update workflows #58
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: branch-deploy | |
on: | |
issue_comment: | |
types: [ created ] | |
# Permissions needed for reacting and adding comments for IssueOps commands | |
permissions: | |
pull-requests: write | |
deployments: write | |
contents: write | |
checks: read | |
jobs: | |
branch-deploy: | |
name: branch-deploy | |
if: # only run on pull request comments and very specific comment body string as defined in our branch-deploy settings | |
${{ github.event.issue.pull_request && | |
(startsWith(github.event.comment.body, '.deploy') || | |
startsWith(github.event.comment.body, '.noop') || | |
startsWith(github.event.comment.body, '.lock') || | |
startsWith(github.event.comment.body, '.help') || | |
startsWith(github.event.comment.body, '.wcid') || | |
startsWith(github.event.comment.body, '.unlock')) }} | |
runs-on: ubuntu-latest | |
steps: | |
- name: branch-deploy | |
id: branch-deploy | |
uses: github/branch-deploy@v9 | |
with: | |
trigger: ".deploy" | |
environment: production | |
environment_targets: production | |
production_environments: production | |
sticky_locks: "true" | |
admins: "GrantBirki" | |
- name: checkout | |
if: steps.branch-deploy.outputs.continue == 'true' | |
uses: actions/checkout@v4 | |
with: | |
ref: ${{ steps.branch-deploy.outputs.ref }} | |
- uses: actions/setup-python@v5 | |
if: steps.branch-deploy.outputs.continue == 'true' | |
with: | |
python-version: '3.10' | |
cache: 'pip' | |
- name: install requirements | |
if: steps.branch-deploy.outputs.continue == 'true' | |
run: pip install -r requirements.txt | |
- name: force-check | |
id: force-check | |
if: ${{ steps.branch-deploy.outputs.continue == 'true' }} | |
env: | |
PARAMS: ${{ steps.branch-deploy.outputs.params }} | |
# check to see if the string FORCE=true exists in the params | |
# we always use force set to true for noop deploys | |
run: | | |
if [[ $PARAMS == *"FORCE=true"* ]]; then | |
echo "force=Yes" >> $GITHUB_OUTPUT | |
echo "WARNING: force flag detected, this will use the force deploy mode with octodns" | |
else | |
echo "force=No" >> $GITHUB_OUTPUT | |
echo "no force flag detected" | |
fi | |
if [ "${{ steps.branch-deploy.outputs.noop }}" == "true" ]; then | |
echo "force=Yes" >> $GITHUB_OUTPUT | |
echo "force flag set by default for noop deploys" | |
fi | |
# noop deployment | |
# force is always set to true for noop deploys | |
- name: noop-check | |
if: ${{ steps.branch-deploy.outputs.continue == 'true' }} | |
id: noop-check | |
# set the doit environment variable based on the value of noop (true or false) | |
run: | | |
if [ "${{ steps.branch-deploy.outputs.noop }}" == "true" ]; then | |
echo "doit=false" >> $GITHUB_OUTPUT | |
echo "this is a noop deployment" | |
else | |
echo "doit=--doit" >> $GITHUB_OUTPUT | |
echo "this is a deployment" | |
fi | |
- uses: grantbirki/octodns-action@v1 | |
id: octodns | |
if: ${{ steps.branch-deploy.outputs.continue == 'true' }} | |
with: | |
config_path: production.yaml | |
doit: ${{ steps.noop-check.outputs.doit }} | |
force: ${{ steps.force-check.outputs.force }} | |
env: | |
CLOUDFLARE_ACCOUNT_ID: ${{ secrets.CLOUDFLARE_ACCOUNT_ID }} | |
CLOUDFLARE_TOKEN: ${{ secrets.CLOUDFLARE_TOKEN }} | |
- name: update deploy comment | |
if: ${{ steps.branch-deploy.outputs.continue == 'true' }} | |
env: | |
MSG: ${{ steps.octodns.outputs.plan }} | |
run: | | |
python script/ci/update_deploy_msg.py |