-
Notifications
You must be signed in to change notification settings - Fork 0
108 lines (95 loc) · 3.68 KB
/
branch-deploy.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
name: branch-deploy
on:
issue_comment:
types: [ created ]
# Permissions needed for reacting and adding comments for IssueOps commands
permissions:
pull-requests: write
deployments: write
contents: write
checks: read
jobs:
branch-deploy:
name: branch-deploy
if: # only run on pull request comments and very specific comment body string as defined in our branch-deploy settings
${{ github.event.issue.pull_request &&
(startsWith(github.event.comment.body, '.deploy') ||
startsWith(github.event.comment.body, '.noop') ||
startsWith(github.event.comment.body, '.lock') ||
startsWith(github.event.comment.body, '.help') ||
startsWith(github.event.comment.body, '.wcid') ||
startsWith(github.event.comment.body, '.unlock')) }}
runs-on: ubuntu-latest
steps:
- name: branch-deploy
id: branch-deploy
uses: github/branch-deploy@v9
with:
trigger: ".deploy"
environment: production
environment_targets: production
production_environments: production
sticky_locks: "true"
admins: "GrantBirki"
- name: checkout
if: steps.branch-deploy.outputs.continue == 'true'
uses: actions/checkout@v4
with:
ref: ${{ steps.branch-deploy.outputs.ref }}
- uses: actions/setup-python@v5
if: steps.branch-deploy.outputs.continue == 'true'
with:
python-version: '3.10'
cache: 'pip'
- name: install requirements
if: steps.branch-deploy.outputs.continue == 'true'
run: pip install -r requirements.txt
- name: force-check
id: force-check
if: ${{ steps.branch-deploy.outputs.continue == 'true' }}
env:
PARAMS: ${{ steps.branch-deploy.outputs.params }}
# check to see if the string FORCE=true exists in the params
# we always use force set to true for noop deploys
run: |
if [[ $PARAMS == *"FORCE=true"* ]]; then
echo "force=Yes" >> $GITHUB_OUTPUT
echo "WARNING: force flag detected, this will use the force deploy mode with octodns"
else
echo "force=No" >> $GITHUB_OUTPUT
echo "no force flag detected"
fi
if [ "${{ steps.branch-deploy.outputs.noop }}" == "true" ]; then
echo "force=Yes" >> $GITHUB_OUTPUT
echo "force flag set by default for noop deploys"
fi
# noop deployment
# force is always set to true for noop deploys
- name: noop-check
if: ${{ steps.branch-deploy.outputs.continue == 'true' }}
id: noop-check
# set the doit environment variable based on the value of noop (true or false)
run: |
if [ "${{ steps.branch-deploy.outputs.noop }}" == "true" ]; then
echo "doit=false" >> $GITHUB_OUTPUT
echo "this is a noop deployment"
else
echo "doit=--doit" >> $GITHUB_OUTPUT
echo "this is a deployment"
fi
- uses: grantbirki/octodns-action@v1
id: octodns
if: ${{ steps.branch-deploy.outputs.continue == 'true' }}
with:
config_path: production.yaml
doit: ${{ steps.noop-check.outputs.doit }}
force: ${{ steps.force-check.outputs.force }}
env:
CLOUDFLARE_ACCOUNT_ID: ${{ secrets.CLOUDFLARE_ACCOUNT_ID }}
CLOUDFLARE_TOKEN: ${{ secrets.CLOUDFLARE_TOKEN }}
- name: update deploy comment
if: ${{ steps.branch-deploy.outputs.continue == 'true' }}
env:
MSG: ${{ steps.octodns.outputs.plan }}
run: |
python script/ci/update_deploy_msg.py