Publish #346
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Publish | |
| on: | |
| schedule: | |
| # Build daily (just a random early UTC time, that isn't around the hour. GA schedule event can be delayed during periods of high loads of actions runs, which include the start of every hour. If load is sufficiently high, some jobs may be dropped. Schedule running at a different time of the hour) | |
| # * is a special character in YAML so you have to quote this string | |
| # 4:06 UTC = 10pm CST | |
| - cron: '6 4 * * *' | |
| push: | |
| workflow_dispatch: | |
| # Cancel in progress if making multiple prs or pushes to a branch. | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.ref }} | |
| cancel-in-progress: true | |
| jobs: | |
| deploy: | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: read | |
| deployments: write | |
| steps: | |
| - name: Determine environment | |
| id: determine_env | |
| run: | | |
| if [[ ${{ github.ref }} == 'refs/heads/prod' ]]; then | |
| echo "ENV=prod" >> $GITHUB_OUTPUT | |
| elif [[ ${{ github.ref }} == 'refs/heads/qa' ]]; then | |
| echo "ENV=qa" >> $GITHUB_OUTPUT | |
| else | |
| echo "ENV=dev" >> $GITHUB_OUTPUT | |
| fi | |
| - name: Load env vars | |
| uses: 1password/load-secrets-action@v1 | |
| with: | |
| # Export loaded secrets as environment variables | |
| export-env: true | |
| env: | |
| OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }} | |
| CLOUDFLARE_ACCOUNT_ID: "op://DevOps/cloudflare-worker-deploy-token/CF_ACCOUNT_ID" | |
| CLOUDFLARE_API_TOKEN: "op://DevOps/cloudflare-worker-deploy-token/CF_API_TOKEN" | |
| WORDPRESS_REST_MENU_ENDPOINT: "op://DevOps/biel-env-vars/${{ steps.determine_env.outputs.ENV }}/${{ steps.determine_env.outputs.ENV }}-rest-menu-endpoint" | |
| CMS_URL: "op://DevOps/biel-env-vars/${{ steps.determine_env.outputs.ENV }}/${{ steps.determine_env.outputs.ENV }}-cms-url" | |
| SITE_URL: "op://DevOps/biel-env-vars/${{ steps.determine_env.outputs.ENV }}/${{ steps.determine_env.outputs.ENV }}-site-url" | |
| WORDPRESS_GQL_URL: "op://DevOps/biel-env-vars/${{ steps.determine_env.outputs.ENV }}/${{ steps.determine_env.outputs.ENV }}-graphql-url" | |
| PUBLIC_DATA_API_URL: "op://DevOps/biel-env-vars/${{ steps.determine_env.outputs.ENV }}/${{ steps.determine_env.outputs.ENV }}-public-data-api-url" | |
| TURNSTILE_PUBLIC_KEY: "op://DevOps/biel-env-vars/common/turnstile-public-key" | |
| - name: set prod variables | |
| uses: 1password/load-secrets-action@v1 | |
| with: | |
| # Export loaded secrets as environment variables | |
| export-env: true | |
| if: github.ref == 'refs/heads/prod' | |
| env: | |
| OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }} | |
| CMS_URL: "op://DevOps/biel-env-vars/prod/prod-cms-url" | |
| SITE_URL: "op://DevOps/biel-env-vars/prod/prod-site-url" | |
| WORDPRESS_GQL_URL: "op://DevOps/biel-env-vars/prod/prod-graphql-url" | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: get pnpm | |
| uses: pnpm/action-setup@v2 | |
| with: | |
| version: 9.13.2 | |
| - name: setup node | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: "23" | |
| cache: pnpm | |
| - name: Upgrade JS dependencies | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: "23" | |
| cache: pnpm | |
| - name: Install JS dependencies and build | |
| run: | | |
| pnpm install --frozen-lockfile && pnpm build | |
| env: | |
| NODE_OPTIONS: --max_old_space_size=4096 | |
| TURNSTILE_PUBLIC_KEY: ${{ env.TURNSTILE_PUBLIC_KEY }} | |
| IS_MAIN_BRANCH: ${{ github.ref == 'refs/heads/prod' }} | |
| - name: Purge extra css | |
| run: | | |
| pnpm run purgecss | |
| - name: Generate Pagefind index | |
| run: | | |
| pnpm run pagefind | |
| env: | |
| CMS_URL: ${{ env.CMS_URL }} | |
| SITE_URL: ${{ env.SITE_URL }} | |
| WORDPRESS_GQL_URL: ${{ env.WORDPRESS_GQL_URL }} | |
| PUBLIC_DATA_API_URL: ${{ env.PUBLIC_DATA_API_URL }} | |
| - name: Install Playwright Browsers | |
| run: pnpm exec playwright install --with-deps | |
| # Can skip them if dispatching manually on any branch but prod | |
| if: github.event_name != 'workflow_dispatch' || github.ref == 'refs/heads/prod' | |
| - name: Run Playwright tests | |
| run: pnpm exec playwright test | |
| - uses: actions/upload-artifact@v4 | |
| if: ${{ !cancelled() }} | |
| with: | |
| name: playwright-report | |
| path: playwright-report/ | |
| retention-days: 30 | |
| - name: Publish | |
| uses: cloudflare/wrangler-action@v3 | |
| with: | |
| apiToken: ${{ env.CLOUDFLARE_API_TOKEN }} | |
| accountId: ${{ env.CLOUDFLARE_ACCOUNT_ID }} | |
| command: pages deploy dist --project-name=headless-biel --upload-source-maps=true |