Deploy preview for PR #35
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Deploy preview for PR | |
| on: | |
| workflow_run: | |
| workflows: | |
| - "Build preview for PR" | |
| types: | |
| - completed | |
| permissions: | |
| contents: read | |
| id-token: write | |
| pull-requests: write | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.event.workflow_run.head_branch }} | |
| cancel-in-progress: false | |
| env: | |
| HUGO_BASEURL: "https://preview-developer.espressif.com/" | |
| jobs: | |
| deploy-preview: | |
| runs-on: ubuntu-latest | |
| if: > | |
| github.event.workflow_run.event == 'pull_request' && | |
| github.event.workflow_run.conclusion == 'success' | |
| steps: | |
| - name: Download artifacts (PR number file) | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: pr-num | |
| path: ./ | |
| run-id: ${{ github.event.workflow_run.id }} | |
| github-token: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Read PR number from file | |
| id: read-pr-num | |
| run: | | |
| echo "PR_NUMBER=$(cat pr-num.txt)" >> $GITHUB_ENV | |
| echo ${{ env.PR_NUMBER }} | |
| - name: Check if checksums-s3.txt is in S3 bucket | |
| id: download-checksums-s3 | |
| run: | | |
| if aws s3 ls s3://${{ secrets.PREVIEW_AWS_BUCKET_NAME }}/pr${{ env.PR_NUMBER }}/checksums-s3.txt; then | |
| checksums_exists=true | |
| else | |
| checksums_exists=false | |
| fi | |
| echo "checksums-exists=$checksums_exists" >> $GITHUB_ENV | |
| echo "checksums-exists=$checksums_exists" # Print for debugging | |
| env: | |
| AWS_S3_BUCKET: ${{ secrets.PREVIEW_AWS_BUCKET_NAME }} | |
| AWS_REGION: ${{ secrets.AWS_REGION }} | |
| AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| - name: Download checksums-ci.txt from artifacts | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: checksums-ci | |
| path: ./ | |
| run-id: ${{ github.event.workflow_run.id }} | |
| github-token: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Print checksums-ci.txt for inspection | |
| run: | | |
| echo "Contents of checksums-ci.txt:" | |
| cat checksums-ci.txt | |
| - name: Download checksums-s3.txt from S3 bucket | |
| if: env.checksums-exists == 'true' | |
| run: | | |
| aws s3 cp s3://${{ secrets.PREVIEW_AWS_BUCKET_NAME }}/pr${{ env.PR_NUMBER }}/checksums-s3.txt ./checksums-s3.txt || touch ./checksums-s3.txt | |
| env: | |
| AWS_S3_BUCKET: ${{ secrets.PREVIEW_AWS_BUCKET_NAME }} | |
| AWS_REGION: ${{ secrets.AWS_REGION }} | |
| AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| - name: Print checksums-s3.txt for inspection | |
| if: env.checksums-exists == 'true' | |
| run: | | |
| echo "Contents of checksums-s3.txt:" | |
| cat checksums-s3.txt | |
| # Files were uploaded to pr7/public | |
| # If ./checksums-s3.txt doesn't exist, use jakejarvis/s3-sync-action to deploy files and also generate and deploy checksums-s3.txt | |
| - name: Download artifacts (Public folder) | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: public-folder | |
| path: ./public | |
| run-id: ${{ github.event.workflow_run.id }} | |
| github-token: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Compare checksums and update local folder | |
| if: env.checksums-exists == 'true' | |
| run: | | |
| mkdir -p ./local-sync | |
| # Find outdated files and remove them (unique checksums in checksums-s3.txt) | |
| comm -23 checksums-s3.txt checksums-ci.txt | awk '{print $1}' > outdated-files.txt | |
| if [ -s outdated-files.txt ]; then | |
| echo "Removing outdated files from S3:" | |
| cat outdated-files.txt | |
| for file in $(cat outdated-files.txt); do | |
| aws s3 rm s3://${{ secrets.PREVIEW_AWS_BUCKET_NAME }}/pr${{ env.PR_NUMBER }}/$file | |
| done | |
| fi | |
| # Copy updated files to the local folder (unique checksums in checksums-ci.txt) | |
| comm -13 checksums-s3.txt checksums-ci.txt | awk '{print $1}' > updated-files.txt | |
| if [ -s updated-files.txt ]; then | |
| echo "Copying updated files to local sync folder:" | |
| cat updated-files.txt | |
| for file in $(cat updated-files.txt); do | |
| mkdir -p ./local-sync/$(dirname "$file") | |
| cp $file ./local-sync/$file | |
| done | |
| fi | |
| env: | |
| AWS_S3_BUCKET: ${{ secrets.PREVIEW_AWS_BUCKET_NAME }} | |
| AWS_REGION: ${{ secrets.AWS_REGION }} | |
| AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| - name: Copy checksums to local-sync and public folders | |
| run: | | |
| # Ensure checksums-ci.txt is in the local sync folder | |
| mkdir -p ./local-sync | |
| cp checksums-ci.txt ./local-sync/checksums-s3.txt | |
| cp checksums-ci.txt ./public/checksums-s3.txt | |
| env: | |
| AWS_S3_BUCKET: ${{ secrets.PREVIEW_AWS_BUCKET_NAME }} | |
| AWS_REGION: ${{ secrets.AWS_REGION }} | |
| AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| - name: Sync local folder with S3 bucket (local-sync) | |
| if: env.checksums-exists == 'true' | |
| uses: jakejarvis/s3-sync-action@master | |
| with: | |
| args: --follow-symlinks --delete --cache-control no-cache | |
| env: | |
| AWS_S3_BUCKET: ${{ secrets.PREVIEW_AWS_BUCKET_NAME }} | |
| SOURCE_DIR: './local-sync' | |
| DEST_DIR: "pr${{ env.PR_NUMBER }}" | |
| AWS_REGION: ${{ secrets.AWS_REGION }} | |
| AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| - name: Sync public folder with S3 bucket (public) | |
| if: env.checksums-exists == 'false' | |
| uses: jakejarvis/s3-sync-action@master | |
| with: | |
| args: --follow-symlinks --delete --cache-control no-cache | |
| env: | |
| AWS_S3_BUCKET: ${{ secrets.PREVIEW_AWS_BUCKET_NAME }} | |
| SOURCE_DIR: './public' | |
| DEST_DIR: "pr${{ env.PR_NUMBER }}" | |
| AWS_REGION: ${{ secrets.AWS_REGION }} | |
| AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| - name: Post Preview Link to PR | |
| uses: actions/github-script@v7 | |
| with: | |
| github-token: ${{ secrets.GITHUB_TOKEN }} | |
| script: | | |
| try { | |
| const { data: comments } = await github.rest.issues.listComments({ | |
| issue_number: ${{ env.PR_NUMBER }}, | |
| owner: context.repo.owner, | |
| repo: context.repo.repo | |
| }); | |
| // Define the comment body | |
| const commentBody = `🎉 A preview for this PR is available at: ${{ env.HUGO_BASEURL }}pr${{ env.PR_NUMBER }}/`; | |
| // Look for an existing comment containing the specific text | |
| const existingComment = comments.find(comment => | |
| comment.body.includes("🎉 A preview for this PR is available at:") | |
| ); | |
| if (existingComment) { | |
| // Delete the existing comment | |
| await github.rest.issues.deleteComment({ | |
| comment_id: existingComment.id, | |
| owner: context.repo.owner, | |
| repo: context.repo.repo | |
| }); | |
| } | |
| // Create a new comment | |
| await github.rest.issues.createComment({ | |
| issue_number: ${{ env.PR_NUMBER }}, | |
| owner: context.repo.owner, | |
| repo: context.repo.repo, | |
| body: commentBody | |
| }); | |
| } catch (error) { | |
| core.setFailed(`Failed to manage PR comment: ${error.message}`); | |
| } | |
| - name: Invalidate CloudFront cache for PR | |
| uses: chetan/invalidate-cloudfront-action@v2 | |
| env: | |
| PATHS: "/pr${{ env.PR_NUMBER }}/*" | |
| DISTRIBUTION: ${{ secrets.PREVIEW_CLOUDFRONT_DISTRIBUTION }} | |
| AWS_REGION: ${{ secrets.AWS_REGION }} | |
| AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} |