-
Notifications
You must be signed in to change notification settings - Fork 7
207 lines (185 loc) · 7.4 KB
/
Copy pathbuild.yml
File metadata and controls
207 lines (185 loc) · 7.4 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
# This workflow will do a clean install of node dependencies, build the source code and run tests across different versions of node
# For more information see: https://help.github.com/actions/language-and-framework-guides/using-nodejs-with-github-actions
name: build
on:
push:
branches: [master]
tags: ['*']
pull_request:
branches: [master]
jobs:
act-test:
runs-on: ubuntu-latest
steps:
- name: Block obsolete job execution
run: |
if [ -n "$ACT" ]; then
echo "Running in act, some jobs are skipped"
exit 1
else
exit 0
fi
continue-on-error: true
build:
runs-on: ubuntu-latest
strategy:
matrix:
node-version: ['22.x']
steps:
- uses: actions/checkout@v6
- name: Use Node.js ${{ matrix.node-version }}
uses: actions/setup-node@v6
with:
node-version: ${{ matrix.node-version }}
cache: 'npm'
- run: npm ci
- run: npm run lint
- run: npm run test
- run: npm run build
- name: save the built
uses: actions/upload-artifact@v7
if: "!failure()"
with:
retention-days: 1
name: the-built
path: |
dist/
docs/
e2e:
runs-on: ubuntu-latest
timeout-minutes: 30
needs: build
steps:
- uses: actions/checkout@v6
- uses: actions/setup-node@v6
with:
node-version: '22.x'
cache: 'npm'
- run: npm ci
- name: Install Playwright
run: npx playwright install --with-deps chromium
- name: Run e2e tests
run: npm run e2e
- name: Upload Playwright report
uses: actions/upload-artifact@v7
if: ${{ !cancelled() }}
with:
name: playwright-report
path: playwright-report/
retention-days: 7
gh-pages:
name: 'Host with GitHub Pages'
runs-on: ubuntu-latest
needs:
- build
- act-test
if: ${{ github.ref == 'refs/heads/master' }}
steps:
- uses: actions/checkout@v6
- uses: actions/setup-node@v6
with:
node-version: '22.x'
- name: Clean repo
run: |
git checkout --orphan gh-pages
git rm -rf . > /dev/null 2>&1
- name: load the built
uses: actions/download-artifact@v8
with:
name: the-built
- name: Setup and deploy Github Pages
run: |
rm -rf dist
mv docs/* .
git config user.name "$GITHUB_ACTOR"
git config user.email "${GITHUB_ACTOR}@users.noreply.github.com"
git add . > /dev/null 2>&1
git commit -m "Deploy" > /dev/null 2>&1
git push --force origin gh-pages
publish:
name: 'Publish npm package'
runs-on: ubuntu-latest
permissions:
id-token: write
contents: read
needs:
- build
- e2e
- act-test
if: startsWith(github.ref, 'refs/tags/v')
steps:
- uses: actions/checkout@v6
- uses: actions/setup-node@v6
with:
node-version: '22.x'
registry-url: 'https://registry.npmjs.org'
scope: '@geolonia'
- name: load the built
uses: actions/download-artifact@v8
with:
name: the-built
- name: Update npm
run: npm install -g npm@latest
- name: 'Publish to NPM (latest)'
if: "!contains(github.ref, '-pre.')"
run: npm publish --access=public
- name: 'Publish to NPM (next)'
if: "contains(github.ref, '-pre.')"
run: npm publish --access=public --tag=next
deploy:
needs: [build, e2e]
runs-on: ubuntu-latest
if: startsWith(github.ref, 'refs/tags/v')
# These permissions are needed to interact with GitHub's OIDC Token endpoint.
permissions:
id-token: write
contents: read
steps:
- uses: actions/checkout@v6
with:
fetch-depth: 0
- uses: actions/download-artifact@v8
with: { name: the-built, path: ./ }
- name: Read version
id: version
run: |
TAG=${GITHUB_REF#refs/tags/}
VERSION=${TAG#v}
MAJOR=$(echo $VERSION | cut -d. -f1)
echo "version=$VERSION" >> "$GITHUB_OUTPUT"
echo "major_version=$MAJOR" >> "$GITHUB_OUTPUT"
- name: Restore timestamps
uses: chetan/git-restore-mtime-action@v1
- name: Configure AWS Credentials for test
if: ${{ env.ACT }}
uses: aws-actions/configure-aws-credentials@v1
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: ${{ env.AWS_REGION }}
- name: Configure AWS Credentials for deploy
if: ${{ !env.ACT }}
uses: aws-actions/configure-aws-credentials@v1
with:
aws-region: ap-northeast-1
role-to-assume: ${{ secrets.AWS_DEPLOY_ROLE }}
- name: Deploy to S3
run: |
# Note: The default max-age is set at 3600 seconds or 1 hour. After 1 hour,
# the client will mark the resource as stale, and require a refresh.
# In most cases, this will result in a if-modified-since conditional request.
# For resources that are immutable (for example, embed-chunks), the max-age is set to immutable.
# For resources that will be manually invalidated, an addition s-maxage so CloudFront keeps the file in its cache as long as possible.
# Deploy embed chunks -- because they have fingerprints in the filename, they're immutable
aws s3 sync ./dist/embed-chunks s3://${{ secrets.CDN_BUCKET }}/embed/v${{ steps.version.outputs.major_version }}/embed-chunks --cache-control "public,max-age=31536000,immutable"
aws s3 sync ./dist/embed-chunks s3://${{ secrets.CDN_BUCKET }}/embed/v${{ steps.version.outputs.version }}/embed-chunks --cache-control "public,max-age=31536000,immutable"
# Deploy main embed entrypoint
# I used to use s-maxage here, but after testing decided to revert back to only using max-age.
# If you use s-maxage that is much longer than max-age, the age header will be longer than
# max-age, and the browser will think that the file is expired. Using max-age will make
# CloudFront fetch a new file every 3600 seconds, resetting the Age header
aws s3 cp ./dist/embed s3://${{ secrets.CDN_BUCKET }}/embed/v${{ steps.version.outputs.major_version }}/embed --cache-control "public,max-age=3600" --content-type "application/javascript; charset=UTF-8"
aws s3 cp ./dist/embed.js.LICENSE.txt s3://${{ secrets.CDN_BUCKET }}/embed/v${{ steps.version.outputs.major_version }}/embed.js.LICENSE.txt --cache-control "public,max-age=3600" --content-type "text/plain; charset=UTF-8"
aws s3 cp ./dist/embed s3://${{ secrets.CDN_BUCKET }}/embed/v${{ steps.version.outputs.version }}/embed --cache-control "public,max-age=3600" --content-type "application/javascript; charset=UTF-8"
aws s3 cp ./dist/embed.js.LICENSE.txt s3://${{ secrets.CDN_BUCKET }}/embed/v${{ steps.version.outputs.version }}/embed.js.LICENSE.txt --cache-control "public,max-age=3600" --content-type "text/plain; charset=UTF-8"
aws cloudfront create-invalidation --distribution-id "${{ secrets.AWS_CLOUDFRONT_DISTRIBUTION_ID }}" --paths "/embed/v${{ steps.version.outputs.major_version }}/embed" "/embed/v${{ steps.version.outputs.version }}/embed"