Skip to content

Bump the development-dependencies group across 1 directory with 10 updates #2245

Bump the development-dependencies group across 1 directory with 10 updates

Bump the development-dependencies group across 1 directory with 10 updates #2245

Workflow file for this run

name: Build & deploy review site
on:
pull_request:
paths-ignore:
- 'dist/**'
push:
paths-ignore:
- 'dist/**'
branches:
- main
- 2.x
env:
AZ_SITE_HOST: ${{ vars.AZ_SITE_HOST }}
AZ_EPHEMERALIMAGENAME: ${{ vars.AZ_EPHEMERALIMAGENAME }}
jobs:
lint-code:
name: Check code for linting errors
runs-on: ubuntu-latest
permissions:
checks: write
contents: write
packages: write
steps:
- name: Checkout repository to workspace
uses: actions/checkout@v4
- name: Set variables for Docker images
run: |
oldhash=${{ hashFiles('Dockerfile', 'package.json', 'package-lock.json', 'scripts/*') }}
imageprefix=${{ vars.AZ_DOCKER_REGISTRY }}"/${GITHUB_REPOSITORY}/"
imagestem="${imageprefix}${AZ_EPHEMERALIMAGENAME}:"
echo "AZ_OLD_HASH=${oldhash}" >> ${GITHUB_ENV}
echo "AZ_IMAGE_STEM=${imagestem}" >> ${GITHUB_ENV}
echo "AZ_EPHEMERAL_IMAGE=${imagestem}${oldhash}" >> ${GITHUB_ENV}
echo "AZ_BOOTSTRAP_SOURCE_DIR=/arizona-bootstrap-source" >> ${GITHUB_ENV}
echo "AZ_BOOTSTRAP_FROZEN_DIR=/azbuild/arizona-bootstrap" >> ${GITHUB_ENV}
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Docker authentication
uses: docker/login-action@v3
with:
registry: ${{ vars.AZ_DOCKER_REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Search for Docker image
id: dockerpull
continue-on-error: true
run: |
docker pull "$AZ_EPHEMERAL_IMAGE"
- name: Conditionally rebuild and save the Docker image
if: ${{ steps.dockerpull.outcome == 'failure' }}
run: |
workingtitle="${AZ_EPHEMERALIMAGENAME}:working"
docker buildx build --load --platform=linux/amd64 --no-cache -t "$workingtitle" --build-arg AZ_BOOTSTRAP_FROZEN_DIR .
tempname="old${AZ_OLD_HASH}"
docker run --name "$tempname" "$workingtitle" true
docker cp -a "${tempname}:${AZ_BOOTSTRAP_FROZEN_DIR}/." .
docker rm "$tempname"
lockhash=${{ hashFiles('Dockerfile', 'package.json', 'package-lock.json', 'scripts/*') }}
ephemeral="${AZ_IMAGE_STEM}${lockhash}"
docker tag "$workingtitle" "$ephemeral"
docker push "$ephemeral"
echo "AZ_EPHEMERAL_IMAGE=${ephemeral}" >> ${GITHUB_ENV}
- name: Run the code linting checks
run: |
sudo touch config.yml
sudo find . -path "./.git" -prune -o -exec chown 1000:1000 {} \;
sudo chown 1000:1000 .
docker run --rm -v $(pwd):"${AZ_BOOTSTRAP_SOURCE_DIR}" "$AZ_EPHEMERAL_IMAGE" lint
review-site:
name: Build & deploy review site
needs: lint-code
runs-on: ubuntu-latest
permissions:
checks: write
contents: write
packages: write
pull-requests: write
steps:
- name: Checkout repository to workspace
uses: actions/checkout@v4
with:
token: ${{ secrets.GITHUB_TOKEN }}
fetch-depth: 20
- name: Find the push source branch name
if: ${{ github.event_name != 'pull_request' }}
run: echo "AZ_TRIMMED_REF=${GITHUB_REF#refs/*/}" >> ${GITHUB_ENV}
- name: Find the pull request source branch name
if: ${{ github.event_name == 'pull_request' }}
run: echo "AZ_TRIMMED_REF=${GITHUB_HEAD_REF}" >> ${GITHUB_ENV}
- name: Set variables for Docker images
run: |
oldhash=${{ hashFiles('Dockerfile', 'package.json', 'package-lock.json', 'scripts/*') }}
imageprefix=${{ vars.AZ_DOCKER_REGISTRY }}"/${GITHUB_REPOSITORY}/"
imagestem="${imageprefix}${AZ_EPHEMERALIMAGENAME}:"
echo "AZ_OLD_HASH=${oldhash}" >> ${GITHUB_ENV}
echo "AZ_IMAGE_STEM=${imagestem}" >> ${GITHUB_ENV}
echo "AZ_EPHEMERAL_IMAGE=${imagestem}${oldhash}" >> ${GITHUB_ENV}
echo "AZ_BOOTSTRAP_SOURCE_DIR=/arizona-bootstrap-source" >> ${GITHUB_ENV}
echo "AZ_BOOTSTRAP_FROZEN_DIR=/azbuild/arizona-bootstrap" >> ${GITHUB_ENV}
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Docker authentication
uses: docker/login-action@v3
with:
registry: ${{ vars.AZ_DOCKER_REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Search for Docker image
id: dockerpull
continue-on-error: true
run: |
docker pull "$AZ_EPHEMERAL_IMAGE"
- name: Conditionally rebuild and save the Docker image
if: ${{ steps.dockerpull.outcome == 'failure' }}
run: |
workingtitle="${AZ_EPHEMERALIMAGENAME}:working"
docker buildx build --load --platform=linux/amd64 --no-cache -t "$workingtitle" --build-arg AZ_BOOTSTRAP_FROZEN_DIR .
tempname="old${AZ_OLD_HASH}"
docker run --name "$tempname" "$workingtitle" true
docker cp -a "${tempname}:${AZ_BOOTSTRAP_FROZEN_DIR}/." .
docker rm "$tempname"
lockhash=${{ hashFiles('Dockerfile', 'package.json', 'package-lock.json', 'scripts/*') }}
ephemeral="${AZ_IMAGE_STEM}${lockhash}"
docker tag "$workingtitle" "$ephemeral"
docker push "$ephemeral"
echo "AZ_EPHEMERAL_IMAGE=${ephemeral}" >> ${GITHUB_ENV}
- name: Build variables
run: |
echo "AZ_REVIEW_BASEURL=/arizona-bootstrap/${AZ_TRIMMED_REF}" >> ${GITHUB_ENV}
- name: Build review site artifact
run: |
sudo touch config.yml
sudo find . -path "./.git" -prune -o -exec chown 1000:1000 {} \;
sudo chown 1000:1000 .
docker run --rm -e "AZ_SITE_BASE_URL=${AZ_REVIEW_BASEURL}" -e "AZ_SITE_HOST=${AZ_SITE_HOST}" -v $(pwd):"${AZ_BOOTSTRAP_SOURCE_DIR}" "$AZ_EPHEMERAL_IMAGE" expose-review-site
- name: Push back the updated deployable files to the repository (CSS, JS, and so on)
run: |
git config --global user.email "${GITHUB_ACTOR}@users.noreply.github.com"
git config --global user.name "${GITHUB_ACTOR}"
if [ -n "$(git status --porcelain dist)" ] ; then
git add dist
git commit -m "Save updated CSS and JS files before deployment to ${AZ_SITE_HOST}${AZ_REVIEW_BASEURL}"
git push --force origin "HEAD:${AZ_TRIMMED_REF}"
fi
shell: sh
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v4
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: ${{ secrets.AWS_REGION }}
- name: Deploy review site artifact to S3 + CloudFront
run: |
aws s3 sync --delete _site/ s3://${{ secrets.REVIEW_BUCKET }}${AZ_REVIEW_BASEURL}/
aws cloudfront create-invalidation --distribution-id ${{ secrets.REVIEW_CDN }} --paths ${AZ_REVIEW_BASEURL}/*
- name: Display review site URL
# TODO: replace with step that publishes link to review site on PR.
run: |
echo "Review site deployed to ${AZ_SITE_HOST}${AZ_REVIEW_BASEURL}"