Version Packages #32372
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Preview (build) | |
| on: | |
| pull_request: | |
| types: [opened, synchronize, reopened, closed] | |
| paths-ignore: | |
| - '.changeset/**' | |
| - 'contrib/**' | |
| - 'docs/**' | |
| - 'microsite/**' | |
| - 'beps/**' | |
| - 'scripts/**' | |
| - 'storybook/**' | |
| - '**/*.test.*' | |
| - '**/package.json' | |
| - '*.md' | |
| jobs: | |
| build-backstage: | |
| env: | |
| NODE_OPTIONS: --max-old-space-size=4096 | |
| UFFIZZI_URL: https://app.uffizzi.com | |
| name: Build PR image | |
| runs-on: ubuntu-latest | |
| if: ${{ github.event_name != 'pull_request' || github.event.action != 'closed' }} | |
| outputs: | |
| tags: ${{ steps.meta.outputs.tags }} | |
| steps: | |
| - name: Harden Runner | |
| uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4 # v2.7.1 | |
| with: | |
| egress-policy: audit | |
| - name: checkout | |
| uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 | |
| - name: setup-node | |
| uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 # v4.0.2 | |
| with: | |
| node-version: 18.x | |
| registry-url: https://registry.npmjs.org/ | |
| - name: yarn install | |
| uses: backstage/actions/yarn-install@af61233abb88019335b07ab855873d991f43d25a # v0.6.7 | |
| with: | |
| cache-prefix: linux-v18 | |
| - name: Use Uffizzi's backstage app config | |
| run: | | |
| cp -f ./.github/uffizzi/uffizzi.production.app-config.yaml ./app-config.yaml | |
| - name: backstage build | |
| run: | | |
| yarn workspace example-backend build | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@d70bba72b1f3fd22344832f00baa16ece964efeb # v3.3.0 | |
| - name: Generate UUID image name | |
| id: uuid | |
| run: echo "UUID_TAG_APP=backstage-$(uuidgen --time)" >> $GITHUB_ENV | |
| - name: Docker metadata | |
| id: meta | |
| uses: docker/metadata-action@8e5442c4ef9f78752691e2d8f8d19755c6f78e81 # v5.5.1 | |
| with: | |
| images: registry.uffizzi.com/${{ env.UUID_TAG_APP }} | |
| tags: type=raw,value=60d | |
| - name: Build Image | |
| uses: docker/build-push-action@2cdde995de11925a030ce8070c3d77a52ffcf1c0 # v5.3.0 | |
| with: | |
| context: . | |
| file: packages/backend/Dockerfile | |
| tags: ${{ steps.meta.outputs.tags }} | |
| labels: ${{ steps.meta.outputs.labels }} | |
| push: true | |
| cache-from: type=gha | |
| cache-to: type=gha,mode=max | |
| render-kustomize: | |
| name: Render Kustomize Manifests | |
| runs-on: ubuntu-latest | |
| needs: | |
| - build-backstage | |
| steps: | |
| - name: Harden Runner | |
| uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4 # v2.7.1 | |
| with: | |
| egress-policy: audit | |
| - name: Checkout git repo | |
| uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 | |
| - name: Render Compose File | |
| run: | | |
| # update image after the build above | |
| cd ./.github/uffizzi/k8s/manifests | |
| kustomize edit set image backstage=${{ needs.build-backstage.outputs.tags }} | |
| kustomize build . > manifests.rendered.yml | |
| cat manifests.rendered.yml | |
| - name: Upload Rendered Manifests File as Artifact | |
| uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4 | |
| with: | |
| name: preview-spec | |
| path: ./.github/uffizzi/k8s/manifests/manifests.rendered.yml | |
| retention-days: 2 | |
| overwrite: true | |
| - name: Upload PR Event as Artifact | |
| uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3 | |
| with: | |
| name: preview-spec | |
| path: ${{ github.event_path }} | |
| retention-days: 2 | |
| overwrite: true | |
| delete-preview: | |
| name: Call for Preview Deletion | |
| runs-on: ubuntu-latest | |
| if: ${{ github.event.action == 'closed' }} | |
| steps: | |
| - name: Harden Runner | |
| uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4 # v2.7.1 | |
| with: | |
| egress-policy: audit | |
| # If this PR is closing, we will not render a compose file nor pass it to the next workflow. | |
| - name: Upload PR Event as Artifact | |
| uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3 | |
| with: | |
| name: preview-spec | |
| path: ${{ github.event_path }} | |
| retention-days: 2 | |
| overwrite: true |