Feat/devops #66
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Deploy Preview | ||
| on: | ||
| pull_request: | ||
| branches: ['*'] | ||
| merge_group: | ||
| env: | ||
| SKIP_ENV_VALIDATION: 1 | ||
| PROJECT_SLUG: unprice-zq-xm | ||
| ENV_SLUG: preview | ||
| jobs: | ||
| build-lint: | ||
| uses: ./.github/workflows/job_build.yaml | ||
| with: | ||
| pull_secrets: true | ||
| secrets: | ||
| MACHINE_IDENTITY_CLIENT_ID: ${{ secrets.MACHINE_IDENTITY_CLIENT_ID }} | ||
| MACHINE_IDENTITY_CLIENT_SECRET: ${{ secrets.MACHINE_IDENTITY_CLIENT_SECRET }} | ||
| PROJECT_SLUG: ${{ env.PROJECT_SLUG }} | ||
|
Check failure on line 21 in .github/workflows/deploy-preview.yml
|
||
| ENV_SLUG: ${{ env.ENV_SLUG }} | ||
| deploy-preview: | ||
| runs-on: ubuntu-latest | ||
| needs: | ||
| - build-lint | ||
| permissions: | ||
| pull-requests: write | ||
| contents: read | ||
| steps: | ||
| - uses: actions/checkout@v4 | ||
| - uses: Infisical/[email protected] | ||
| with: | ||
| client-id: ${{ secrets.MACHINE_IDENTITY_CLIENT_ID }} | ||
| client-secret: ${{ secrets.MACHINE_IDENTITY_CLIENT_SECRET }} | ||
| env-slug: ${{ env.ENV_SLUG }} | ||
| project-slug: ${{ env.PROJECT_SLUG }} | ||
| export-type: "file" | ||
| file-output-path: ".env" | ||
| secret-path: "/" | ||
| - uses: ./.github/actions/install | ||
| - uses: cardinalby/export-env-action@v2 | ||
| with: | ||
| envFile: '.env' | ||
| exportToGithubEnv: true | ||
| # export everything except DATABASE_URL using regex | ||
| filter: ^(?!DATABASE_URL$).*$ | ||
| mask: true | ||
| - name: Get branch name | ||
| id: branch-name | ||
| uses: tj-actions/branch-names@v8 | ||
| - name: Create Neon Branch | ||
| id: create-branch | ||
| uses: neondatabase/create-branch-action@v5 | ||
| with: | ||
| project_id: ${{ env.NEON_PROJECT_ID }} | ||
| parent: main | ||
| branch_name: preview/pr-${{ steps.branch-name.outputs.current_branch }} | ||
| username: ${{ env.NEON_DATABASE_USERNAME }} | ||
| database: ${{ env.NEON_DATABASE_NAME }} | ||
| api_key: ${{ env.NEON_API_KEY }} | ||
| # override the DATABASE_URL in .env file | ||
| # - run: | | ||
| # echo "DATABASE_URL=${{ steps.create-branch.outputs.db_url_with_pooler }}" >> .env | ||
| # echo "DATABASE_URL=${{ steps.create-branch.outputs.db_url_with_pooler }}" >> $GITHUB_ENV | ||
| - name: Run Migrations | ||
| working-directory: internal/db | ||
| run: | | ||
| DATABASE_URL=${{ steps.create-branch.outputs.db_url_with_pooler }} NODE_ENV=preview pnpm generate | ||
| DATABASE_URL=${{ steps.create-branch.outputs.db_url_with_pooler }} NODE_ENV=preview pnpm migrate:custom | ||
| - name: commit migrations | ||
| working-directory: internal/db | ||
| run: | | ||
| if [ -n "$(git status --porcelain ./)" ]; then | ||
| echo "Changes detected in db folder, committing..." | ||
| git config --global user.email "[email protected]" | ||
| git config --global user.name "Unprice Bot" | ||
| git add . | ||
| git commit -m "Migrations for preview" | ||
| git push --set-upstream origin ${{ steps.branch-name.outputs.current_branch }} | ||
| else | ||
| echo "No changes detected in db folder, skipping commit" | ||
| fi | ||
| - name: Schema Diff | ||
| uses: neondatabase/schema-diff-action@v1 | ||
| with: | ||
| project_id: ${{ env.NEON_PROJECT_ID }} | ||
| base_branch: main | ||
| compare_branch: preview/pr-${{ steps.branch-name.outputs.current_branch }} | ||
| username: ${{ env.NEON_DATABASE_USERNAME }} | ||
| database: ${{ env.NEON_DATABASE_NAME }} | ||
| api_key: ${{ env.NEON_API_KEY }} | ||
| # - name: Override Vercel environment variables | ||
| # run: | | ||
| # vercel link --yes --token=${{ env.VERCEL_TOKEN }} --project unprice | ||
| # echo "${{ steps.create-branch.outputs.db_url_with_pooler }}" | vercel env add DATABASE_URL preview --force --token=${{ env.VERCEL_TOKEN }} | ||
| - uses: amondnet/vercel-action@v25 #deploy | ||
| name: Deploy Unprice auth to Vercel | ||
| id: deploy-auth | ||
| with: | ||
| vercel-token: ${{ env.VERCEL_TOKEN }} # Required | ||
| vercel-org-id: ${{ env.VERCEL_ORG_ID}} #Required | ||
| vercel-project-id: ${{ env.VERCEL_PROJECT_AUTH_UNPRICE_ID }} #Required | ||
| # always prod because the auth proxy link has to be stable | ||
| vercel-args: '--env VERCEL_ENV=production --env VERCEL=true --env NODE_ENV=production --prod' | ||
| working-directory: ./ | ||
| # deploy preview unprice to vercel | ||
| - uses: amondnet/vercel-action@v25 #deploy | ||
| name: Deploy Preview Unprice to Vercel | ||
| id: deploy-unprice | ||
| with: | ||
| vercel-token: ${{ env.VERCEL_TOKEN }} # Required | ||
| vercel-org-id: ${{ env.VERCEL_ORG_ID}} #Required | ||
| vercel-project-id: ${{ env.VERCEL_PROJECT_UNPRICE_ID}} #Required | ||
| working-directory: ./ | ||
| vercel-args: '--env VERCEL=true --env NODE_ENV=production --env VERCEL_ENV=preview --env DATABASE_URL=${{ steps.create-branch.outputs.db_url_with_pooler }}' | ||
| # - name: Build Project Artifacts | ||
| # run: vercel build --token=${{ env.VERCEL_TOKEN }} --yes | ||
| # - name: Deploy Preview Unprice to Vercel | ||
| # id: deploy | ||
| # run: echo preview_url=$(vercel deploy --prebuilt --token=${{ env.VERCEL_TOKEN }}) >> $GITHUB_OUTPUT | ||
| - name: Delete Secret | ||
| if: always() | ||
| run: | | ||
| rm -rf .env || true | ||
