Skip to content
PR Updated triggers

feat: allow deploying to hetzner #4333

Sign in to view logs

feat: allow deploying to hetzner

feat: allow deploying to hetzner #4333

Workflow file for this run

.github/workflows/on_pr.yml at 307af6b
name: PR Updated triggers
on:
pull_request:
types: [labeled, unlabeled, synchronize, closed, reopened, opened]
permissions:
id-token: write
contents: read
packages: write
jobs:
path-filter:
runs-on: ubuntu-latest
if: github.event.action == 'opened' || github.event.action == 'reopened' || github.event.action == 'synchronize' || github.event.action == 'closed' || github.event.action == 'labeled' || github.event.action == 'unlabeled'
outputs:
docs: ${{ steps.changes.outputs.docs }}
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
- uses: dorny/paths-filter@v3
id: changes
with:
filters: |
docs:
- 'docs/**'
# you can skip the build by adding 'skip-build' to the commit message, useful when testing tests
skip_build_sha:
outputs:
last-successful-build-sha: ${{ steps.last-build.outputs.last-successful-build-sha }}
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
with:
fetch-depth: 0
ref: ${{ github.event.pull_request.head.sha }}
- name: Check if skip-build is in the commit message
id: check
run: |
echo "commit message: $(git log -1 --pretty=%B)"
if [[ "$(git log -1 --pretty=%B)" == *"skip-build"* ]]; then
echo "skip-build is in the commit message"
echo "skip-build=true" >> $GITHUB_OUTPUT
else
echo "skip-build is not in the commit message"
echo "skip-build=false" >> $GITHUB_OUTPUT
echo "skip-build-sha=" >> $GITHUB_OUTPUT
fi
- name: Find last successful build SHA
id: last-build
if: ${{ steps.check.outputs.skip-build == 'true' }}
env:
GH_TOKEN: ${{ github.token }}
run: |
pr_number="${{ github.event.pull_request.number }}"
gh api "/repos/${{ github.repository }}/actions/workflows/on_pr.yml/runs?event=pull_request&per_page=100" \
--jq ".workflow_runs[] | select(.pull_requests[]?.number == ${pr_number}) | select(.id < ${{ github.run_id }}) | {id: .id, sha: .head_sha, created: .created_at}" \
| jq -s 'sort_by(.created) | reverse | .[].id' -r \
| while read run_id; do
echo "Checking run: $run_id"
run=$(gh api "/repos/${{ github.repository }}/actions/runs/${run_id}/jobs")
echo "Run: $run"
all_success=$(echo "$run" | jq '[.jobs[] | select(.name | contains("build-all")) | .conclusion] | all(. == "success")')
echo "All success for $run_id: $all_success"
if [ "$all_success" == "true" ]; then
successful_sha=$(gh api "/repos/${{ github.repository }}/actions/runs/${run_id}" --jq '.head_sha')
echo "last-successful-build-sha=${successful_sha}" >> $GITHUB_OUTPUT
echo "Found last successful build at SHA: $successful_sha (run: $run_id)"
exit 0
fi
done
if [ "$all_success" == "false" ]; then
echo "last-successful-build-sha=" >> $GITHUB_OUTPUT
echo "No previous successful build found in this PR"
fi
ci:
if: github.event.action == 'opened' || github.event.action == 'reopened' || github.event.action == 'synchronize' || (github.event.action == 'labeled' && github.event.label.name == 'preview')
uses: ./.github/workflows/ci.yml
build-all:
if: (github.event.action == 'opened' || github.event.action == 'reopened' || github.event.action == 'synchronize' || (github.event.action == 'labeled' && github.event.label.name == 'preview')) && (needs.skip_build_sha.outputs.last-successful-build-sha == '')
needs:
- path-filter
- skip_build_sha
permissions:
contents: read
packages: write
uses: ./.github/workflows/ghcr-build-all.yml
secrets:
SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }}
e2e:
if: (github.event.action == 'opened' || github.event.action == 'reopened' || github.event.action == 'synchronize') && always() && (needs.build-all.result == 'success' || needs.build-all.result == 'skipped')
needs:
- path-filter
- build-all
- skip_build_sha
uses: ./.github/workflows/e2e.yml
with:
image-tag-override: ${{ needs.skip_build_sha.outputs.last-successful-build-sha || '' }}
deploy-preview:
if: needs.build-all.result == 'success' && contains(github.event.pull_request.labels.*.name, 'preview')
uses: ./.github/workflows/preview.yml
needs:
- build-all
permissions:
contents: read
pull-requests: write
with:
action: deploy
image_tag: ${{ github.event.pull_request.head.sha }}
secrets:
SSH_PRIVATE_KEY: ${{ secrets.SSH_PRIVATE_KEY }}
SSH_USER: ${{ secrets.SSH_USER }}
SSH_HOST_PREVIEW: ${{ secrets.SSH_HOST_PREVIEW }}
GHCR_USER: ${{ secrets.GHCR_USER }}
GHCR_TOKEN: ${{ secrets.GHCR_TOKEN }}
close-preview:
if: (github.event.action == 'closed' && contains(github.event.pull_request.labels.*.name, 'preview')) || (github.event.action == 'unlabeled' && github.event.label.name == 'preview')
uses: ./.github/workflows/preview.yml
permissions:
contents: read
pull-requests: write
with:
action: teardown
secrets:
SSH_PRIVATE_KEY: ${{ secrets.SSH_PRIVATE_KEY }}
SSH_USER: ${{ secrets.SSH_USER }}
SSH_HOST_PREVIEW: ${{ secrets.SSH_HOST_PREVIEW }}
GHCR_USER: ${{ secrets.GHCR_USER }}
GHCR_TOKEN: ${{ secrets.GHCR_TOKEN }}
deploy-docs-preview:
permissions:
contents: write
pages: write
pull-requests: write
needs:
- path-filter
if: (github.event.action == 'opened' || github.event.action == 'reopened' || github.event.action == 'synchronize') && needs.path-filter.outputs.docs == 'true'
uses: ./.github/workflows/build-docs.yml
with:
preview: true
close-docs-preview:
needs:
- path-filter
permissions:
contents: write
pages: write
pull-requests: write
if: github.event.action == 'closed' && needs.path-filter.outputs.docs == 'true'
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Close docs preview
uses: rossjrw/pr-preview-action@v1
with:
source-dir: docs/out
action: remove
status-check:
needs:
- ci
- e2e
runs-on: ubuntu-latest
steps:
- name: ok
run: |
echo ok