Update deploy configuration

.github/kuberta.yaml

@@ -15,22 +15,44 @@ releases:
       - workflow: build-storybook.yaml
         values:
           buildID: build-{{ .Build.RunID }}
-  csssr-new-blog:
-    name: csssr-blog
+  csssr-blog-testing:
+    name: csssr-blog-production
     cluster: gke-csssr-testing
     autodeploy-on: default
     chart: oci://quay.csssr.cloud/charts/static-site@~1.1.0
     slack:
       - CKF42GD36 # #csssr_builds
     static-params:
       projectID: csssr-new-blog
-      tlsSecret: csssr-new-blog-tls
+      tlsSecret: csssr-blog-testing-tls
       notFoundPagePath: 404/index.html
       ingress:
         annotations:
           nginx.ingress.kubernetes.io/server-snippet: |
             rewrite ^/$ https://$http_host/en redirect;
     builds:
-      - workflow: deploy_testing.yml
+      - workflow: build-testing.yaml
+        values:
+          buildID: build-{{ .Build.RunID }}
+  csssr-blog-production:
+    name: csssr-blog-production
+    cluster: gke-csssr-production
+    base: csssr-blog-testing
+    autodeploy-on:
+      push:
+        - master
+    static-params:
+      projectID: csssr-new-blog
+      host: blog.csssr.com
+      environment: production
+      notFoundPagePath: 404/index.html
+      cache: etag-only
+      reduceHttpRedirects: enabled
+      ingress:
+        annotations:
+          nginx.ingress.kubernetes.io/server-snippet: |
+            rewrite ^/$ https://$http_host/en redirect;
+    builds:
+      - workflow: build-production.yaml
         values:
           buildID: build-{{ .Build.RunID }}

.github/workflows/deploy_production.yml → .github/workflows/build-production.yaml

@@ -1,46 +1,45 @@
-name: Деплой блога на прод
+name: Build static production
 on:
-  push:
-    branches:
-      - master
-concurrency: production_environment
+  workflow_dispatch:
+    inputs:
+      kuberta_system:
 
 jobs:
   deploy:
-    name: Сборка прода
+    name: Build production
     runs-on: ubuntu-latest
     permissions:
       contents: read
       id-token: write
-      deployments: write
 
     steps:
+      - uses: docker://quay.csssr.cloud/csssr/kuberta-init-workflow:v1
+
       - name: Download CSSSR actions
-        uses: actions/checkout@v2
+        uses: actions/checkout@v4
         with:
           repository: CSSSR/actions
           ssh-key: ${{ secrets.DOWNLOAD_ACTIONS_SSH_KEY }}
           path: actions
 
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v4
         with:
-          path: new_blog_prod
-          ref: ${{ github.event.pull_request.head.sha }}
+          path: blog
 
-      - uses: actions/setup-node@v3
+      - uses: actions/setup-node@v4
         with:
           node-version: 16
           registry-url: 'https://npm.pkg.github.com'
           scope: '@csssr'
 
       - name: Install dependencies
-        working-directory: new_blog_prod
+        working-directory: blog
         run: yarn install --frozen-lockfile
         env:
           NODE_AUTH_TOKEN: ${{ secrets.NPM_GITHUB_REGISTRY_TOKEN }}
 
-      - name: Build prod
-        working-directory: new_blog_prod
+      - name: Build production
+        working-directory: blog
         run: yarn build
         env:
           IS_PRODUCTION: 'TRUE'
@@ -49,7 +48,7 @@ jobs:
 
       - name: Import secrets
         id: secrets
-        uses: hashicorp/vault-action@v2.4.0
+        uses: hashicorp/vault-action@v2
         with:
           url: https://vault.csssr.com:8200
           jwtGithubAudience: ${{secrets.VAULT_JWT_KEY}}
@@ -61,22 +60,8 @@ jobs:
             aws/sts/s3-cdn-upload secret_key | AWS_SECRET_ACCESS_KEY ;
             aws/sts/s3-cdn-upload security_token | AWS_SESSION_TOKEN ;
 
-      - name: Деплой на продакшен
-        uses: ./actions/deploy-static-site/v1beta1
+      - uses: ./actions/upload-static/v1beta1
         with:
-          auth: 'aws:${{steps.secrets.outputs.AWS_ACCESS_KEY_ID}}:${{steps.secrets.outputs.AWS_SECRET_ACCESS_KEY}}:${{steps.secrets.outputs.AWS_SESSION_TOKEN}}'
-          token: ${{ secrets.GITHUB_TOKEN }}
-          site-type: mpa
           project-id: csssr-new-blog
-          files: ./new_blog_prod/out
-          no-previous-files: 'true'
-          not-found-page: 404/index.html
-          host: blog.csssr.com
-          environment: production
-          values: |
-            cache: etag-only
-            reduceHttpRedirects: enabled
-            ingress:
-              annotations:
-                nginx.ingress.kubernetes.io/server-snippet: |
-                  rewrite ^/$ https://$http_host/en redirect;
+          files: ./blog/out
+          auth: 'aws:${{steps.secrets.outputs.AWS_ACCESS_KEY_ID}}:${{steps.secrets.outputs.AWS_SECRET_ACCESS_KEY}}:${{steps.secrets.outputs.AWS_SESSION_TOKEN}}'

.github/workflows/build-storybook.yaml

@@ -1,12 +1,12 @@
-name: Storybook
+name: Build storybook
 on:
   workflow_dispatch:
     inputs:
       kuberta_system:
 
 jobs:
   build:
-    name: Build Storybook
+    name: Build storybook
     runs-on: ubuntu-latest
     permissions:
       contents: read
@@ -19,17 +19,17 @@ jobs:
         id: gh
 
       - name: Download CSSSR actions
-        uses: actions/checkout@v2
+        uses: actions/checkout@v4
         with:
           repository: CSSSR/actions
           ssh-key: ${{ secrets.DOWNLOAD_ACTIONS_SSH_KEY }}
           path: actions
 
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v4
         with:
           path: blog
 
-      - uses: actions/setup-node@v1
+      - uses: actions/setup-node@v4
         with:
           node-version: '14.x'
 
@@ -43,7 +43,7 @@ jobs:
 
       - name: Import secrets
         id: secrets
-        uses: hashicorp/vault-action@v2.4.0
+        uses: hashicorp/vault-action@v2
         with:
           url: https://vault.csssr.com:8200
           jwtGithubAudience: ${{secrets.VAULT_JWT_KEY}}

.github/workflows/deploy_testing.yml → .github/workflows/build-testing.yaml

@@ -1,12 +1,12 @@
-name: Деплой блога на тестинг
+name: Build static testing
 on:
   workflow_dispatch:
     inputs:
       kuberta_system:
 
 jobs:
   deploy:
-    name: Сборка тестинга
+    name: Build testing
     runs-on: ubuntu-latest
     permissions:
       contents: read
@@ -16,25 +16,24 @@ jobs:
       - uses: docker://quay.csssr.cloud/csssr/kuberta-init-workflow:v1
 
       - name: Download CSSSR actions
-        uses: actions/checkout@v2
+        uses: actions/checkout@v4
         with:
           repository: CSSSR/actions
           ssh-key: ${{ secrets.DOWNLOAD_ACTIONS_SSH_KEY }}
           path: actions
 
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v4
         with:
-          path: new_blog
-          ref: ${{ github.event.pull_request.head.sha }}
+          path: blog
 
-      - uses: actions/setup-node@v3
+      - uses: actions/setup-node@v4
         with:
           node-version: 16
           registry-url: 'https://npm.pkg.github.com'
           scope: '@csssr'
 
       - name: Install dependencies
-        working-directory: new_blog
+        working-directory: blog
         run: yarn install --frozen-lockfile
         env:
           NODE_AUTH_TOKEN: ${{ secrets.NPM_GITHUB_REGISTRY_TOKEN }}
@@ -43,15 +42,15 @@ jobs:
         id: gh
 
       - name: Build testing
-        working-directory: new_blog
+        working-directory: blog
         run: yarn build
         env:
           BLOG_HOST: https://${{ steps.gh.outputs.releaseID }}.csssr-new-blog.csssr.cloud
           COM_HOST: https://master.com.csssr.cloud
 
       - name: Import secrets
         id: secrets
-        uses: hashicorp/vault-action@v2.4.0
+        uses: hashicorp/vault-action@v2
         with:
           url: https://vault.csssr.com:8200
           jwtGithubAudience: ${{secrets.VAULT_JWT_KEY}}
@@ -66,6 +65,5 @@ jobs:
       - uses: ./actions/upload-static/v1beta1
         with:
           project-id: csssr-new-blog
-          files: ./new_blog/out
-          no-previous-files: 'true'
+          files: ./blog/out
           auth: 'aws:${{steps.secrets.outputs.AWS_ACCESS_KEY_ID}}:${{steps.secrets.outputs.AWS_SECRET_ACCESS_KEY}}:${{steps.secrets.outputs.AWS_SESSION_TOKEN}}'