Skip to content

Firebase Deploy Prod #23

Firebase Deploy Prod

Firebase Deploy Prod #23

name: Firebase Deploy Prod
on:
workflow_dispatch:
release:
types:
- published
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}-Prod
cancel-in-progress: true
jobs:
deploy:
timeout-minutes: 30
runs-on: ubuntu-latest
permissions: # for KoheiKanagu/composite-actions/setup-firebase-cli@main
id-token: write
contents: read
steps:
### Setup ###
- uses: actions/checkout@v4
- name: Setup Firebase CLI
uses: KoheiKanagu/composite-actions/setup-firebase-cli@main
with:
workload_identity_provider: ${{ vars.WORKLOAD_IDENTITY_PROVIDER_PROD }}
service_account: ${{ vars.SERVICE_ACCOUNT_PROD }}
- run: |
firebase use prod --debug
- name: Install dependencies
run: npm ci
working-directory: firebase/functions
### Deploy ###
- name: Deploy Mail Templates
working-directory: firebase/functions
run: |
# https://github.com/firebase/firebase-admin-node/issues/1377
# Workaround for the issue above
echo ${{ secrets.FIREBASE_ADMIN_SDK_SERVICE_ACCOUNT_PROD }} | base64 --decode > service-account.json
# GOOGLE_APPLICATION_CREDENTIALS is only used in the current shell
export GOOGLE_APPLICATION_CREDENTIALS=$GITHUB_WORKSPACE/firebase/functions/service-account.json
npx tsx scripts/set-mail-templates.ts --force
npx tsx scripts/set-service-status-up.ts --force
- name: Firebase Deploy
run: |
firebase deploy --force --except extensions
### Cleanup ###
- name: Cleanup
if: always()
run: |
rm -f service-account.json