Skip to content
Deploy Preview

testing wif #1810

Sign in to view logs

testing wif

testing wif #1810

Workflow file for this run

.github/workflows/deploy-preview.yml at 779f35e
name: "Deploy Preview"
on:
pull_request_target:
branches: [main]
jobs:
precheck:
if: ${{ github.repository == 'PaloAltoNetworks/docusaurus-openapi-docs' }}
name: Precheck
runs-on: ubuntu-latest
permissions:
contents: read
outputs:
is-org-member-result: ${{ steps.is-org-member.outputs.is-org-member-result }}
steps:
- name: Check if actor is org member
id: is-org-member
run: |
status=$(curl -s -o /dev/null -w "%{http_code}" -H "Authorization: Bearer $GH_TOKEN" \
https://api.github.com/orgs/PaloAltoNetworks/members/${{ github.actor }})
if [ "$status" = "204" ]; then
echo "is-org-member-result=true" >> "$GITHUB_OUTPUT"
else
echo "is-org-member-result=false" >> "$GITHUB_OUTPUT"
fi
env:
GH_TOKEN: ${{ secrets.PAT }}
analyze:
if: github.repository == 'PaloAltoNetworks/docusaurus-openapi-docs' && needs.precheck.outputs.is-org-member-result == 'true'
name: Analyze
needs: precheck
runs-on: ubuntu-latest
permissions:
contents: read
security-events: write
strategy:
fail-fast: true
matrix:
language: ["javascript"]
steps:
- name: Checkout repository
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
with:
ref: ${{ github.event.pull_request.head.sha }}
- name: Initialize CodeQL
uses: github/codeql-action/init@1b549b9259bda1cb5ddde3b41741a82a2d15a841 # v3
with:
languages: ${{ matrix.language }}
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@1b549b9259bda1cb5ddde3b41741a82a2d15a841 # v3
analyze_unsafe:
if: github.repository == 'PaloAltoNetworks/docusaurus-openapi-docs' && needs.precheck.outputs.is-org-member-result == 'false'
name: Analyze Unsafe
needs: precheck
runs-on: ubuntu-latest
environment: default
permissions:
contents: read
security-events: write
strategy:
fail-fast: true
matrix:
language: ["javascript"]
steps:
- name: Checkout repository
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
with:
ref: ${{ github.event.pull_request.head.sha }}
- name: Initialize CodeQL
uses: github/codeql-action/init@1b549b9259bda1cb5ddde3b41741a82a2d15a841 # v3
with:
languages: ${{ matrix.language }}
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@1b549b9259bda1cb5ddde3b41741a82a2d15a841 # v3
build:
name: Build
needs: [analyze, analyze_unsafe]
if: |
github.repository == 'PaloAltoNetworks/docusaurus-openapi-docs' &&
!failure() && !cancelled() &&
(success('analyze') || success('analyze_unsafe'))
runs-on: ubuntu-latest
permissions:
contents: read
steps:
- name: Checkout repository
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
with:
ref: ${{ github.event.pull_request.head.sha }}
- name: Setup node
uses: actions/setup-node@cdca7365b2dadb8aad0a33bc7601856ffabcc48e # v4
with:
node-version: "20"
cache: "yarn"
- name: Install dependencies
run: yarn --prefer-offline
- name: Build packages
run: yarn build-packages
- name: Build site
run: yarn build-demo && zip -r build.zip demo/build
- uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4
with:
name: build
path: build.zip
deploy:
name: Deploy
needs: build
if: ${{ github.repository == 'PaloAltoNetworks/docusaurus-openapi-docs' && !failure() && !cancelled() }}
runs-on: ubuntu-latest
permissions:
contents: read
pull-requests: write
checks: write
id-token: write # <-- 1. ADDED PERMISSION
outputs:
preview_url: ${{ steps.deploy_preview.outputs.details_url }}
steps:
- name: Checkout repository
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
- name: Setup node
uses: actions/setup-node@cdca7365b2dadb8aad0a33bc7601856ffabcc48e # v4
with:
node-version: "20"
cache: "yarn"
# 2. ADDED AUTHENTICATION STEP
- name: Authenticate to Google Cloud
uses: google-github-actions/auth@v2
with:
workload_identity_provider: ${{ secrets.WIF_PROVIDER }}
service_account: ${{ secrets.WIF_SERVICE_ACCOUNT }}
- uses: actions/download-artifact@95815c8cf2ff2164869cbab79da8d1f422bc89e # v4
with:
name: build
- name: Unzip build artifact
run: unzip build.zip
# 3. MODIFIED DEPLOYMENT STEP
- name: Deploy to Firebase
id: deploy_preview
uses: FirebaseExtended/action-hosting-deploy@0cbcac4740c2bfb00d632f0b863b57713124eb5a # v0.9.0
with:
repoToken: "${{ secrets.GITHUB_TOKEN }}"
projectId: pandev
expires: 30d
channelId: "pr${{ github.event.number }}"
env:
FIREBASE_CLI_PREVIEWS: hostingchannels
visual_diff:
name: Visual Diff
needs: deploy
if: ${{ github.repository == 'PaloAltoNetworks/docusaurus-openapi-docs' && !failure() && !cancelled() }}
runs-on: ubuntu-latest
permissions:
contents: read
steps:
- name: Checkout repository
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
with:
ref: ${{ github.event.pull_request.head.sha }}
- name: Setup node
uses: actions/setup-node@cdca7365b2dadb8aad0a33bc7601856ffabcc48e # v4
with:
node-version: "20"
cache: "yarn"
- name: Install dependencies
run: yarn --prefer-offline
- name: Install Playwright
run: npx playwright install --with-deps chromium
- name: Run visual diff
run: yarn ts-node scripts/sitemap-visual-diff.ts --preview-url ${{ needs.deploy.outputs.preview_url }} --summary-file visual_diffs/results.json --concurrency 4 --paths "/tests/"
- name: Generate report and summary
run: yarn ts-node scripts/generate-visual-diff-report.ts visual_diffs/results.json visual_diffs/index.html
- uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4
if: always()
with:
name: visual_diffs
path: visual_diffs