Skip to content

🤖 Release PR

🤖 Release PR #5434

Workflow file for this run

# Create and deploy a build on all pull requests
name: PR Preview
on:
# use pull_request_target so that secrets accessible from fork
pull_request_target:
# Trigger when labels are changed or more commits added to a PR that contains labels
types: [labeled, synchronize]
# Only create a preview if changes have been made to the main src code or backend functions
paths:
- 'src/**'
- 'functions/**'
- 'packages/components/**'
- '.github/workflows/pr-preview.yml'
- 'package.json'
- 'yarn.lock'
jobs:
build_and_preview:
# NOTE - as we are going to check out and build from forks we also need to add manual
# check that malicious code has not been inserted. This is handled by manually labelling the PR
# https://securitylab.github.com/research/github-actions-preventing-pwn-requests
if: contains(github.event.pull_request.labels.*.name, 'Review allow-preview ✅')
runs-on: ubuntu-latest
continue-on-error: true
steps:
- uses: actions/checkout@v2
with:
# pull the repo from the pull request source, not the default local repo
ref: ${{ github.event.pull_request.head.sha }}
- uses: actions/setup-node@v3
with:
node-version: '18'
- name: Get yarn cache directory path
id: yarn-cache-dir-path
run: echo "::set-output name=dir::$(yarn config get cacheFolder)"
# Setup yarn 2 cache: https://github.com/actions/cache/blob/main/examples.md#node---yarn
- name: Setup Cache
uses: actions/cache@v2
id: yarn-cache # use this to check for `cache-hit` (`steps.yarn-cache.outputs.cache-hit != 'true'`)
with:
path: ${{ steps.yarn-cache-dir-path.outputs.dir }}
key: ${{ runner.os }}-yarn-${{ hashFiles('**/yarn.lock') }}
restore-keys: |
${{ runner.os }}-yarn-
- name: Install npm dependencies
run: yarn install --immutable
- name: Set environment variables
run: export REACT_APP_PROJECT_VERSION=${GITHUB_SHA}
- name: Check environment variables
run: echo $REACT_APP_PROJECT_VERSION
- name: Build for Preview
run: npm run build
env:
# currently some linting fails when CI mode enabled (warnings become errors)
# disable until fully resolved
CI: false
# specify the 'preview' site variant to populate the relevant firebase config
REACT_APP_SITE_VARIANT: preview
# The hosting-deploy action calls firebase tools via npx, however installing globally
# gives us control over what version will be made available
- name: Install firebase-tools globally
run: npm i -g firebase-tools
- uses: FirebaseExtended/action-hosting-deploy@v0
with:
repoToken: '${{ secrets.GITHUB_TOKEN }}'
# the details of the service account need to be populated to github secrets
# these must match the target projectId account
firebaseServiceAccount: '${{ secrets.ONEARMY_NEXT_FIREBASE_SERVICE_ACCOUNT }}'
expires: 30d
projectId: onearmy-next