Create 2026-03-12.md #143
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Preview deployment | |
| on: | |
| pull_request: | |
| types: | |
| - opened | |
| - reopened | |
| - synchronize | |
| - closed | |
| workflow_dispatch: | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }} | |
| cancel-in-progress: true | |
| env: | |
| REGISTRY: ghcr.io | |
| IMAGE_NAME: ${{ github.repository }}/preview | |
| jobs: | |
| build: | |
| if: github.event.action != 'closed' | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: read | |
| packages: write | |
| outputs: | |
| image: ${{ steps.meta.outputs.tags }} | |
| image-tag: ${{ steps.image-tag.outputs.tag }} | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v6 | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v4 | |
| - name: Log in to Container Registry | |
| uses: docker/login-action@v4 | |
| with: | |
| registry: ${{ env.REGISTRY }} | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Extract metadata | |
| id: meta | |
| uses: docker/metadata-action@v6 | |
| with: | |
| images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} | |
| tags: | | |
| type=sha,format=short,prefix=pr-${{ github.event.pull_request.number }}- | |
| - name: Determine deployment URL | |
| id: url | |
| run: | | |
| PR_NUM="${{ github.event.pull_request.number }}" | |
| DEPLOYMENT_URL="https://web-pr${PR_NUM}-mzs-3ik.rig.prd1.gn2.quattro.rijksapps.nl" | |
| echo "deployment_url=${DEPLOYMENT_URL}" >> $GITHUB_OUTPUT | |
| - name: Build and push container image | |
| uses: docker/build-push-action@v7 | |
| with: | |
| context: . | |
| file: ./container/Containerfile | |
| push: true | |
| tags: ${{ steps.meta.outputs.tags }} | |
| labels: ${{ steps.meta.outputs.labels }} | |
| build-args: | | |
| BASE_URL=${{ steps.url.outputs.deployment_url }} | |
| cache-from: type=gha | |
| cache-to: type=gha,mode=max | |
| - name: Extract image tag | |
| id: image-tag | |
| run: | | |
| TAG="pr-${{ github.event.pull_request.number }}-$(echo ${{ github.sha }} | cut -c1-7)" | |
| echo "tag=$TAG" >> $GITHUB_OUTPUT | |
| deploy-preview: | |
| if: github.event_name == 'pull_request' && github.event.action != 'closed' | |
| runs-on: ubuntu-latest | |
| permissions: | |
| deployments: write | |
| pull-requests: write | |
| needs: build | |
| environment: | |
| name: pr${{ github.event.pull_request.number }} | |
| url: ${{ steps.deploy.outputs.url }} | |
| steps: | |
| - name: Deploy to ZAD | |
| id: deploy | |
| uses: RijksICTGilde/zad-actions/deploy@v2 | |
| with: | |
| api-key: ${{ secrets.ZAD_API_KEY }} | |
| project-id: mzs-3ik | |
| deployment-name: pr${{ github.event.pull_request.number }} | |
| component: web | |
| image: ${{ needs.build.outputs.image }} | |
| comment-on-pr: true | |
| qr-code: true | |
| wait-for-ready: true | |
| cleanup-preview: | |
| if: github.event_name == 'pull_request' && github.event.action == 'closed' | |
| runs-on: ubuntu-latest | |
| permissions: | |
| deployments: write | |
| packages: write | |
| pull-requests: write | |
| steps: | |
| - name: Cleanup ZAD deployment | |
| uses: RijksICTGilde/zad-actions/cleanup@v2 | |
| with: | |
| api-key: ${{ secrets.ZAD_API_KEY }} | |
| project-id: mzs-3ik | |
| deployment-name: pr${{ github.event.pull_request.number }} | |
| delete-github-env: true | |
| delete-github-deployments: true | |
| delete-pr-comment: true | |
| - name: Delete container images for this PR | |
| shell: bash | |
| env: | |
| GH_TOKEN: ${{ github.token }} | |
| CONTAINER_ORG: ${{ github.repository_owner }} | |
| TAG_PREFIX: pr-${{ github.event.pull_request.number }}- | |
| run: | | |
| echo "Deleting container images with tag prefix: $TAG_PREFIX" | |
| # Package name without org (e.g., "moza-site/preview") | |
| CONTAINER_NAME="${{ github.event.repository.name }}/preview" | |
| # URL-encode the package name (slashes need to be encoded) | |
| ENCODED_NAME=$(printf '%s' "$CONTAINER_NAME" | jq -sRr @uri) | |
| # Get all versions and filter by tag prefix | |
| VERSIONS=$(gh api "orgs/$CONTAINER_ORG/packages/container/$ENCODED_NAME/versions" 2>/dev/null | \ | |
| jq -r --arg prefix "$TAG_PREFIX" '.[] | select(.metadata.container.tags[]? | startswith($prefix)) | .id') | |
| if [ -z "$VERSIONS" ]; then | |
| echo "No versions found with tag prefix: $TAG_PREFIX (may already be deleted)" | |
| exit 0 | |
| fi | |
| # Delete each version | |
| DELETED_COUNT=0 | |
| for VERSION_ID in $VERSIONS; do | |
| if gh api "orgs/$CONTAINER_ORG/packages/container/$ENCODED_NAME/versions/$VERSION_ID" -X DELETE 2>/dev/null; then | |
| echo "Deleted version: $VERSION_ID" | |
| DELETED_COUNT=$((DELETED_COUNT + 1)) | |
| else | |
| echo "Failed to delete version: $VERSION_ID" | |
| fi | |
| done | |
| echo "Deleted $DELETED_COUNT container version(s) for PR ${{ github.event.pull_request.number }}" |