Skip to content

chore: slightly adjust perm test #2184

chore: slightly adjust perm test

chore: slightly adjust perm test #2184

Workflow file for this run

name: Deploy
on:
# allow manual dispatch
workflow_dispatch:
# run on pushes to master
push:
branches:
- master
- staging
paths-ignore:
- 'e2e/**'
concurrency:
group: ${{ github.ref }}
cancel-in-progress: true
env:
REGISTRY: ghcr.io
BRANCH_NAME: ${{ github.head_ref || github.ref_name }}
CI: true
jobs:
build:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
with:
submodules: true
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Get timestamp
id: timestamp
run: echo "timestamp=$(date +%s)" >> $GITHUB_OUTPUT
- name: Set up JDK
uses: actions/setup-java@v4
with:
java-version: 21
distribution: temurin
cache: 'maven'
- name: Set up Node
uses: actions/setup-node@v4
with:
node-version: '20'
- name: Set up pnpm
uses: pnpm/action-setup@v2
with:
version: 9
- name: Get pnpm store directory
id: pnpm-cache
shell: bash
run: |
echo "STORE_PATH=$(pnpm store path)" >> $GITHUB_OUTPUT
- name: Cache pnpm
uses: actions/cache@v4
with:
path: ${{ steps.pnpm-cache.outputs.STORE_PATH }}
key: ${{ runner.os }}-pnpm-store-${{ hashFiles('**/pnpm-lock.yaml') }}
restore-keys: |
${{ runner.os }}-pnpm-store-
- name: Cache Maven Deps
uses: actions/cache@v4
with:
path: $GITHUB_WORKSPACE/.m2/repository
key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}
restore-keys: |
${{ runner.os }}-maven-
- name: Build backend
working-directory: backend
run: mvn --batch-mode --errors --fail-at-end --show-version --no-transfer-progress install
- name: Install frontend deps
run: (cd frontend && pnpm install --frozen-lockfile)
- name: Lint frontend
run: (cd frontend && pnpm lint:oxlint && pnpm lint:eslint)
- name: Sync forth and back with crowdin
uses: crowdin/github-action@v2
with:
upload_sources: true
download_translations: true
push_translations: false
create_pull_request: false
skip_untranslated_strings: true
config: 'crowdin.yml'
crowdin_branch_name: master
env:
CROWDIN_PERSONAL_TOKEN: ${{ secrets.CROWDIN_PERSONAL_TOKEN }}
- name: Build frontend (prod)
if: ${{ github.ref == 'refs/heads/master' }}
run: (cd frontend && pnpm build)
env:
NODE_ENV: "production"
- name: Build frontend (staging)
if: ${{ github.ref == 'refs/heads/staging' }}
run: (cd frontend && pnpm buildStaging)
env:
NODE_ENV: "production"
- name: Login to registry
uses: docker/login-action@v3
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Extract metadata (tags, labels) for Docker (frontend)
id: frontend-meta
uses: docker/metadata-action@v5
with:
images: ${{ env.REGISTRY }}/${{ github.repository }}/frontend
tags: |
type=sha,enable=true,format=short,prefix=${{ env.BRANCH_NAME }}-,suffix=-${{ steps.timestamp.outputs.timestamp }}
type=raw,value=latest,enable={{is_default_branch}}
- name: Build and push frontend Dockerfile
uses: docker/build-push-action@v6
with:
context: .
file: chart/dockerfiles/frontend/Dockerfile
tags: ${{ steps.frontend-meta.outputs.tags }}
labels: ${{ steps.frontend-meta.outputs.labels }}
push: true
cache-from: type=gha
cache-to: type=gha,mode=max
- name: Extract metadata (tags, labels) for Docker (backend)
id: backend-meta
uses: docker/metadata-action@v5
with:
images: ${{ env.REGISTRY }}/${{ github.repository }}/backend
tags: |
type=sha,enable=true,format=short,prefix=${{ env.BRANCH_NAME }}-,suffix=-${{ steps.timestamp.outputs.timestamp }}
type=raw,value=latest,enable={{is_default_branch}}
- name: Build and push backend Dockerfile
uses: docker/build-push-action@v6
with:
context: .
file: chart/dockerfiles/backend/Dockerfile
tags: ${{ steps.backend-meta.outputs.tags }}
labels: ${{ steps.backend-meta.outputs.labels }}
push: true
cache-from: type=gha
cache-to: type=gha,mode=max