-
Notifications
You must be signed in to change notification settings - Fork 512
240 lines (194 loc) · 9.11 KB
/
dev-build.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
name: Dev Build
# NOTE! This is the *DEV* workflow.
# Keep in mind that much of the configuration is repeated in `prod-build.yml`
# and `stage-build.yml`
#
# For a complete picture of all environments, see:
#
# https://docs.google.com/spreadsheets/d/1VnnEl-iTtKYmlyN02FiEXygxZCgE4o_ZO8wSleebne4/edit?usp=sharing
#
# NOTE! Unlike prod and stage, this work only works on manual dispatch
on:
workflow_dispatch:
inputs:
notes:
description: "Notes"
required: false
default: ""
# This is very useful when combined with the "Use workflow from"
# feature that is built into the "Run workflow" button on
# https://github.com/mdn/yari/actions?query=workflow%3A%22Production+Build%22
# If you override the deployment prefix to something like the name
# of the branch, you can deploy that entire branch to its own prefix
# in S3 which means that it can be fully hosted as its own site.
deployment_prefix:
description: "Deployment prefix"
required: false
default: "main"
log_each_successful_upload:
description: "Deployer logs each success"
required: false
default: "false"
jobs:
build:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/checkout@v4
with:
repository: mdn/content
path: mdn/content
# Yes, this means fetch EVERY COMMIT EVER.
# It's probably not sustainable in the far future (e.g. past 2021)
# but for now it's good enough. We'll need all the history
# so we can figure out each document's last-modified date.
fetch-depth: 0
- uses: actions/checkout@v4
with:
repository: mdn/translated-content
path: mdn/translated-content
# See matching warning for mdn/content checkout step
fetch-depth: 0
- uses: actions/checkout@v4
with:
repository: mdn/mdn-contributor-spotlight
path: mdn/mdn-contributor-spotlight
- name: Setup Node.js environment
uses: actions/setup-node@v4
with:
node-version-file: ".nvmrc"
cache: yarn
- name: Install all yarn packages
run: yarn --frozen-lockfile
env:
# https://github.com/microsoft/vscode-ripgrep#github-api-limit-note
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Install Python
uses: actions/setup-python@v5
with:
python-version: "3.10"
- name: Install Python poetry
uses: snok/install-poetry@v1
- name: Install deployer
run: |
cd deployer
poetry install
- name: Display Python & Poetry version
run: |
python --version
poetry --version
- name: Print information about build
run: |
echo "notes: ${{ github.event.inputs.notes }}"
echo "log_each_successful_upload: ${{ github.event.inputs.log_each_successful_upload }}"
echo "deployment_prefix: ${{ github.event.inputs.deployment_prefix }}"
- name: Print information about CPU
run: cat /proc/cpuinfo
- name: Build everything
env:
# Remember, the mdn/content repo got cloned into `pwd` into a
# sub-folder called "mdn/content"
CONTENT_ROOT: ${{ github.workspace }}/mdn/content/files
CONTENT_TRANSLATED_ROOT: ${{ github.workspace }}/mdn/translated-content/files
CONTRIBUTOR_SPOTLIGHT_ROOT: ${{ github.workspace }}/mdn/mdn-contributor-spotlight/contributors
# This basically means that all live-sample iframes run on the same
# host as the page that includes the iframe. Not great security but the
# context is that this is Dev and it's not connected to a real backend.
BUILD_LIVE_SAMPLES_BASE_URL: ""
# Now is not the time to worry about flaws.
BUILD_FLAW_LEVELS: "*:ignore"
# Uncomment when hacking on this workflow. It means the `yarn build`
# finishes much sooner, which can be helpful debugging the other stuff
# the workflow needs to do.
# BUILD_FOLDERSEARCH: web/html
# This just makes sure the Google Analytics script gets used even if
# it goes nowhere.
BUILD_GOOGLE_ANALYTICS_MEASUREMENT_ID: G-XXXXXXXX
# This removes the ability to sign in
REACT_APP_DISABLE_AUTH: true
run: |
set -eo pipefail
# Info about which CONTENT_* environment variables were set and to what.
echo "CONTENT_ROOT=$CONTENT_ROOT"
echo "CONTENT_TRANSLATED_ROOT=$CONTENT_TRANSLATED_ROOT"
yarn build:prepare
yarn tool sync-translated-content
# Spread the work across 2 processes. Why 2? Because that's what you
# get in the default GitHub hosting Linux runners.
# See https://docs.github.com/en/actions/using-github-hosted-runners/about-github-hosted-runners#supported-runners-and-hardware-resources
yarn build:docs --locale en-us --locale ja --locale fr &
build1=$!
yarn build:docs --not-locale en-us --not-locale ja --not-locale fr &
build2=$!
# You must explicitly specify the job you're waiting-on to ensure
# that the exit status of the wait command reflects the exit status
# of the job it's waiting-on.
wait $build1
wait $build2
# TODO: When the deployer is available this is where we
# would upload the whole content of client/build
du -sh client/build
# Generate sitemap index file
yarn build --sitemap-index
# SSR all pages
yarn render:html
# Generate whatsdeployed files.
yarn tool whatsdeployed --output client/build/_whatsdeployed/code.json
yarn tool whatsdeployed $CONTENT_ROOT --output client/build/_whatsdeployed/content.json
yarn tool whatsdeployed $CONTENT_TRANSLATED_ROOT --output client/build/_whatsdeployed/translated-content.json
# Sort DE search index by en-US popularity.
node scripts/reorder-search-index.mjs client/build/en-us/search-index.json client/build/de/search-index.json
- name: Deploy with deployer
env:
# Set the CONTENT_ROOT first
CONTENT_ROOT: ${{ github.workspace }}/mdn/content/files
CONTENT_TRANSLATED_ROOT: ${{ github.workspace }}/mdn/translated-content/files
DEPLOYER_BUCKET_NAME: mdn-content-dev
DEPLOYER_BUCKET_PREFIX: ${{ github.event.inputs.deployment_prefix }}
DEPLOYER_LOG_EACH_SUCCESSFUL_UPLOAD: ${{ github.event.inputs.log_each_successful_upload }}
AWS_ACCESS_KEY_ID: ${{ secrets.DEPLOYER_STAGE_AND_DEV_AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.DEPLOYER_STAGE_AND_DEV_AWS_SECRET_ACCESS_KEY }}
DEPLOYER_ELASTICSEARCH_URL: ${{ secrets.DEPLOYER_DEV_ELASTICSEARCH_URL }}
run: |
if [ ${{ github.event.inputs.translated_content }} == "true" ]; then
echo "Will build mdn/translated-content too"
export CONTENT_TRANSLATED_ROOT=${{ github.workspace }}/mdn/translated-content/files
else
echo "Will NOT build mdn/translated-content too"
fi
# Info about which CONTENT_* environment variables were set and to what.
echo "CONTENT_ROOT=$CONTENT_ROOT"
echo "CONTENT_TRANSLATED_ROOT=$CONTENT_TRANSLATED_ROOT"
cd deployer
# XXX would be nice to validate here that $DEPLOYER_BUCKET_PREFIX is truthy
echo "DEPLOYER_BUCKET_PREFIX=$DEPLOYER_BUCKET_PREFIX"
poetry run deployer upload --prune ../client/build
poetry run deployer search-index ../client/build
- name: Configure AWS Credentials
uses: aws-actions/[email protected]
with:
aws-access-key-id: ${{ secrets.DEPLOYER_STAGE_AND_DEV_AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.DEPLOYER_STAGE_AND_DEV_AWS_SECRET_ACCESS_KEY }}
aws-region: us-east-1
- name: Invalidate CDN
env:
DISTRIBUTION: E9813D0RN1QZI
PATHS: /*
run: aws cloudfront create-invalidation --distribution-id "$DISTRIBUTION" --paths "$PATHS"
- name: Notify PRs about deployment
run: |
gh pr list -S "$GITHUB_SHA -is:merged" --json number --jq '.[].number' | xargs -i gh pr comment {} --body "Dev build for $GITHUB_SHA was deployed to: $DEPLOYMENT_URL" || true
env:
DEPLOYMENT_URL: https://${{ github.event.inputs.deployment_prefix }}.content.dev.mdn.mozit.cloud/
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Slack Notification
if: failure()
uses: rtCamp/action-slack-notify@v2
env:
SLACK_CHANNEL: mdn-notifications
SLACK_COLOR: ${{ job.status }}
SLACK_ICON: https://avatars.slack-edge.com/2020-11-17/1513880588420_fedd7f0e9456888e69ff_96.png
SLACK_TITLE: "Dev"
SLACK_MESSAGE: "Build failed :broken_heart:"
SLACK_FOOTER: "Powered by dev-build.yml"
SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }}