diff --git a/.github/kuberta.yaml b/.github/kuberta.yaml index 16a5cd82..4b1f8262 100644 --- a/.github/kuberta.yaml +++ b/.github/kuberta.yaml @@ -15,8 +15,8 @@ releases: - workflow: build-storybook.yaml values: buildID: build-{{ .Build.RunID }} - csssr-new-blog: - name: csssr-blog + csssr-blog-testing: + name: csssr-blog-production cluster: gke-csssr-testing autodeploy-on: default chart: oci://quay.csssr.cloud/charts/static-site@~1.1.0 @@ -24,13 +24,35 @@ releases: - CKF42GD36 # #csssr_builds static-params: projectID: csssr-new-blog - tlsSecret: csssr-new-blog-tls + tlsSecret: csssr-blog-testing-tls notFoundPagePath: 404/index.html ingress: annotations: nginx.ingress.kubernetes.io/server-snippet: | rewrite ^/$ https://$http_host/en redirect; builds: - - workflow: deploy_testing.yml + - workflow: build-testing.yaml + values: + buildID: build-{{ .Build.RunID }} + csssr-blog-production: + name: csssr-blog-production + cluster: gke-csssr-production + base: csssr-blog-testing + autodeploy-on: + push: + - master + static-params: + projectID: csssr-new-blog + host: blog.csssr.com + environment: production + notFoundPagePath: 404/index.html + cache: etag-only + reduceHttpRedirects: enabled + ingress: + annotations: + nginx.ingress.kubernetes.io/server-snippet: | + rewrite ^/$ https://$http_host/en redirect; + builds: + - workflow: build-production.yaml values: buildID: build-{{ .Build.RunID }} diff --git a/.github/workflows/deploy_production.yml b/.github/workflows/build-production.yaml similarity index 55% rename from .github/workflows/deploy_production.yml rename to .github/workflows/build-production.yaml index 8e297739..092a1461 100644 --- a/.github/workflows/deploy_production.yml +++ b/.github/workflows/build-production.yaml @@ -1,46 +1,45 @@ -name: Деплой блога на прод +name: Build static production on: - push: - branches: - - master -concurrency: production_environment + workflow_dispatch: + inputs: + kuberta_system: jobs: deploy: - name: Сборка прода + name: Build production runs-on: ubuntu-latest permissions: contents: read id-token: write - deployments: write steps: + - uses: docker://quay.csssr.cloud/csssr/kuberta-init-workflow:v1 + - name: Download CSSSR actions - uses: actions/checkout@v2 + uses: actions/checkout@v4 with: repository: CSSSR/actions ssh-key: ${{ secrets.DOWNLOAD_ACTIONS_SSH_KEY }} path: actions - - uses: actions/checkout@v2 + - uses: actions/checkout@v4 with: - path: new_blog_prod - ref: ${{ github.event.pull_request.head.sha }} + path: blog - - uses: actions/setup-node@v3 + - uses: actions/setup-node@v4 with: node-version: 16 registry-url: 'https://npm.pkg.github.com' scope: '@csssr' - name: Install dependencies - working-directory: new_blog_prod + working-directory: blog run: yarn install --frozen-lockfile env: NODE_AUTH_TOKEN: ${{ secrets.NPM_GITHUB_REGISTRY_TOKEN }} - - name: Build prod - working-directory: new_blog_prod + - name: Build production + working-directory: blog run: yarn build env: IS_PRODUCTION: 'TRUE' @@ -49,7 +48,7 @@ jobs: - name: Import secrets id: secrets - uses: hashicorp/vault-action@v2.4.0 + uses: hashicorp/vault-action@v2 with: url: https://vault.csssr.com:8200 jwtGithubAudience: ${{secrets.VAULT_JWT_KEY}} @@ -61,22 +60,8 @@ jobs: aws/sts/s3-cdn-upload secret_key | AWS_SECRET_ACCESS_KEY ; aws/sts/s3-cdn-upload security_token | AWS_SESSION_TOKEN ; - - name: Деплой на продакшен - uses: ./actions/deploy-static-site/v1beta1 + - uses: ./actions/upload-static/v1beta1 with: - auth: 'aws:${{steps.secrets.outputs.AWS_ACCESS_KEY_ID}}:${{steps.secrets.outputs.AWS_SECRET_ACCESS_KEY}}:${{steps.secrets.outputs.AWS_SESSION_TOKEN}}' - token: ${{ secrets.GITHUB_TOKEN }} - site-type: mpa project-id: csssr-new-blog - files: ./new_blog_prod/out - no-previous-files: 'true' - not-found-page: 404/index.html - host: blog.csssr.com - environment: production - values: | - cache: etag-only - reduceHttpRedirects: enabled - ingress: - annotations: - nginx.ingress.kubernetes.io/server-snippet: | - rewrite ^/$ https://$http_host/en redirect; + files: ./blog/out + auth: 'aws:${{steps.secrets.outputs.AWS_ACCESS_KEY_ID}}:${{steps.secrets.outputs.AWS_SECRET_ACCESS_KEY}}:${{steps.secrets.outputs.AWS_SESSION_TOKEN}}' diff --git a/.github/workflows/build-storybook.yaml b/.github/workflows/build-storybook.yaml index e80ef10f..936b2be6 100644 --- a/.github/workflows/build-storybook.yaml +++ b/.github/workflows/build-storybook.yaml @@ -1,4 +1,4 @@ -name: Storybook +name: Build storybook on: workflow_dispatch: inputs: @@ -6,7 +6,7 @@ on: jobs: build: - name: Build Storybook + name: Build storybook runs-on: ubuntu-latest permissions: contents: read @@ -19,17 +19,17 @@ jobs: id: gh - name: Download CSSSR actions - uses: actions/checkout@v2 + uses: actions/checkout@v4 with: repository: CSSSR/actions ssh-key: ${{ secrets.DOWNLOAD_ACTIONS_SSH_KEY }} path: actions - - uses: actions/checkout@v2 + - uses: actions/checkout@v4 with: path: blog - - uses: actions/setup-node@v1 + - uses: actions/setup-node@v4 with: node-version: '14.x' @@ -43,7 +43,7 @@ jobs: - name: Import secrets id: secrets - uses: hashicorp/vault-action@v2.4.0 + uses: hashicorp/vault-action@v2 with: url: https://vault.csssr.com:8200 jwtGithubAudience: ${{secrets.VAULT_JWT_KEY}} diff --git a/.github/workflows/deploy_testing.yml b/.github/workflows/build-testing.yaml similarity index 78% rename from .github/workflows/deploy_testing.yml rename to .github/workflows/build-testing.yaml index 90bbdddd..0c782d02 100644 --- a/.github/workflows/deploy_testing.yml +++ b/.github/workflows/build-testing.yaml @@ -1,4 +1,4 @@ -name: Деплой блога на тестинг +name: Build static testing on: workflow_dispatch: inputs: @@ -6,7 +6,7 @@ on: jobs: deploy: - name: Сборка тестинга + name: Build testing runs-on: ubuntu-latest permissions: contents: read @@ -16,25 +16,24 @@ jobs: - uses: docker://quay.csssr.cloud/csssr/kuberta-init-workflow:v1 - name: Download CSSSR actions - uses: actions/checkout@v2 + uses: actions/checkout@v4 with: repository: CSSSR/actions ssh-key: ${{ secrets.DOWNLOAD_ACTIONS_SSH_KEY }} path: actions - - uses: actions/checkout@v2 + - uses: actions/checkout@v4 with: - path: new_blog - ref: ${{ github.event.pull_request.head.sha }} + path: blog - - uses: actions/setup-node@v3 + - uses: actions/setup-node@v4 with: node-version: 16 registry-url: 'https://npm.pkg.github.com' scope: '@csssr' - name: Install dependencies - working-directory: new_blog + working-directory: blog run: yarn install --frozen-lockfile env: NODE_AUTH_TOKEN: ${{ secrets.NPM_GITHUB_REGISTRY_TOKEN }} @@ -43,7 +42,7 @@ jobs: id: gh - name: Build testing - working-directory: new_blog + working-directory: blog run: yarn build env: BLOG_HOST: https://${{ steps.gh.outputs.releaseID }}.csssr-new-blog.csssr.cloud @@ -51,7 +50,7 @@ jobs: - name: Import secrets id: secrets - uses: hashicorp/vault-action@v2.4.0 + uses: hashicorp/vault-action@v2 with: url: https://vault.csssr.com:8200 jwtGithubAudience: ${{secrets.VAULT_JWT_KEY}} @@ -66,6 +65,5 @@ jobs: - uses: ./actions/upload-static/v1beta1 with: project-id: csssr-new-blog - files: ./new_blog/out - no-previous-files: 'true' + files: ./blog/out auth: 'aws:${{steps.secrets.outputs.AWS_ACCESS_KEY_ID}}:${{steps.secrets.outputs.AWS_SECRET_ACCESS_KEY}}:${{steps.secrets.outputs.AWS_SESSION_TOKEN}}'