diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index 836b8ec33..b7ea912a9 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -61,7 +61,7 @@ jobs: SUBDOMAIN: ${{ github.event_name == 'push' && github.ref_name || inputs.target_subdomain || 'main' }} steps: - uses: actions/checkout@v4 - - name: 📝 Update deployment status + - name: 📝 Update job summary env: FQDN: ${{ env.SUBDOMAIN && format('{0}.{1}', env.SUBDOMAIN, env.DOMAIN) || env.DOMAIN || 'openfront.dev' }} run: | @@ -71,6 +71,26 @@ jobs: Deploying from $GITHUB_REF to $FQDN EOF + - uses: actions/create-github-app-token@v2 + id: generate-token + if: ${{ github.repository == 'openfrontio/OpenFrontIO' }} + with: + app-id: ${{ vars.APP_ID }} + private-key: ${{ secrets.APP_PRIVATE_KEY }} + - name: Export the token + if: ${{ github.repository == 'openfrontio/OpenFrontIO' }} + env: + GH_TOKEN: ${{ steps.generate-token.outputs.token }} + run: | + echo "GH_TOKEN=$GH_TOKEN" >> $GITHUB_ENV + gh api octocat + - name: 📝 Create deployment + uses: chrnorm/deployment-action@v2 + id: deployment + with: + token: ${{ steps.generate-token.outputs.token }} + environment-url: https://${{ env.FQDN }} + environment: ${{ env.FQDN }} - name: 🔗 Log in to Docker Hub uses: docker/login-action@v3 with: @@ -131,25 +151,31 @@ jobs: echo "Deployment started in ${SECONDS} seconds" >> $GITHUB_STEP_SUMMARY echo "::endgroup::" - name: 🚀 Notify PR - if: ${{ success() && github.event_name == 'push' - && github.repository != 'openfrontio/OpenFrontIO' - }} + if: ${{ success() && github.event_name == 'push' }} env: - GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} + BRANCH: ${{ github.event_name == 'pull_request' && github.event.pull_request.head.ref || github.ref_name }} run: | set -euxo pipefail - if [ -z "$GH_TOKEN" ]; then - echo "No GH_TOKEN found, skipping" - exit 0; + if [ -z "${BRANCH}" ]; then + echo "Branch not found" + exit 1 fi - echo "Checking for open PR from $GITHUB_HEAD_REF..." - pr_url=$(gh pr list --head "$GITHUB_HEAD_REF" --state open --json url -q '.[0].url') + echo "Checking for open PR from $BRANCH..." + pr_url=$(gh pr list --head "$BRANCH" --state open --json url -q '.[0].url') if [ -z "$pr_url" ]; then - echo "No open PR found for branch $GITHUB_HEAD_REF" - exit 0; + echo "No open PR found for branch $BRANCH" + exit 0 fi gh pr comment "$pr_url" --body "🚀 Deployed ${GITHUB_SHA} to [$FQDN](https://$FQDN)." - name: ✅ Update deployment status + if: success() + uses: chrnorm/deployment-status@v2 + with: + token: ${{ steps.generate-token.outputs.token }} + environment-url: https://${{ env.FQDN }} + state: success + deployment-id: ${{ steps.deployment.outputs.deployment_id }} + - name: ✅ Update job summary if: success() run: | cat <> $GITHUB_STEP_SUMMARY @@ -158,6 +184,14 @@ jobs: Deployed from $GITHUB_REF to $FQDN EOF - name: ❌ Update deployment status + if: failure() + uses: chrnorm/deployment-status@v2 + with: + token: ${{ steps.generate-token.outputs.token }} + environment-url: https://${{ env.FQDN }} + state: failure + deployment-id: ${{ steps.deployment.outputs.deployment_id }} + - name: ❌ Update job summary if: failure() run: | cat <> $GITHUB_STEP_SUMMARY