Skip to content

YALB-1576): Bug: CAS Restricted pages #1175

YALB-1576): Bug: CAS Restricted pages

YALB-1576): Bug: CAS Restricted pages #1175

name: Build, deploy and test
on:
pull_request:
branches-ignore:
- master
defaults:
run:
shell: bash
env:
TZ: "/usr/share/zoneinfo/America/Los_Angeles"
TERM: dumb
ADMIN_EMAIL: ${{ secrets.ADMIN_EMAIL }}
ADMIN_PASSWORD: ${{ secrets.ADMIN_PASSWORD }}
ADMIN_USERNAME: ${{ secrets.ADMIN_USERNAME }}
GITHUB_TOKEN: ${{ github.token }}
TERMINUS_TOKEN: ${{ secrets.TERMINUS_TOKEN }}
TEST_SITE_NAME: ${{ secrets.TERMINUS_SITE }}
CI_BRANCH: ${{ github.head_ref || github.ref_name }}
COMMIT_SHA: ${{ github.sha }}
CI_BUILD_NUMBER: ${{ github.run_number }}
DEFAULT_SITE: ${{ secrets.TERMINUS_SITE }}
SSH_PRIVATE_KEY: ${{ secrets.SSH_PRIVATE_KEY }}
GITHUB_OWNER: ${{ github.repository_owner }}
CI_PROJECT_NAME: ${{ github.repository }}
PR_NUMBER: ${{ github.event.number }}
CI_PULL_REQUEST: ${{ github.event.pull_request._links.html.href }}
jobs:
configure_env_vars:
container:
image: quay.io/pantheon-public/build-tools-ci:8.x-php8.1
options: --user root
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v3
with:
ref: ${{ github.head_ref || github.ref_name }}
- name: Set bash_env env var
run: echo BASH_ENV=${RUNNER_TEMP}/bash_env.txt >> $GITHUB_ENV
- name: Cache bash_env.txt
uses: actions/cache@v3
env:
cache-name: cache-bash-env
with:
path: ${{ env.BASH_ENV }}
key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ github.run_number }}
# Set TERMINUS_ENV and related environment variables.
# https://github.com/pantheon-systems/docker-build-tools-ci/blob/6.x/scripts/set-environment
- name: setup-environment-vars
run: |
if [ "$CI_BRANCH" != "master" ]; then
# Test vars not set means trigger = push.
if [ -z "$PR_NUMBER" ]; then
# Var not set means trigger = push.
export PR_NUMBER=`curl -u "${GITHUB_OWNER}:${GITHUB_TOKEN}" \
-H "Accept: application/vnd.github.groot-preview+json" \
"https://api.github.com/repos/${CI_PROJECT_NAME}/commits/${COMMIT_SHA}/pulls" | \
jq '.[0].number | select(.!=null)'`
fi
if [ -z "$CI_PULL_REQUEST" ]; then
export CI_PULL_REQUEST=`curl -u "${GITHUB_OWNER}:${GITHUB_TOKEN}" \
-H "Accept: application/vnd.github.groot-preview+json" \
"https://api.github.com/repos/${CI_PROJECT_NAME}/commits/${COMMIT_SHA}/pulls" | \
jq '.[0].html_url | select(.!=null)'`
fi
fi
export CI_PROJECT_REPONAME=${GITHUB_REPOSITORY#*/}
export CI_PROJECT_USERNAME=${GITHUB_REPOSITORY_OWNER}
/build-tools-ci/scripts/set-environment
GITHUB_WORKFLOW_URL=https://github.com/$GITHUB_REPOSITORY/actions/runs/$GITHUB_RUN_ID
echo "export CI_BUILD_URL='${GITHUB_WORKFLOW_URL}'" >> $BASH_ENV
echo "export CI_NODE_INDEX=0" >> $BASH_ENV
echo "export CI_REPOSITORY_URL='https://github.com/${GITHUB_REPOSITORY}'" >> $BASH_ENV
echo "export ARTIFACTS_DIR_URL='${GITHUB_WORKFLOW_URL}/#artifacts'" >> $BASH_ENV
static_tests:
container:
image: quay.io/pantheon-public/build-tools-ci:8.x-php8.1
options: --user root
runs-on: ubuntu-latest
env:
YALESITES_BUILD_TOKEN: ${{ secrets.YALESITES_BUILD_TOKEN }}
steps:
- name: Checkout
uses: actions/checkout@v3
with:
ref: ${{ github.head_ref || github.ref_name }}
- name: Cache composer cache
uses: actions/cache@v3
env:
cache-name: cache-composer-cache
with:
path: ~/.composer/cache
key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ hashFiles('**/composer.lock') }}
restore-keys: |
${{ runner.os }}-build-${{ env.cache-name }}-
${{ runner.os }}-build-
${{ runner.os }}-
# Set TERMINUS_ENV and related environment variables.
# https://github.com/pantheon-systems/docker-build-tools-ci/blob/6.x/scripts/set-environment
- name: setup-environment-vars
run: /build-tools-ci/scripts/set-environment
- name: Check for contrib dependencies in root composer.json
run: |
contrib_check=$(jq -r '.require | with_entries(select(.key | test("(drupal\/(?!core).*$)"))) | keys | join(", ")' ./composer.json)
if [ -n "$contrib_check" ]; then
echo "::error::$contrib_check found in /composer.json and should be moved to /web/profiles/custom/yalesites_profile/composer.json" && exit 1
fi
- name: run static tests
run: |
./.ci/test/static/run
deploy_to_pantheon:
container:
image: quay.io/pantheon-public/build-tools-ci:8.x-php8.1
options: --user root
runs-on: ubuntu-latest
needs: [configure_env_vars, static_tests]
steps:
- name: Checkout
uses: actions/checkout@v3
with:
ref: ${{ github.head_ref || github.ref_name }}
fetch-depth: 0
# Workaround for https://github.com/actions/runner/issues/2033
- name: Set git safe.directory
run: |
git config --global --add safe.directory "$GITHUB_WORKSPACE"
- name: Set bash_env env var
run: echo BASH_ENV=${RUNNER_TEMP}/bash_env.txt >> $GITHUB_ENV
- name: Cache bash_env.txt
uses: actions/cache@v3
env:
cache-name: cache-bash-env
with:
path: ${{ env.BASH_ENV }}
key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ github.run_number }}
restore-keys: |
${{ runner.os }}-build-${{ env.cache-name }}-
${{ runner.os }}-build-
${{ runner.os }}-
- name: Cache composer cache
uses: actions/cache@v3
env:
cache-name: cache-composer-cache
with:
path: ~/.composer/cache
key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ hashFiles('**/composer.lock') }}
restore-keys: |
${{ runner.os }}-build-${{ env.cache-name }}-
${{ runner.os }}-build-
${{ runner.os }}-
- name: Cache vendor folder
uses: actions/cache@v3
env:
cache-name: cache-vendor
with:
path: ./vendor
key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ hashFiles('**/composer.lock') }}
# - name: Cache web folder
# uses: actions/cache@v3
# env:
# cache-name: cache-web
# with:
# path: ./web
# key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ github.run_number }}
- name: Cache drush folder
uses: actions/cache@v3
env:
cache-name: cache-drush
with:
path: ./drush
key: ${{ runner.os }}-build-${{ env.cache-name }}
# Set TERMINUS_ENV and related environment variables.
# https://github.com/pantheon-systems/docker-build-tools-ci/blob/6.x/scripts/set-environment
- name: setup-environment-vars
run: /build-tools-ci/scripts/set-environment
- name: Use Node.js
uses: actions/setup-node@v3
with:
node-version: '16.13'
- name: build frontend components
env:
BRANCH: ${{ github.head_ref || github.ref_name }}
YALESITES_BUILD_TOKEN: ${{ secrets.YALESITES_BUILD_TOKEN }}
run: |
./.ci/build/build_frontend
# Deploy to Pantheon
- name: deploy to Pantheon
env:
GH_TOKEN: ${{ secrets.GH_TOKEN }}
run: |
echo "$SSH_PRIVATE_KEY" > ../private.key
chmod 600 ../private.key
eval `ssh-agent -s`
ssh-add ../private.key
source $BASH_ENV
./.ci/deploy/pantheon/dev-multidev