: 16.13.x |
| 57 | + cache: npm |
| 58 | + |
| 59 | + - name: Clone early access |
| 60 | + run: npm install dotenv && node script/early-access/clone-for-build.js |
| 61 | + env: |
| 62 | + DOCUBOT_REPO_PAT: ${{ secrets.DOCUBOT_REPO_PAT }} |
| 63 | + GIT_BRANCH: main |
| 64 | + |
| 65 | + - name: 'Build and push image' |
| 66 | + uses: docker/build-push-action@a66e35b9cbcf4ad0ea91ffcaf7bbad63ad9e0229 |
| 67 | + with: |
| 68 | + context: . |
| 69 | + push: true |
| 70 | + target: 'production_early_access' |
| 71 | + tags: ${{ env.IMAGE_TAG_BASE }}:${{ github.sha }}, ${{ env.IMAGE_TAG_BASE }}:production |
| 72 | + cache-from: type=gha |
| 73 | + cache-to: type=gha,mode=max |
| 74 | + |
| 75 | + # TODO - enable this when we disable the other production deploy |
| 76 | + # - name: Purge Fastly edge cache |
| 77 | + # env: |
| 78 | + # FASTLY_TOKEN: ${{ secrets.FASTLY_TOKEN }} |
| 79 | + # FASTLY_SERVICE_ID: ${{ secrets.FASTLY_SERVICE_ID }} |
| 80 | + # FASTLY_SURROGATE_KEY: 'every-deployment' |
| 81 | + # run: npm install got && .github/actions-scripts/purge-fastly-edge-cache.js |
| 82 | + |
| 83 | + - name: Send Slack notification if workflow failed |
| 84 | + uses: someimportantcompany/github-actions-slack-message@f8d28715e7b8a4717047d23f48c39827cacad340 |
| 85 | + if: ${{ failure() }} |
| 86 | + with: |
| 87 | + channel: ${{ secrets.DOCS_ALERTS_SLACK_CHANNEL_ID }} |
| 88 | + bot-token: ${{ secrets.SLACK_DOCS_BOT_TOKEN }} |
| 89 | + color: failure |
| 90 | + text: Production deployment (Azure) failed at commit ${{ github.sha }}. See https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }} |
0 commit comments