rebuild #948
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: deploy | |
| on: | |
| repository_dispatch: | |
| workflow_dispatch: | |
| push: | |
| branches: | |
| - main | |
| pull_request: | |
| env: | |
| IMAGE_NAME: us-central1-docker.pkg.dev/analysis-tools-dev/analysis-tools/website | |
| permissions: | |
| contents: 'read' | |
| id-token: 'write' | |
| concurrency: | |
| # Only one execution per branch/PR can run at the same time. | |
| group: ${{ github.workflow }}-${{ github.ref }} | |
| cancel-in-progress: true | |
| jobs: | |
| test: | |
| if: github.event_name == 'pull_request' | |
| runs-on: ubuntu-latest | |
| env: | |
| NEXT_TELEMETRY_DISABLED: 1 | |
| CI: true | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: 'Authenticate to Google Cloud' | |
| id: auth | |
| uses: 'google-github-actions/auth@v2' | |
| with: | |
| workload_identity_provider: 'projects/84699750544/locations/global/workloadIdentityPools/github/providers/github' | |
| service_account: 'github-actions@analysis-tools-dev.iam.gserviceaccount.com' | |
| create_credentials_file: true | |
| - name: Setup Node.js | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: 24 | |
| cache: 'npm' | |
| - name: Install dependencies | |
| run: npm ci --legacy-peer-deps | |
| - name: Run linting | |
| run: npm run lint | |
| - name: Build project | |
| env: | |
| GOOGLE_APPLICATION_CREDENTIALS: ${{ steps.auth.outputs.credentials_file_path }} | |
| run: npm run build | |
| deploy: | |
| if: github.event_name != 'pull_request' | |
| runs-on: ubuntu-latest | |
| env: | |
| NEXT_TELEMETRY_DISABLED: 1 | |
| CI: true | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: 'Authenticate to Google Cloud' | |
| id: auth | |
| uses: 'google-github-actions/auth@v2' | |
| with: | |
| workload_identity_provider: 'projects/84699750544/locations/global/workloadIdentityPools/github/providers/github' | |
| service_account: 'github-actions@analysis-tools-dev.iam.gserviceaccount.com' | |
| create_credentials_file: true | |
| - name: 'Set up Cloud SDK' | |
| uses: 'google-github-actions/setup-gcloud@v2' | |
| - name: Setup Node.js | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: 24 | |
| cache: 'npm' | |
| - name: Install dependencies | |
| run: npm ci --legacy-peer-deps | |
| - name: Run linting | |
| run: npm run lint | |
| - name: Build project | |
| env: | |
| GOOGLE_APPLICATION_CREDENTIALS: ${{ steps.auth.outputs.credentials_file_path }} | |
| run: npm run build | |
| # Hash all generated data files from the build (created by npm run build-data) | |
| # to ensure we redeploy when any tools data changes | |
| - name: 'Generate Hash of built tools data' | |
| run: | | |
| echo "tools_hash=$(cat data/tools.json data/tags.json data/tool-stats.json data/tag-stats.json | sha256sum | cut -c1-7)" >> $GITHUB_ENV | |
| - name: 'Configure Docker' | |
| run: gcloud auth configure-docker us-central1-docker.pkg.dev | |
| - name: 'Generate GitHub Token' | |
| id: generate_token | |
| uses: tibdex/github-app-token@v2 | |
| with: | |
| app_id: ${{ secrets.GH_APP_ID }} | |
| private_key: ${{ secrets.GH_APP_PRIVATE_KEY }} | |
| # Also take screenshots.json into account for cache busting | |
| - name: 'Download screenshots.json File' | |
| run: curl -sL https://github.com/analysis-tools-dev/assets/raw/master/screenshots.json -o ./screenshots.json | |
| - name: 'Generate Hash of screenshots.json File' | |
| run: echo "screenshots_hash=$(sha256sum screenshots.json | cut -c1-7)" >> $GITHUB_ENV | |
| # Image hash is a combination of commit + data hashes | |
| - name: 'Set IMAGE_NAME hash' | |
| run: | | |
| short_hash=$(echo "${{ github.sha }}" | cut -c1-7) | |
| echo "IMAGE_NAME=${{ env.IMAGE_NAME }}:$short_hash-${{ env.tools_hash }}-${{ env.screenshots_hash }}" >> $GITHUB_ENV | |
| - name: 'Build Docker Image' | |
| env: | |
| GH_TOKEN: ${{ steps.generate_token.outputs.token }} | |
| run: | | |
| echo "Building Docker Image with tag $IMAGE_NAME" | |
| DOCKER_BUILDKIT=1 docker build --build-arg GH_TOKEN=${{ env.GH_TOKEN }} \ | |
| --secret id=gcp_creds,src=${{ steps.auth.outputs.credentials_file_path }} \ | |
| -t ${IMAGE_NAME} . | |
| - name: 'Push Docker Image' | |
| run: | | |
| echo "Pushing Docker Image $IMAGE_NAME" | |
| docker push $IMAGE_NAME | |
| - name: 'Deploy stage' | |
| env: | |
| ALGOLIA_API_KEY: '${{ secrets.ALGOLIA_API_KEY }}' | |
| ALGOLIA_APP_ID: '${{ secrets.ALGOLIA_APP_ID }}' | |
| run: | | |
| gcloud run deploy website-stage-2ddf80d \ | |
| --image "${IMAGE_NAME}" \ | |
| --project "analysis-tools-dev" \ | |
| --region "us-central1" \ | |
| --platform "managed" \ | |
| --allow-unauthenticated \ | |
| --port "3000" \ | |
| --cpu "1" \ | |
| --memory "1Gi" \ | |
| --set-env-vars "PUBLIC_HOST=https://website-stage-2ddf80d-mcppc6wqoq-uc.a.run.app,ALGOLIA_APP_ID=${ALGOLIA_APP_ID},ALGOLIA_API_KEY=${ALGOLIA_API_KEY}" \ | |
| --quiet | |
| - name: 'Deploy prod' | |
| if: github.ref == 'refs/heads/main' | |
| env: | |
| ALGOLIA_API_KEY: '${{ secrets.ALGOLIA_API_KEY }}' | |
| ALGOLIA_APP_ID: '${{ secrets.ALGOLIA_APP_ID }}' | |
| run: | | |
| gcloud run deploy website-prod-dddbb52 \ | |
| --image "${IMAGE_NAME}" \ | |
| --project "analysis-tools-dev" \ | |
| --region "us-central1" \ | |
| --platform "managed" \ | |
| --allow-unauthenticated \ | |
| --port "3000" \ | |
| --cpu "1" \ | |
| --memory "1Gi" \ | |
| --set-env-vars "PUBLIC_HOST=https://analysis-tools.dev,ALGOLIA_APP_ID=${ALGOLIA_APP_ID},ALGOLIA_API_KEY=${ALGOLIA_API_KEY}" \ | |
| --quiet | |
| # Node.js is already set up earlier in the workflow | |
| - name: 'Update Algolia index' | |
| if: github.ref == 'refs/heads/main' | |
| env: | |
| ALGOLIA_APP_ID: '${{ secrets.ALGOLIA_APP_ID }}' | |
| ALGOLIA_ADMIN_KEY: '${{ secrets.ALGOLIA_ADMIN_KEY }}' | |
| ALGOLIA_INDEX_NAME: 'tools' | |
| run: | | |
| npm run search-index |