-
Notifications
You must be signed in to change notification settings - Fork 5
120 lines (99 loc) · 4.41 KB
/
firebase-hosting-preview.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
name: Build and Deploy
on:
pull_request:
types: [opened, reopened, synchronize]
workflow_dispatch:
inputs:
pr_branch:
description: 'Checkout this branch from the LEVANTE repository and execute CI/CD tests on it.'
required: true
concurrency:
group: ci-preview-tests-${{ github.ref }}-1
cancel-in-progress: true
jobs:
build-and-preview:
name: Deploy Preview
runs-on: ubuntu-latest
steps:
# For workflows triggered by pull requests
- name: Checkout PR code
if: github.event_name == 'pull_request'
uses: actions/checkout@v4
with:
repository: ${{ github.event.pull_request.head.repo.full_name }}
ref: ${{ github.event.pull_request.head.ref }}
# For workflows triggered manually, targeting the LEVANTE dashboard repository specifically
- name: Checkout manual trigger code
if: github.event_name == 'workflow_dispatch'
uses: actions/checkout@v4
with:
repository: levante-framework/levante-dashboard
ref: ${{ github.event.inputs.pr_branch }}
fetch-depth: 0
- name: Setup Node.js
uses: actions/setup-node@v4
with:
node-version-file: '.nvmrc'
cache: 'npm'
cache-dependency-path: 'package-lock.json'
- name: Install dependencies
run: npm ci
- name: Build project
run: npm run build
- name: Deploy to Firebase Hosting Channel
id: firebase-deploy
uses: FirebaseExtended/action-hosting-deploy@v0
with:
repoToken: ${{ secrets.GITHUB_TOKEN }}
firebaseServiceAccount: ${{ secrets.FIREBASE_SERVICE_ACCOUNT_GSE_ROAR_ADMIN }}
projectId: gse-roar-admin
target: staging
- name: Set Output Deploy URL
id: set-deploy-url
run: echo "deployUrl=${{ fromJson(steps.firebase-deploy.outputs.urls)[0] }}" >> $GITHUB_OUTPUT
outputs:
deployUrl: ${{ steps.set-deploy-url.outputs.deployUrl }}
whitelist-pr-domains-roar-admin:
name: Whitelist PR Domains on Firebase App Check for gse-roar-admin
runs-on: ubuntu-latest
needs: build-and-preview
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Authenticate with Google Cloud SDK
uses: google-github-actions/auth@v2
with:
credentials_json: ${{ secrets.FIREBASE_SERVICE_ACCOUNT_GSE_ROAR_ADMIN }}
- name: Set up Google Cloud SDK with Firebase Service Account
uses: google-github-actions/setup-gcloud@v2
with:
project_id: gse-roar-admin
- name: Update App Check Domains for gse-roar-admin
run: |
CURRENT_DOMAINS=$(gcloud recaptcha keys describe ${{ secrets.FIREBASE_APPCHECK_SITE_KEY_GSE_ROAR_ADMIN }} --format="value(webSettings.allowedDomains)" | tr ';' '\n')
NEW_DOMAIN=$(echo ${{ needs.build-and-preview.outputs.deployUrl }} | sed 's|https://||')
ALL_DOMAINS=$(echo -e "${CURRENT_DOMAINS}\n${NEW_DOMAIN}")
UPDATED_DOMAINS=$(echo "$ALL_DOMAINS" | sort | uniq | paste -sd ',' -)
gcloud recaptcha keys update ${{ secrets.FIREBASE_APPCHECK_SITE_KEY_GSE_ROAR_ADMIN }} --domains="$UPDATED_DOMAINS" --web
whitelist-pr-domains-roar-assessment:
name: Whitelist PR Domains on Firebase App Check for gse-roar-assessment
runs-on: ubuntu-latest
needs: build-and-preview
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Authenticate with Google Cloud SDK
uses: google-github-actions/auth@v2
with:
credentials_json: ${{ secrets.FIREBASE_SERVICE_ACCOUNT_GSE_ROAR_ASSESSMENT }}
- name: Set up Google Cloud SDK for gse-roar-assessment
uses: google-github-actions/setup-gcloud@v2
with:
project_id: gse-roar-assessment
- name: Update App Check Domains for gse-roar-assessment
run: |
CURRENT_DOMAINS=$(gcloud recaptcha keys describe ${{ secrets.FIREBASE_APPCHECK_SITE_KEY_GSE_ROAR_ASSESSMENT }} --format="value(webSettings.allowedDomains)" | tr ';' '\n')
NEW_DOMAIN=$(echo ${{ needs.build-and-preview.outputs.deployUrl }} | sed 's|https://||')
ALL_DOMAINS=$(echo -e "${CURRENT_DOMAINS}\n${NEW_DOMAIN}")
UPDATED_DOMAINS=$(echo "$ALL_DOMAINS" | sort | uniq | paste -sd ',' -)
gcloud recaptcha keys update ${{ secrets.FIREBASE_APPCHECK_SITE_KEY_GSE_ROAR_ASSESSMENT }} --domains="$UPDATED_DOMAINS" --web