gradio/.github/workflows/website-deploy.yml
pngwn e23347c57f
Ci security tweaks (#9012)
* asd

* asd

* asd

* asd

* asd

* asd

* asd

* asd

* asd

* asd

* asd

* asd

* asd

* asd

* :[
2024-08-05 23:34:26 +01:00

133 lines
5.1 KiB
YAML

name: "website-deploy"
on:
workflow_run:
workflows: ["website-build"]
types:
- completed
concurrency:
group: "${{ github.event.workflow_run.head_repository.full_name }}-${{ github.event.workflow_run.head_branch }}-${{ github.workflow_ref }}"
cancel-in-progress: true
jobs:
changes:
name: "changes"
runs-on: ubuntu-latest
permissions:
actions: read
outputs:
should_run: ${{ steps.json.outputs.should_run }}
sha: ${{ steps.json.outputs.sha }}
pr_number: ${{ steps.json.outputs.pr_number }}
source_branch: ${{ steps.json.outputs.source_branch }}
source_repo: ${{ steps.json.outputs.source_repo }}
labels: ${{ steps.json.outputs.labels }}
run_id: ${{ steps.json.outputs.run_id }}
steps:
- name: Download artifact
uses: actions/download-artifact@v4
with:
name: changes
github-token: ${{ secrets.GITHUB_TOKEN }}
run-id: ${{ github.event.workflow_run.id }}
- uses: gradio-app/github/actions/json-to-output@main
id: json
with:
path: output.json
comment-deploy-start:
needs: changes
uses: "./.github/workflows/comment-queue.yml"
secrets:
gh_token: ${{ secrets.COMMENT_TOKEN }}
with:
pr_number: ${{ needs.changes.outputs.pr_number }}
message: website~pending~null
deploy:
environment: deploy_website
name: "deploy"
runs-on: ubuntu-latest
needs: changes
if: needs.changes.outputs.should_run == 'true'
permissions:
actions: read
outputs:
vercel_url: ${{ steps.output_url.outputs.vercel_url }}
env:
VERCEL_ORG_ID: ${{ secrets.VERCEL_ORG_ID }}
VERCEL_PROJECT_ID: ${{ secrets.VERCEL_PROJECT_ID }}
steps:
- uses: actions/download-artifact@v4
with:
name: website-json
path: js/_website/lib/json
run-id: ${{ github.event.workflow_run.id }}
github-token: ${{ secrets.GITHUB_TOKEN }}
- uses: actions/download-artifact@v4
with:
name: website-templates
path: js/_website/lib/templates
run-id: ${{ github.event.workflow_run.id }}
github-token: ${{ secrets.GITHUB_TOKEN }}
- name: download website artifacts
uses: actions/download-artifact@v4
with:
name: website
path: js/_website/.vercel
run-id: ${{ github.event.workflow_run.id }}
github-token: ${{ secrets.GITHUB_TOKEN }}
- name: list files
run: ls -R .
- name: deploy json to aws
if: startsWith(needs.changes.outputs.source_branch, 'changeset-release/') && needs.changes.outputs.source_repo == 'gradio-app/gradio'
run: |
export AWS_ACCESS_KEY_ID=${{ secrets.DOCS_JSON_AWS_S3_ACCESS_KEY }}
export AWS_SECRET_ACCESS_KEY=${{ secrets.DOCS_JSON_AWS_S3_SECRET_ACCESS_KEY }}
export AWS_DEFAULT_REGION=us-west-2
version=$(jq -r .version js/_website/lib/json/version.json)
aws s3 cp ./js/_website/lib/json/ s3://gradio-docs-json/$version/ --recursive
aws s3 cp ./js/_website/lib/templates/ s3://gradio-docs-json/$version/templates/ --recursive
# preview
- name: Pull Vercel Environment Information
shell: bash
if: needs.changes.outputs.pr_number != 'false'
run: vercel pull --yes --environment=preview --token=${{ secrets.VERCEL_DEPLOY_TOKEN }} --cwd js/_website
- name: Deploy Project Artifacts to Vercel
if: needs.changes.outputs.pr_number != 'true'
id: output_url
shell: bash
run: echo "vercel_url=$(vercel deploy --prebuilt --token=${{ secrets.VERCEL_DEPLOY_TOKEN }} --cwd js/_website)" >> $GITHUB_OUTPUT
# production
- name: Pull Vercel Environment Information
if: needs.changes.outputs.source_repo == 'gradio-app/gradio' && needs.changes.outputs.source_branch == 'main'
shell: bash
run: vercel pull --yes --environment=production --token=${{ secrets.VERCEL_DEPLOY_TOKEN }} --cwd js/_website
- name: Deploy Project Artifacts to Vercel
if: needs.changes.outputs.source_repo == 'gradio-app/gradio' && needs.changes.outputs.source_branch == 'main'
shell: bash
run: echo "VERCEL_URL=$(vercel deploy --prebuilt --prod --token=${{ secrets.VERCEL_DEPLOY_TOKEN }})" --cwd js/_website >> $GITHUB_ENV
comment-deploy-success:
uses: "./.github/workflows/comment-queue.yml"
needs: [deploy, changes]
if: needs.deploy.result == 'success' && needs.changes.outputs.pr_number != 'false'
secrets:
gh_token: ${{ secrets.COMMENT_TOKEN }}
with:
pr_number: ${{ needs.changes.outputs.pr_number }}
message: website~success~${{needs.deploy.outputs.vercel_url}}
comment-deploy-failure:
uses: "./.github/workflows/comment-queue.yml"
needs: [deploy, changes]
if: always() && needs.deploy.result == 'failure' && needs.changes.outputs.pr_number != 'false'
secrets:
gh_token: ${{ secrets.COMMENT_TOKEN }}
with:
pr_number: ${{ needs.changes.outputs.pr_number }}
message: website~failure~https://github.com/gradio-app/gradio/actions/runs/${{github.run_id}}/