Move to test-community branch #20
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Deploy website on push | |
| on: | |
| push: | |
| branches: | |
| - main | |
| workflow_dispatch: | |
| # Check out fluxcd/website .github/workflows/netlify.yml | |
| # We should emulate this fully - it has a hook from the fluxcd/community | |
| # repository's github actions that enables community to trigger a deploy | |
| repository_dispatch: | |
| types: [trigger-workflow] | |
| # (That's what a repository_dispatch workflow is meant to be doing here) | |
| jobs: | |
| fermyon-deploy: | |
| permissions: | |
| # contents: write # Required for creating the GitHub release | |
| packages: write # Required for pushing to GitHub Container Registry | |
| id-token: write # Required for Cosign | |
| name: Deploy | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Get latest flux-docs | |
| uses: actions/checkout@v4 | |
| - name: Get fluxcd/website (test-community) | |
| uses: actions/checkout@v4 | |
| with: | |
| repository: fluxcd/website | |
| ref: test-community | |
| path: website | |
| # Prerequisites: | |
| - name: Setup Hugo | |
| uses: peaceiris/actions-hugo@v3 | |
| with: | |
| hugo-version: '0.122.0' | |
| extended: true | |
| - name: Setup Python | |
| uses: actions/setup-python@v5 | |
| with: | |
| python-version: '3.10' | |
| - name: Setup Go | |
| uses: actions/setup-go@v5 | |
| with: | |
| go-version: '^1.21.0' | |
| # Build: | |
| - name: Build content | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| run: | | |
| # make production-build URL=https://docs-fluxcd-website-6lrhgsuf.fermyon.app/ | |
| pushd website | |
| pip install -r requirements.txt | |
| hugo version; popd | |
| make build | |
| - name: Install Spin | |
| uses: fermyon/actions/spin/setup@v1 | |
| # Push: WASM | |
| - name: Push to OCI | |
| id: push | |
| uses: fermyon/actions/spin/push@v1 | |
| with: | |
| registry: ghcr.io | |
| registry_username: ${{ github.actor }} | |
| registry_password: ${{ secrets.GITHUB_TOKEN }} | |
| registry_reference: "ghcr.io/kingdon-ci/flux-docs/build:${{ github.run_id }}-2" | |
| manifest_file: spin.toml | |
| # Deploy: | |
| - name: Deploy to Fermyon Cloud | |
| uses: fermyon/actions/spin/deploy@v1 | |
| with: | |
| fermyon_token: ${{ secrets.FERMYON_CLOUD_TOKEN }} | |
| run_build: false | |
| - name: Set up Flux CLI | |
| uses: fluxcd/flux2/[email protected] | |
| # Update: Kubernetes manifests | |
| - name: Set Image (Kustomize SpinApp) | |
| run: | | |
| pushd deploy/spin-app | |
| kustomize edit set image flux-docs/build=ghcr.io/kingdon-ci/flux-docs/build:${{ github.run_id }}-2 | |
| popd | |
| # Login: GHCR | |
| - name: Login to GitHub Container Registry | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| # Push: Kubernetes (Flux App) | |
| - name: Push manifests | |
| run: | | |
| flux push artifact \ | |
| oci://ghcr.io/kingdon-ci/flux-docs/manifests:latest \ | |
| --path=deploy \ | |
| --source=${{ github.repositoryUrl }} \ | |
| --revision="${{ github.ref_name }}@sha1:${{ github.sha }}" \ | |
| --annotations='org.opencontainers.image.description=Fluxcd.io website SpinKube manifests' | |
| - name: Install cosign | |
| uses: sigstore/[email protected] | |
| - name: Cosign version | |
| run: cosign version | |
| # Sign: Kubernetes manifests | |
| - name: Sign OCI YAML manifests | |
| run: | | |
| # keyless mode | |
| cosign sign ghcr.io/kingdon-ci/flux-docs/manifests:latest -y | |
| # Sign: Spin app OCI artifact | |
| - name: Sign OCI WASM artifact | |
| run: | | |
| # keyless mode | |
| cosign sign ghcr.io/kingdon-ci/flux-docs/build:${{ github.run_id }}-2 -y |