From 29f592a0c28b71cfaa8dcf9f0ea2ad4becaa166c Mon Sep 17 00:00:00 2001 From: Steve Mattingly <122061047+SteveMattinglyUSDS@users.noreply.github.com> Date: Thu, 9 Feb 2023 16:12:20 -0400 Subject: [PATCH] Auto deploy to GH Pages with workflow Action (#789) * Create Actions: deployment workflows * Tweak wording * Update home.html * Remove comment used to test deploy Actions * Create page * Re-enable deploy on push to master * Re-disable Pages deploy on push to master * Delete mypage.md * Use release pub as deploy trigger * Add git ref to build outputs * debugging action * debugging action * debugging action * debugging action * debugging action * debugging action * debugging action * debugging action * debugging action * debugging action * debugging action * debugging action * debugging action * debugging action * debug action * debug action * debug action * debug action * debug action * debug action * debug action * debug action * debug action * debug action * debug action * debug action * debug action * debug action * debug action * debug action * debug action * debug action * Completes action debugging * Simplify config * Fix non-prod baseurl * Temp tweak to mock prod for test * Revert temp tweak for testing * Rework mock deploy * Temp tweak to permit testing * debug action * Tweak message wording * Revert temp tweak for testing * Write ref.txt for all builds * Reinstate accidental deleted step --- .github/workflows/deploy.yml | 95 ++++++++++++++++++++++++++++++++++++ .github/workflows/revert.yml | 52 ++++++++++++++++++++ _config.yml | 12 +++-- 3 files changed, 156 insertions(+), 3 deletions(-) create mode 100644 .github/workflows/deploy.yml create mode 100644 .github/workflows/revert.yml diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml new file mode 100644 index 00000000..fa996488 --- /dev/null +++ b/.github/workflows/deploy.yml @@ -0,0 +1,95 @@ +# The name is descriptive for non-dev users in usds/website repo. +# For devs working in other repos, 'Deploy to GH Pages' is a better description. +name: Deploy to usds.gov + +on: + # Run automatically when a Release is published + release: + types: [published] + + # Allow manual run from the Actions tab on github.com + # This is for rare, probably emergency use, probably by engineers. + # Using it invalidates the general assumption that current deployment is a recently published release. + workflow_dispatch: + inputs: + ref: + description: 'Which commit/branch/tag do you want to deploy?' + required: true + type: string + + # Allow another Action to call this one (e.g., revert) + workflow_call: + inputs: + ref: + required: true + type: string + +# Set permissions of the GITHUB_TOKEN to allow deployment to GitHub Pages +permissions: + contents: read + pages: write + id-token: write + +# Allow one concurrent deployment +concurrency: + group: "pages" + cancel-in-progress: true + +jobs: + build: + runs-on: ubuntu-latest + steps: + - name: Retrieve commit history + uses: actions/checkout@v3 + with: + # Retrieve the entire history in case an old ref is being deployed + fetch-depth: 0 + + - name: Checkout the branch/commit + # This is usually redundant with previous step, but needed for ancestry refs like HEAD^ + run: git checkout ${{ inputs.ref }} + + - name: Setup Ruby + uses: ruby/setup-ruby@ee2113536afb7f793eed4ce60e8d3b26db912da4 # v1.127.0 + with: + ruby-version: '2.7' # Not needed with a .ruby-version file + bundler-cache: true # runs 'bundle install' and caches installed gems automatically + cache-version: 0 # Increment this number if you need to re-download cached gems + + - name: Setup Pages + id: pages + uses: actions/configure-pages@v2 + + - name: Jekyll build for repo usds/website + if: github.repository == 'usds/website' + run: bundle exec jekyll build + env: + JEKYLL_ENV: production + + - name: Jekyll build for repos other than usds/website + if: github.repository != 'usds/website' + run: bundle exec jekyll build --baseurl "${{ steps.pages.outputs.base_path }}" + + - name: Create a file to identify the git ref that deployed + run: echo ${{ inputs.ref }} > ./_site/ref.txt; grep .*[^\s\n\r].* ./_site/ref.txt || echo $GITHUB_REF > ./_site/ref.txt + + - name: Store newly built files as artifact of workflow run + uses: actions/upload-pages-artifact@v1 + + deploy: + runs-on: ubuntu-latest + needs: build + environment: + name: github-pages + url: ${{ steps.deployment.outputs.page_url }} + steps: + - name: For usds/website, check safety flag + # This is an extra precaution against unintended deploys to the Pages space in usds/website. + if: github.repository == 'usds/website' && vars.MOCK_PAGES_DEPLOY != 'FALSE' + run: | + echo "::error ::To enable deploy in usds/website, define MOCK_PAGES_DEPLOY=FALSE as Actions repo var under Settings/Security" + exit 1 + - name: Deploy to GitHub Pages + if: github.repository != 'usds/website' || vars.MOCK_PAGES_DEPLOY == 'FALSE' + id: deployment + uses: actions/deploy-pages@v1 diff --git a/.github/workflows/revert.yml b/.github/workflows/revert.yml new file mode 100644 index 00000000..4e3cf46f --- /dev/null +++ b/.github/workflows/revert.yml @@ -0,0 +1,52 @@ +name: Revert to preceding release publication + +# TBD decide which is better UX: trigger deploy with push-to-master, or with publish-release +# TBD Comments here assume that it's publish-release. + +# Allow manual run from the Actions tab on github.com +# When a GitHub Release is published, repo contents automatically deploy to Pages (usds.gov) +# This Action permits users to easily deploy the *second most recently published* Release. +# In other words, this is meant to "undo" a Release publication/auto deploy that is problematic. +# Using this invalidates the general assumption that current deployment is the most recently published release. +# (But note that this Action's behavior is unaffected if the general assumption is false. Running this Action +# will always deploy the *second most recently* published Release, regardless of what was deployed before the run.) +on: + workflow_dispatch: + +# Set permissions of the GITHUB_TOKEN to allow deployment to GitHub Pages +permissions: + contents: read + pages: write + id-token: write + +jobs: + find-preceding-release-tag: + runs-on: ubuntu-latest + outputs: + revert_tag: ${{ steps.preceding-publication.outputs.tag_name }} + steps: + - name: Get tag name of most recently published release + id: most-recent-publication + uses: joutvhu/get-release@v1 + with: + # Find most recently published release, any tag name + latest: true + pattern: '.*' + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + + - name: Get tag name of preceding release publication + id: preceding-publication + uses: joutvhu/get-release@v1 + with: + # Exclude tag name from above to find second most recently published release + latest: true + pattern: '^(?!${{ steps.most-recent-publication.outputs.tag_name }}$)' + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + + revert: + needs: find-preceding-release-tag + uses: ./.github/workflows/deploy.yml + with: + ref: ${{ needs.find-preceding-release-tag.outputs.revert_tag }} \ No newline at end of file diff --git a/_config.yml b/_config.yml index 288f5a83..641b8ba2 100644 --- a/_config.yml +++ b/_config.yml @@ -17,14 +17,18 @@ title: United States Digital Service email: your-email@example.com description: >- # this means to ignore newlines until "baseurl:" The United States Digital Service is transforming how the federal government works for the American people. And we need you. -domain: "https://usds.gov" -baseurl: "" # the subpath of your site, e.g. /blog url: "" # the base hostname & protocol for your site, e.g. http://example.com + +# GitHub Action overrides this with repo name when not in usds/website +baseurl: "" + +# This custom var is used only in meta tags in _head.html. It does not break sites for staging, dev, etc. +domain: "https://usds.gov" + timezone: "America/New_York" social_image: social-card--default.png twitter_username: usds -repository: usds/website collections: projects: @@ -90,3 +94,5 @@ exclude: - CODE_OF_CONDUCT.md - Staticfile - package-lock.json + - .github +