Mcobbett 2071 rbac #1983
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: build | |
on: [push, pull_request, merge_group] | |
env: | |
IMAGE_NAME: ${{ vars.REGISTRY_HOSTNAME }}/${{ vars.ICR_NAMESPACE }}/galasa.dev:${{ github.sha }} | |
jobs: | |
prettier: | |
name: Check code formatting | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v3 | |
- name: Setup Node.js | |
uses: actions/setup-node@v3 | |
with: | |
node-version: 18 | |
- run: npm ci --legacy-peer-deps | |
- run: ./.github/scripts/prettier-check.sh | |
# Build the site to be deployed to galasa.dev | |
build-dotdev: | |
name: Build the galasa.dev site | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v3 | |
- name: Setup Node.js | |
uses: actions/setup-node@v3 | |
with: | |
node-version: 18 | |
- uses: nelonoel/[email protected] | |
- run: npm ci --legacy-peer-deps | |
- run: npm run build | |
env: | |
BASE_REPO_SLUG: ${{ github.repository }} | |
PR_REPO_SLUG: ${{ github.event.pull_request.head.repo.full_name }} | |
PR_BRANCH_NAME: ${{ github.event.pull_request.head.ref }} | |
- name: Serve the site | |
run: npm run serve & | |
- name: Check for broken links | |
run: npx broken-link-checker -ro --exclude /docs/managers/ --filter-level 3 --host-requests 8 --user-agent Chrome/90 --exclude https://fonts.gstatic.com/ --exclude https://github.com/galasa-dev/extensions/ http://localhost:9000 | |
- name: Upload raw site | |
uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0 | |
with: | |
name: output-dotdev-raw-site | |
path: public | |
# Wrap the site in an NGINX container and publish to a container registry | |
publish-dotdev: | |
name: Publish image to repository | |
runs-on: ubuntu-latest | |
needs: [ build-dotdev, prettier ] | |
if: (github.ref == 'refs/heads/main') || (github.ref == 'refs/heads/next') | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v3 | |
with: | |
path: repo | |
- name: Download raw site | |
uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 | |
with: | |
name: output-dotdev-raw-site | |
path: site/public | |
- name: Merge site and NGINX configuration | |
run: cp -rv repo/ce/* site/ | |
- name: Install IBM Cloud CLI | |
run: | | |
curl -fsSL https://clis.cloud.ibm.com/install/linux | sh | |
ibmcloud --version | |
ibmcloud config --check-version=false | |
ibmcloud plugin install -f container-registry | |
- name: Authenticate with IBM Cloud CLI | |
run: | | |
ibmcloud login --apikey "${{ secrets.IBM_CLOUD_API_KEY }}" --no-region -g ${{ vars.RESOURCE_GROUP }} | |
ibmcloud cr region-set global | |
ibmcloud cr login | |
- name: Install pack (Paketo) CLI | |
uses: buildpacks/github-actions/[email protected] | |
- name: Build image with Paketo and publish to repository | |
run: | | |
pack build $IMAGE_NAME \ | |
--buildpack gcr.io/paketo-buildpacks/nginx \ | |
--builder paketobuildpacks/builder:base \ | |
--path site \ | |
--publish | |
# Deploy the site to galasa.dev | |
deploy-dotdev: | |
name: Deploy to galasa.dev | |
runs-on: ubuntu-latest | |
needs: [ publish-dotdev ] | |
if: github.ref == 'refs/heads/main' | |
strategy: | |
matrix: | |
region: | |
- name: us-south | |
- name: eu-gb | |
- name: au-syd | |
steps: | |
- name: Install IBM Cloud CLI | |
run: | | |
curl -fsSL https://clis.cloud.ibm.com/install/linux | sh | |
ibmcloud --version | |
ibmcloud config --check-version=false | |
ibmcloud plugin install -f code-engine | |
- name: Authenticate with IBM Cloud CLI | |
run: | | |
ibmcloud login --apikey "${{ secrets.IBM_CLOUD_API_KEY }}" -r "${{ matrix.region.name }}" -g ${{ vars.RESOURCE_GROUP }} | |
ibmcloud ce project select --name galasa-${{ matrix.region.name }} | |
- name: Update Code Engine application | |
run: | | |
ibmcloud ce application update \ | |
--name galasa-${{ matrix.region.name }}-site \ | |
--image $IMAGE_NAME | |
# Deploy to vnext | |
deploy-vnext: | |
name: Deploy to vnext.galasa.dev | |
runs-on: ubuntu-latest | |
needs: [ publish-dotdev ] | |
if: github.ref == 'refs/heads/next' | |
steps: | |
- name: Install IBM Cloud CLI | |
run: | | |
curl -fsSL https://clis.cloud.ibm.com/install/linux | sh | |
ibmcloud --version | |
ibmcloud config --check-version=false | |
ibmcloud plugin install -f code-engine | |
- name: Authenticate with IBM Cloud CLI | |
run: | | |
ibmcloud login --apikey "${{ secrets.IBM_CLOUD_API_KEY }}" -r "eu-gb" -g ${{ vars.RESOURCE_GROUP }} | |
ibmcloud ce project select --name galasa-eu-gb | |
- name: Update Code Engine application | |
run: | | |
ibmcloud ce application update \ | |
--name galasa-eu-gb-next \ | |
--image $IMAGE_NAME | |
# Immediately trigger a DocSearch crawl | |
crawl-docsearch: | |
name: Submit Algolia DocSearch crawler | |
runs-on: ubuntu-latest | |
needs: deploy-dotdev | |
steps: | |
- name: Algolia crawler creation and crawl | |
uses: algolia/[email protected] | |
with: | |
crawler-user-id: ${{ secrets.CRAWLER_USER_ID }} | |
crawler-api-key: ${{ secrets.CRAWLER_API_KEY }} | |
crawler-name: galasa | |
algolia-app-id: ${{ secrets.ALGOLIA_APP_ID }} | |
algolia-api-key: ${{ secrets.ALGOLIA_API_KEY }} | |
site-url: 'https://galasa.dev' | |
# Build the site for local deployment in closed networks | |
build-local: | |
name: Build the local site | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v3 | |
- name: Setup Node.js | |
uses: actions/setup-node@v3 | |
with: | |
node-version: 18 | |
- uses: nelonoel/[email protected] | |
- run: npm ci --legacy-peer-deps | |
- run: npm run build | |
env: | |
BASE_REPO_SLUG: ${{ github.repository }} | |
PR_REPO_SLUG: ${{ github.event.pull_request.head.repo.full_name }} | |
PR_BRANCH_NAME: ${{ github.event.pull_request.head.ref }} | |
GATSBY_GALASA_ENV: "LOCAL" | |
- name: Serve the site | |
run: npm run serve & | |
- name: Check for broken links | |
run: npx broken-link-checker -ro --exclude /docs/managers/ --filter-level 3 --host-requests 8 --user-agent Chrome/90 --exclude https://fonts.gstatic.com/ --exclude https://github.com/galasa-dev/extensions/ http://localhost:9000 | |
- name: Upload raw site | |
uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0 | |
with: | |
name: output-local-raw-site | |
path: public | |
- name: Create WAR | |
run: ./.github/scripts/war.sh | |
- name: Upload WAR | |
uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0 | |
with: | |
name: output-local-war | |
path: galasa.dev-site.war | |
build-local-runnable-jar: | |
name: Build a runnable JAR of the local site | |
runs-on: ubuntu-latest | |
needs: [ build-local, prettier ] | |
permissions: | |
contents: read | |
packages: write | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v3 | |
- name: Download WAR | |
uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 | |
with: | |
name: output-local-war | |
- name: Set up JDK 8 | |
uses: actions/setup-java@v3 | |
with: | |
java-version: '8' | |
distribution: 'adopt' | |
- name: Build with Gradle | |
run: ./gradlew --info libertyPackage | |
working-directory: package-jar | |
- name: Publish with Gradle to GitHub Packages | |
if: ${{ github.ref == 'refs/heads/staging' || github.ref == 'refs/heads/next' }} | |
run: ./gradlew --info publish | |
working-directory: package-jar | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
- name: Upload JAR | |
uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0 | |
with: | |
name: output-local-jar | |
path: package-jar/build/libs/galasa.dev-runnable.jar |