chore: gha vercel production deployment #1
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Deploy Production environment on Vercel and Publish Docker image | |
on: | |
push: | |
branches: ['main'] | |
env: | |
REGISTRY: ghcr.io | |
IMAGE_NAME: ${{ github.repository }} | |
jobs: | |
vercel-job: | |
runs-on: ubuntu-latest | |
# Update the "Production" environment with the Vercel deployed URL | |
environment: | |
name: Production | |
url: ${{ steps.vercel-deploy.outputs.deployment_url }} | |
steps: | |
- uses: actions/setup-node@v4 | |
- uses: actions/checkout@v4 | |
- id: vercel-deploy | |
run: | | |
npx -y vercel deploy --target=production --token=${{ secrets.VERCEL_TOKEN }} \ | |
--build-env MDX=docs \ | |
--build-env NEXT_PUBLIC_LIBNAME="Poimandres" \ | |
--build-env NEXT_PUBLIC_LIBNAME_SHORT="pmndrs" \ | |
--build-env BASE_PATH= \ | |
--build-env DIST_DIR= \ | |
--build-env OUTPUT= \ | |
--build-env HOME_REDIRECT= \ | |
--build-env MDX_BASEURL="https://github.com/${{ github.repository }}/raw/${{ github.head_ref }}/docs" \ | |
--build-env EDIT_BASEURL="https://github.com/${{ github.repository }}/edit/${{ github.head_ref }}/docs" \ | |
--build-env NEXT_PUBLIC_URL="$VERCEL_PROJECT_PRODUCTION_URL" \ | |
--build-env ICON= \ | |
--build-env LOGO=gutenberg.jpg \ | |
> deployment-url.txt | |
echo "deployment_url=$(cat deployment-url.txt)" >> $GITHUB_OUTPUT | |
env: | |
VERCEL_ORG_ID: ${{ secrets.VERCEL_ORG_ID }} | |
VERCEL_PROJECT_ID: ${{ secrets.VERCEL_PROJECT_ID }} | |
# https://docs.github.com/en/actions/publishing-packages/publishing-docker-images#publishing-images-to-github-packages | |
build-and-push-image: | |
runs-on: ubuntu-latest | |
permissions: | |
contents: write # 'write' required for semantic-release-action | |
packages: write | |
attestations: write | |
id-token: write | |
steps: | |
- name: Checkout repository | |
uses: actions/checkout@v4 | |
- name: Log in to the Container registry | |
uses: docker/login-action@v3 | |
with: | |
registry: ${{ env.REGISTRY }} | |
username: ${{ github.actor }} | |
password: ${{ secrets.GITHUB_TOKEN }} | |
# will generate a git tag => then, used by docker/metadata-action | |
- name: Semantic Release | |
id: semantic_release | |
uses: cycjimmy/semantic-release-action@v4 | |
with: | |
semantic_version: 24 | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
- name: Extract metadata (tags, labels) for Docker | |
id: meta | |
uses: docker/metadata-action@v5 | |
with: | |
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} | |
- name: Build and push Docker image | |
id: push | |
uses: docker/build-push-action@v6 | |
with: | |
context: . | |
push: true | |
tags: ${{ steps.meta.outputs.tags }} | |
labels: ${{ steps.meta.outputs.labels }} | |
- name: Generate artifact attestation | |
uses: actions/attest-build-provenance@v1 | |
with: | |
subject-name: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME}} | |
subject-digest: ${{ steps.push.outputs.digest }} | |
push-to-registry: true |