Skip to content
Pull Request Website Preview

Website: Bump the docusaurus group in /docs/website with 1 update #168

Sign in to view logs

Website: Bump the docusaurus group in /docs/website with 1 update

Website: Bump the docusaurus group in /docs/website with 1 update #168

Workflow file for this run

.github/workflows/pr-website.yaml at d115b88
name: Pull Request Website Preview
on:
# /!\ Warning: using the pull_request_target event to be able to read secrets. But using this event without the cautionary measures described below
# may allow unauthorized GitHub users to open a “pwn request” and exfiltrate secrets.
# As recommended in https://iterative.ai/blog/testing-external-contributions-using-github-actions-secrets,
# we are adding an 'authorize' job that checks if the workflow was triggered from a fork PR. In that case, the "external" environment
# will prevent the job from running until it's approved manually by human intervention.
pull_request_target:
types: [opened, synchronize, reopened, ready_for_review, closed]
branches: [ main ]
paths:
- 'docs/website/**'
- '.github/workflows/pr-website.yaml'
env:
ODO_LOG_LEVEL: "4"
ODO_TRACKING_CONSENT: "no"
IBM_CLOUD_API_KEY: ${{ secrets.IBM_CLOUD_API_KEY }}
IKS_CLUSTER: ${{ secrets.IBM_CLOUD_IKS_CLUSTER_FOR_WEBSITE_DEPLOY_PREVIEWS }}
DEPLOY_RESOURCE_NAME: "odo-dev-pr-${{ github.event.number }}"
NAMESPACE: "odo-dev-pr-${{ github.event.number }}"
PR_HEAD_SHA: ${{ github.event.pull_request.head.sha }}
PR_NUMBER: ${{ github.event.number }}
concurrency:
group: ${{ github.workflow }}-${{ github.event.number }}
cancel-in-progress: true
jobs:
authorize:
# The 'external' environment is configured with the odo-maintainers team as required reviewers.
# All the subsequent jobs in this workflow 'need' this job, which will require manual approval for PRs coming from external forks.
# TODO(rm3l): list of authorized users that do not require manual review comes from the maintainers team and various robot accounts that handle automation in the repo => find a better way not to hardcode this list!
environment:
${{ (github.event.pull_request.head.repo.full_name == github.repository ||
contains(fromJSON('["odo-robot[bot]", "dependabot[bot]", "openshift-ci[bot]", "openshift-merge-robot", "openshift-ci-robot", "feloy", "kadel", "rm3l", "valaparthvi", "ritudes"]'), github.actor)) &&
'internal' || 'external' }}
runs-on: ubuntu-latest
steps:
- run: echo ✓
build_odo:
runs-on: ubuntu-latest
needs: authorize
steps:
- uses: actions/checkout@v3
with:
ref: ${{ github.event.pull_request.head.sha || github.ref }}
- name: Setup Go
uses: actions/setup-go@v3
with:
go-version-file: 'go.mod'
- name: Build odo
run: make bin
- run: |
chmod +x ./odo
./odo version
- name: 'Upload odo'
uses: actions/upload-artifact@v3
with:
name: odo_bin
path: odo
retention-days: 1
if-no-files-found: error
deploy-preview:
if: ${{ github.event.pull_request.state == 'open' }}
needs: [authorize, build_odo]
permissions:
contents: read
pull-requests: write
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
with:
ref: ${{ github.event.pull_request.head.sha || github.ref }}
- name: Install IBM Cloud CLI
run: |
curl -fsSL https://clis.cloud.ibm.com/install/linux | sh
ibmcloud --version
ibmcloud config --check-version=false
ibmcloud plugin install -f kubernetes-service
- name: Authenticate with IBM Cloud CLI
run: |
ibmcloud login --apikey "${IBM_CLOUD_API_KEY}" --no-region --quiet
- name: Generate Kubeconfig
run: |
ibmcloud ks cluster config --cluster $IKS_CLUSTER
kubectl config current-context
- name: Get ingress domain
run: |
ingressDomain=$(ibmcloud ks cluster get --cluster $IKS_CLUSTER --output json | jq -r '.ingress.hostname')
if [[ -z "$ingressDomain" ]]; then
echo "Could not get ingress domain"
exit 1
fi
echo "DEPLOY_INGRESS_DOMAIN=$ingressDomain" >> "$GITHUB_ENV"
- name: Download odo from previous job
uses: actions/download-artifact@v3
with:
name: odo_bin
- name: Set odo in system path
run: |
mkdir -p "$HOME/.local/bin/"
mv ./odo "$HOME/.local/bin/odo"
chmod +x "$HOME/.local/bin/odo"
echo "$HOME/.local/bin" >> $GITHUB_PATH
- name: Create and set namespace
run: |
if odo list namespaces | grep "$NAMESPACE"; then
echo "Namespace $NAMESPACE already exists."
else
echo "Namespace $NAMESPACE *not* found => creating it."
odo create namespace "$NAMESPACE" --wait
fi
odo set namespace "$NAMESPACE"
- name: Login to Container Image Registry
uses: redhat-actions/podman-login@v1
with:
username: odo-dev+gh
password: ${{ secrets.REGISTRY_PASSWORD }}
registry: quay.io/odo-dev
- name: Set Image Registry in odo preference
# Setting this will make odo treat relative image names in the Devfile as a selector.
# See https://odo.dev/docs/development/devfile#how-odo-handles-image-names for more details.
run: |
odo preference set ImageRegistry quay.io/odo-dev --force
- name: Deploy with odo
run: |
cd docs/website/
odo deploy \
--var DEPLOY_RESOURCE_NAME \
--var DEPLOY_INGRESS_DOMAIN
- run: echo "PR_PREVIEW_URL=https://$DEPLOY_RESOURCE_NAME.$DEPLOY_INGRESS_DOMAIN/" >> "$GITHUB_ENV"
- name: Test access
run: |
wget --no-check-certificate \
--tries=20 \
--retry-on-host-error \
--retry-on-http-error=404,502,503 \
-S \
-O - \
"${{ env.PR_PREVIEW_URL }}" || exit 1
- name: Add PR comment with preview URL
uses: thollander/actions-comment-pull-request@v1
with:
message: |
### <span aria-hidden="true">✅</span> Deploy Preview on internal cluster ready!
| Name | Link |
|---------------------------------|------------------------|
|<span aria-hidden="true">🔨</span> Latest commit | ${{ env.PR_HEAD_SHA }} |
|<span aria-hidden="true">😎</span> Deploy Preview | [${{ env.PR_PREVIEW_URL }}](${{ env.PR_PREVIEW_URL }}) |
comment_includes: 'Deploy Preview'
pr_number: ${{ env.PR_NUMBER }}
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
reactions: rocket
delete_resources_for_pr:
if: ${{ github.event.pull_request.state == 'closed' }}
needs: [authorize, build_odo]
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
with:
ref: ${{ github.event.pull_request.head.sha || github.ref }}
- name: Download odo from previous job
uses: actions/download-artifact@v3
with:
name: odo_bin
- name: Set odo in system path
run: |
mkdir -p "$HOME/.local/bin/"
mv ./odo "$HOME/.local/bin/odo"
chmod +x "$HOME/.local/bin/odo"
echo "$HOME/.local/bin" >> $GITHUB_PATH
- name: Install IBM Cloud CLI
run: |
curl -fsSL https://clis.cloud.ibm.com/install/linux | sh
ibmcloud --version
ibmcloud config --check-version=false
ibmcloud plugin install -f kubernetes-service
- name: Authenticate with IBM Cloud CLI
run: |
ibmcloud login --apikey "${IBM_CLOUD_API_KEY}" --no-region --quiet
- name: Generate Kubeconfig
run: |
ibmcloud ks cluster config --cluster $IKS_CLUSTER
kubectl config current-context
- name: Get ingress domain
run: |
ingressDomain=$(ibmcloud ks cluster get --cluster $IKS_CLUSTER --output json | jq -r '.ingress.hostname')
if [[ -z "$ingressDomain" ]]; then
echo "Could not get ingress domain"
exit 1
fi
echo "DEPLOY_INGRESS_DOMAIN=$ingressDomain" >> "$GITHUB_ENV"
- run: echo "PR_PREVIEW_URL=https://$DEPLOY_RESOURCE_NAME.$DEPLOY_INGRESS_DOMAIN/" >> "$GITHUB_ENV"
- name: Update PR comment about preview URL
uses: thollander/actions-comment-pull-request@v1
with:
message: |
### <span aria-hidden="true">🔨</span> Deploy Preview deleted from internal cluster!
| Name | Link |
|---------------------------------|------------------------|
|<span aria-hidden="true">🔨</span> Latest commit | ${{ env.PR_HEAD_SHA }} |
|<span aria-hidden="true">😎</span> Deploy Preview | ~[${{ env.PR_PREVIEW_URL }}](${{ env.PR_PREVIEW_URL }})~ |
comment_includes: 'Deploy Preview'
pr_number: ${{ env.PR_NUMBER }}
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
reactions: recycle
- name: Delete component in namespace
run: |
if odo list namespaces | grep "$NAMESPACE"; then
odo set namespace "$NAMESPACE"
cd docs/website/
odo delete component --force --wait
fi
- name: Delete namespace
if: ${{ always() }}
run: |
if odo list namespaces | grep "$NAMESPACE"; then
odo delete namespace "$NAMESPACE" \
--wait \
--force \
|| echo "Could not delete namespace $NAMESPACE - please delete it manually."
fi