-
-
Notifications
You must be signed in to change notification settings - Fork 335
75 lines (73 loc) · 2.97 KB
/
fly-deploy.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
# Follow-up of fly-build, with access to secrets for making deployments.
# This workflow runs in the target repo context. It does not, and should never execute user-supplied code.
# See https://securitylab.github.com/research/github-actions-preventing-pwn-requests/
name: fly.io Deploy
on:
workflow_run:
workflows: ["fly.io Build"]
types:
- completed
jobs:
deploy:
name: Deploy app to fly.io
runs-on: ubuntu-22.04
if: |
github.event.workflow_run.event == 'pull_request' &&
github.event.workflow_run.conclusion == 'success'
steps:
- uses: actions/checkout@v4
- name: Set up flyctl
uses: superfly/flyctl-actions/setup-flyctl@master
with:
version: 0.2.72
- name: Download artifacts
uses: actions/github-script@v7
with:
script: |
var artifacts = await github.rest.actions.listWorkflowRunArtifacts({
owner: context.repo.owner,
repo: context.repo.repo,
run_id: ${{ github.event.workflow_run.id }},
});
var matchArtifact = artifacts.data.artifacts.filter((artifact) => {
return artifact.name == "docker-image"
})[0];
var download = await github.rest.actions.downloadArtifact({
owner: context.repo.owner,
repo: context.repo.repo,
artifact_id: matchArtifact.id,
archive_format: 'zip',
});
var fs = require('fs');
fs.writeFileSync('${{github.workspace}}/docker-image.zip', Buffer.from(download.data));
await github.rest.actions.deleteArtifact({
owner: context.repo.owner,
repo: context.repo.repo,
artifact_id: matchArtifact.id,
});
- name: Extract artifacts
id: extract_artifacts
run: |
unzip docker-image.zip
cat ./pr-info.txt >> $GITHUB_OUTPUT
- name: Load Docker image
run: docker load --input grist-core.tar
- name: Deploy to fly.io
id: fly_deploy
env:
FLY_API_TOKEN: ${{ secrets.FLY_API_TOKEN }}
BRANCH_NAME: ${{ steps.extract_artifacts.outputs.PR_SOURCE }}
run: |
node buildtools/fly-deploy.js deploy
flyctl config -c ./fly.toml env | awk '/APP_HOME_URL/{print "DEPLOY_URL=" $2}' >> $GITHUB_OUTPUT
flyctl config -c ./fly.toml env | awk '/FLY_DEPLOY_EXPIRATION/{print "EXPIRES=" $2}' >> $GITHUB_OUTPUT
- name: Comment on PR
uses: actions/github-script@v7
with:
script: |
github.rest.issues.createComment({
issue_number: ${{ steps.extract_artifacts.outputs.PR_NUMBER }},
owner: context.repo.owner,
repo: context.repo.repo,
body: `Deployed commit \`${{ steps.extract_artifacts.outputs.PR_SHASUM }}\` as ${{ steps.fly_deploy.outputs.DEPLOY_URL }} (until ${{ steps.fly_deploy.outputs.EXPIRES }})`
})