Build static production #8

	name: Build static production
	on:
	workflow_dispatch:
	inputs:
	kuberta_system:

	jobs:
	deploy:
	name: Build production
	runs-on: ubuntu-latest
	permissions:
	contents: read
	id-token: write

	steps:
	- uses: docker://quay.csssr.cloud/csssr/kuberta-init-workflow:v1

	- name: Download CSSSR actions
	uses: actions/checkout@v4
	with:
	repository: CSSSR/actions
	ssh-key: ${{ secrets.DOWNLOAD_ACTIONS_SSH_KEY }}
	path: actions

	- uses: actions/checkout@v4
	with:
	path: blog

	- uses: actions/setup-node@v4
	with:
	node-version: 16
	registry-url: 'https://npm.pkg.github.com'
	scope: '@csssr'

	- name: Install dependencies
	working-directory: blog
	run: yarn install --frozen-lockfile
	env:
	NODE_AUTH_TOKEN: ${{ secrets.NPM_GITHUB_REGISTRY_TOKEN }}

	- name: Build production
	working-directory: blog
	run: yarn build
	env:
	IS_PRODUCTION: 'TRUE'
	BLOG_HOST: https://blog.csssr.com
	COM_HOST: https://csssr.com

	- name: Import secrets
	id: secrets
	uses: hashicorp/vault-action@v2
	with:
	url: https://vault.csssr.com:8200
	jwtGithubAudience: ${{secrets.VAULT_JWT_KEY}}
	role: s3-cdn-upload
	method: jwt
	exportEnv: false
	secrets: \|
	aws/sts/s3-cdn-upload access_key \| AWS_ACCESS_KEY_ID ;
	aws/sts/s3-cdn-upload secret_key \| AWS_SECRET_ACCESS_KEY ;
	aws/sts/s3-cdn-upload security_token \| AWS_SESSION_TOKEN ;

	- uses: ./actions/upload-static/v1beta1
	with:
	project-id: csssr-new-blog
	files: ./blog/out
	auth: 'aws:${{steps.secrets.outputs.AWS_ACCESS_KEY_ID}}:${{steps.secrets.outputs.AWS_SECRET_ACCESS_KEY}}:${{steps.secrets.outputs.AWS_SESSION_TOKEN}}'

Provide feedback