-
Notifications
You must be signed in to change notification settings - Fork 130
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
I have added a test job before the deploy job , fix spelling errors and move op scripts
- Loading branch information
1 parent
7fd8180
commit 6d91103
Showing
5 changed files
with
167 additions
and
116 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,30 +1,59 @@ | ||
name: Deploy to GCS | ||
name: Deploy to GCS Stage | ||
|
||
on: | ||
push: | ||
branches: | ||
- gcs-pipeline | ||
|
||
jobs: | ||
test-website: | ||
runs-on: ubuntu-latest | ||
steps: | ||
- name: Checkout code | ||
uses: actions/checkout@v3 | ||
|
||
- name: Setup Node js | ||
uses: actions/setup-node@v3 | ||
with: | ||
node-version: "18" | ||
- name: Install dependencies | ||
run: yarn install --immutable | ||
- name: Test current build | ||
run: yarn run test-ci | ||
continue-on-error: true | ||
|
||
deploy-stage: | ||
runs-on: ubuntu-latest | ||
needs: test-website | ||
if: ${{ success() }} | ||
environment: stage | ||
steps: | ||
- name: Checkout code | ||
uses: actions/checkout@v3 | ||
- name: Setup Node js | ||
uses: actions/setup-node@v3 | ||
|
||
- name: Set up Google Cloud SDK | ||
uses: google-github-actions/auth@v2 | ||
with: | ||
credentials_json: ${{ secrets.GCP_SA_KEY }} | ||
|
||
- name: set up gcloud | ||
- name: Set up gcloud | ||
uses: google-github-actions/setup-gcloud@v2 | ||
|
||
- name: stage build with unpublsiehd contents | ||
- name: Build the website | ||
run: | | ||
yarn install | ||
yarn build:production | ||
- name: Build version.json file | ||
run: | | ||
if [ -e version.json ]; then | ||
echo "version.json exists, skipping build" | ||
else | ||
echo "version.json does not exist, running build-version-json.sh" | ||
bash ./.utils/build-version-json.sh | ||
fi | ||
- name: Deploying unpublsiehd content to stage. | ||
run: | | ||
sh ./bin/gcs-deploy.sh ${{vars.EXTENSIONWORKSHOP_BUCKET_STAGE}} | ||
sh ./.utils/gcs-deploy.sh ${{ vars.EXTENSIONWORKSHOP_BUCKET_STAGE }} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,99 @@ | ||
#!/bin/bash | ||
|
||
set -ex | ||
EXTENSION_WORKSHOP_BUCKET_GCS=$1 | ||
|
||
echo $EXTENSION_WORKSHOP_BUCKET_GCS | ||
|
||
|
||
# For short-lived assets; in seconds | ||
TEN_MINS="600" | ||
|
||
# For long-lived assets; in seconds | ||
ONE_YEAR="31536000" | ||
|
||
CSPSTATIC="x-goog-meta-content-security-policy: default-src 'none'; base-uri 'none'; form-action 'none'; frame-ancestors: 'none'; object-src 'none'" | ||
CSP="x-goog-meta-content-security-policy: default-src 'none'; img-src 'self' data:; form-action 'self' https://www.mozilla.org/en-US/newsletter/; media-src 'self' blob:; script-src 'self' https://www.youtube.com/iframe_api https://www.youtube.com/s/player/ 'sha256-vqFvYKh0rwFP9fSa0PuzUff2ElHQ+rkjGfycqUNqufQ=' https://www.googletagmanager.com/gtag/js ; font-src 'self'; frame-ancestors 'none'; frame-src https://www.youtube.com/embed/ https://calendar.google.com/calendar/appointments/; base-uri 'none'; style-src 'self' 'unsafe-inline'; connect-src 'self' https://blog.mozilla.org/addons/feed/ https://www.mozilla.org/en-US/newsletter/ https://*.google-analytics.com;" | ||
ACAO="x-goog-meta-access-control-allow-origin: *" | ||
|
||
if [ -z "$EXTENSION_WORKSHOP_BUCKET_GCS" ]; then | ||
echo "The GCS bucket is not set. Failing." | ||
exit 1 | ||
fi | ||
|
||
if [ -e version.json ]; then | ||
mv version.json dist/__version__ | ||
# __version__ JSON; short cache | ||
gsutil \ | ||
-h "cache-control: max-age=${TEN_MINS}" \ | ||
-h "content-type: application/json" \ | ||
-h "$CSPSTATIC" \ | ||
-h "$ACAO" \ | ||
rsync \ | ||
-J \ | ||
-a public-read \ | ||
dist/_version_ "gs://${EXTENSION_WORKSHOP_BUCKET_GCS}/__version__" | ||
|
||
fi | ||
|
||
|
||
deploy_code() { | ||
|
||
# The basic strategy is to sync all the files that need special attention | ||
# first, and then sync everything else which will get defaults | ||
# | ||
# Note that we use single quotes below for the regex pattern so that we don't | ||
# have to deal with history expansion in shell. | ||
|
||
# HTML; short cache | ||
gsutil \ | ||
-h "cache-control: max-age=${TEN_MINS}" \ | ||
-h "content-type: text/html" \ | ||
-h "$CSP" \ | ||
-h "$ACAO" \ | ||
rsync \ | ||
-R \ | ||
-J \ | ||
-a public-read \ | ||
-x '.*(?<!\.html)$' \ | ||
dist "gs://$EXTENSION_WORKSHOP_BUCKET_GCS/" | ||
|
||
# JS; short cache | ||
gsutil \ | ||
-h "cache-control: max-age=${TEN_MINS}" \ | ||
-h "content-type: text/javascript" \ | ||
-h "$CSPSTATIC" \ | ||
rsync \ | ||
-R \ | ||
-J \ | ||
-a public-read \ | ||
-x '.*(?<!\.js)$' \ | ||
dist "gs://$EXTENSION_WORKSHOP_BUCKET_GCS/" | ||
|
||
# SVG; cache forever, assign correct content-type | ||
gsutil \ | ||
-h "cache-control: max-age=${ONE_YEAR}, immutable" \ | ||
-h "content-type: image/svg+xml" \ | ||
-h "$CSPSTATIC" \ | ||
-m \ | ||
rsync \ | ||
-R \ | ||
-J \ | ||
-a public-read \ | ||
-x '.*(?<!\.svg)$' \ | ||
dist "gs://$EXTENSION_WORKSHOP_BUCKET_GCS/" | ||
|
||
# evertying else in bucket. | ||
gsutil \ | ||
-h "cache-control: max-age=${ONE_YEAR}, immutable" \ | ||
-h "$CSPSTATIC" \ | ||
-m \ | ||
rsync \ | ||
-R \ | ||
-d \ | ||
-a public-read \ | ||
dist "gs://$EXTENSION_WORKSHOP_BUCKET_GCS/" | ||
|
||
} | ||
|
||
deploy_code |
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.