From c28586efa4234b458cfa0e0effd4a3e136f71871 Mon Sep 17 00:00:00 2001 From: Maxcastel Date: Wed, 15 Apr 2026 15:28:14 +0200 Subject: [PATCH] feat: temporarily disable rules to build on PRs --- .github/workflows/build.yml | 53 +++++++++++++++++++------------------ .github/workflows/cd.yml | 24 +++-------------- pwa/Dockerfile | 18 ++++++------- 3 files changed, 39 insertions(+), 56 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index c571360d6..b67a183ac 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -23,13 +23,13 @@ on: secrets: gke-credentials: description: Google Kubernetes Engine Credentials as JSON - required: true + required: false gke-project: description: Google Kubernetes Engine Project - required: true + required: false gh-key: description: GitHub Key - required: true + required: false outputs: version: description: The Docker Image Version @@ -52,22 +52,26 @@ jobs: uses: docker/setup-buildx-action@v3 - name: Auth gcloud id: auth + if: inputs.push uses: google-github-actions/auth@v2 with: token_format: access_token credentials_json: ${{ secrets.gke-credentials }} - name: Login to GAR + if: inputs.push uses: docker/login-action@v3 with: registry: europe-west1-docker.pkg.dev username: oauth2accesstoken password: ${{ steps.auth.outputs.access_token }} - name: Configure gcloud + if: inputs.push run: | gcloud --quiet auth configure-docker gcloud container clusters get-credentials ${{ inputs.gke-cluster }} --zone ${{ inputs.gke-zone }} - name: Docker metadata id: docker-metadata + if: inputs.push uses: docker/metadata-action@v4 with: images: europe-west1-docker.pkg.dev/${{ secrets.gke-project }}/website/php @@ -81,13 +85,9 @@ jobs: target: php_prod pull: true push: ${{ inputs.push }} - tags: ${{ steps.docker-metadata.outputs.tags }} - labels: ${{ steps.docker-metadata.outputs.labels }} - cache-from: | - type=registry,ref=europe-west1-docker.pkg.dev/${{ secrets.gke-project }}/website/caddy:latest - type=registry,ref=europe-west1-docker.pkg.dev/${{ secrets.gke-project }}/website/php:latest - type=registry,ref=europe-west1-docker.pkg.dev/${{ secrets.gke-project }}/website/caddy:${{ github.sha }} - type=registry,ref=europe-west1-docker.pkg.dev/${{ secrets.gke-project }}/website/php:${{ github.sha }} + tags: ${{ inputs.push && steps.docker-metadata.outputs.tags || '' }} + labels: ${{ inputs.push && steps.docker-metadata.outputs.labels || '' }} + cache-from: ${{ inputs.push && format('type=registry,ref=europe-west1-docker.pkg.dev/{0}/website/php:latest', secrets.gke-project) || '' }} cache-to: type=inline outputs: version: ${{ github.sha }} @@ -109,22 +109,26 @@ jobs: uses: docker/setup-buildx-action@v3 - name: Auth gcloud id: auth + if: inputs.push uses: google-github-actions/auth@v2 with: token_format: access_token credentials_json: ${{ secrets.gke-credentials }} - name: Login to GAR + if: inputs.push uses: docker/login-action@v3 with: registry: europe-west1-docker.pkg.dev username: oauth2accesstoken password: ${{ steps.auth.outputs.access_token }} - name: Configure gcloud + if: inputs.push run: | gcloud --quiet auth configure-docker gcloud container clusters get-credentials ${{ inputs.gke-cluster }} --zone ${{ inputs.gke-zone }} - name: Docker metadata id: docker-metadata + if: inputs.push uses: docker/metadata-action@v4 with: images: europe-west1-docker.pkg.dev/${{ secrets.gke-project }}/website/caddy @@ -138,13 +142,9 @@ jobs: target: caddy_prod pull: true push: ${{ inputs.push }} - tags: ${{ steps.docker-metadata.outputs.tags }} - labels: ${{ steps.docker-metadata.outputs.labels }} - cache-from: | - type=registry,ref=europe-west1-docker.pkg.dev/${{ secrets.gke-project }}/website/caddy:latest - type=registry,ref=europe-west1-docker.pkg.dev/${{ secrets.gke-project }}/website/php:latest - type=registry,ref=europe-west1-docker.pkg.dev/${{ secrets.gke-project }}/website/caddy:${{ github.sha }} - type=registry,ref=europe-west1-docker.pkg.dev/${{ secrets.gke-project }}/website/php:${{ github.sha }} + tags: ${{ inputs.push && steps.docker-metadata.outputs.tags || '' }} + labels: ${{ inputs.push && steps.docker-metadata.outputs.labels || '' }} + cache-from: ${{ inputs.push && format('type=registry,ref=europe-west1-docker.pkg.dev/{0}/website/caddy:latest', secrets.gke-project) || '' }} cache-to: type=inline outputs: version: ${{ github.sha }} @@ -166,22 +166,26 @@ jobs: uses: docker/setup-buildx-action@v3 - name: Auth gcloud id: auth + if: inputs.push uses: google-github-actions/auth@v2 with: token_format: access_token credentials_json: ${{ secrets.gke-credentials }} - name: Login to GAR + if: inputs.push uses: docker/login-action@v3 with: registry: europe-west1-docker.pkg.dev username: oauth2accesstoken password: ${{ steps.auth.outputs.access_token }} - name: Configure gcloud + if: inputs.push run: | gcloud --quiet auth configure-docker gcloud container clusters get-credentials ${{ inputs.gke-cluster }} --zone ${{ inputs.gke-zone }} - name: Docker metadata id: docker-metadata + if: inputs.push uses: docker/metadata-action@v4 with: images: europe-west1-docker.pkg.dev/${{ secrets.gke-project }}/website/pwa @@ -189,12 +193,11 @@ jobs: type=raw,value=${{ github.sha }},priority=9999 ${{ inputs.tags }} - name: Define URL - run: | + run: | set -o pipefail if [[ "${{ github.ref }}" == 'refs/heads/main' ]]; then echo "URL=api-platform.com" >> "$GITHUB_ENV" else - CONTEXT=nonprod if [ "$GITHUB_EVENT_NAME" == "pull_request" ]; then export RELEASE_NAME=pr-$(jq --raw-output .pull_request.number "$GITHUB_EVENT_PATH") else @@ -203,19 +206,17 @@ jobs: echo "URL=$RELEASE_NAME.apip.preprod-tilleuls.ovh" >> "$GITHUB_ENV" fi - name: Build and push - uses: docker/build-push-action@v4 + uses: docker/build-push-action@v4 with: context: ./pwa target: prod pull: true push: ${{ inputs.push }} - tags: ${{ steps.docker-metadata.outputs.tags }} - labels: ${{ steps.docker-metadata.outputs.labels }} + tags: ${{ inputs.push && steps.docker-metadata.outputs.tags || '' }} + labels: ${{ inputs.push && steps.docker-metadata.outputs.labels || '' }} build-args: | - NEXT_ROOT_URL=${{ env.URL }} - cache-from: | - type=registry,ref=europe-west1-docker.pkg.dev/${{ secrets.gke-project }}/website/pwa:latest - type=registry,ref=europe-west1-docker.pkg.dev/${{ secrets.gke-project }}/website/pwa:${{ github.sha }} + NEXT_ROOT_URL=${{ env.URL }} + cache-from: ${{ inputs.push && format('type=registry,ref=europe-west1-docker.pkg.dev/{0}/website/pwa:latest', secrets.gke-project) || '' }} cache-to: type=inline secrets: | "GITHUB_KEY=${{ secrets.gh-key }}" diff --git a/.github/workflows/cd.yml b/.github/workflows/cd.yml index c853606c3..c09724fea 100644 --- a/.github/workflows/cd.yml +++ b/.github/workflows/cd.yml @@ -3,36 +3,19 @@ name: CD on: workflow_dispatch: ~ push: - branches: - - main - - staging - # Deploy if "deploy" label exists - pull_request: - types: [ reopened, synchronize, labeled ] + pull_request: ~ # Do not use concurrency to prevent simultaneous helm deployments jobs: - remove-deploy-label: - name: Remove deploy label - if: github.event_name == 'pull_request' && contains(github.event.pull_request.labels.*.name, 'deploy') - runs-on: ubuntu-latest - steps: - - uses: mondeja/remove-labels-gh-action@v1 - with: - token: ${{ secrets.GITHUB_TOKEN }} - labels: | - deploy - build: name: Build - if: github.event_name != 'pull_request' || (github.event_name == 'pull_request' && contains(github.event.pull_request.labels.*.name, 'deploy')) uses: ./.github/workflows/build.yml with: tags: | type=ref,event=pr,prefix=pr-,priority=1000 type=edge,branch=$repo.default_branch,priority=900 type=raw,value=latest,enable={{is_default_branch}},priority=900 - push: true + push: ${{ github.event_name != 'pull_request' }} gke-cluster: api-platform-demo gke-zone: europe-west1-c secrets: @@ -40,11 +23,10 @@ jobs: gke-project: ${{ secrets.GKE_PROJECT }} gh-key: ${{ secrets.GH_KEY }} - deploy: name: Deploy needs: [ build ] - if: github.event_name != 'pull_request' || (github.event_name == 'pull_request' && contains(github.event.pull_request.labels.*.name, 'deploy')) + if: github.event_name != 'pull_request' uses: ./.github/workflows/deploy.yml with: environment: prod diff --git a/pwa/Dockerfile b/pwa/Dockerfile index 3f4ce60d1..dafe85df6 100644 --- a/pwa/Dockerfile +++ b/pwa/Dockerfile @@ -78,26 +78,26 @@ ENV NEXT_ROOT_URL=$NEXT_ROOT_URL # RUN echo $NEXT_ROOT_URL RUN --mount=type=secret,id=GITHUB_KEY \ - export GITHUB_KEY=$(cat /run/secrets/GITHUB_KEY) ; \ + export GITHUB_KEY=$(cat /run/secrets/GITHUB_KEY 2>/dev/null || true) ; \ if [ -z "$GITHUB_KEY" ]; then \ - echo "Please set the GITHUB_KEY secret" && exit 1 ; \ - fi \ + echo "Warning: GITHUB_KEY not set, contributors data may be incomplete" ; \ + fi \ && npm i ts-node && npm run prebuild # ADD https://soyuka.me/contributors.json ./data/contributors.json RUN --mount=type=secret,id=GITHUB_KEY \ - export GITHUB_KEY=$(cat /run/secrets/GITHUB_KEY) ; \ + export GITHUB_KEY=$(cat /run/secrets/GITHUB_KEY 2>/dev/null || true) ; \ if [ -z "$GITHUB_KEY" ]; then \ - echo "Please set the GITHUB_KEY secret" && exit 1 ; \ - fi \ + echo "Warning: GITHUB_KEY not set, contributors data may be incomplete" ; \ + fi \ && npx next telemetry disable && pnpm run build RUN --mount=type=secret,id=GITHUB_KEY \ - export GITHUB_KEY=$(cat /run/secrets/GITHUB_KEY) ; \ + export GITHUB_KEY=$(cat /run/secrets/GITHUB_KEY 2>/dev/null || true) ; \ if [ -z "$GITHUB_KEY" ]; then \ - echo "Please set the GITHUB_KEY secret" && exit 1 ; \ - fi \ + echo "Warning: GITHUB_KEY not set, contributors data may be incomplete" ; \ + fi \ && npm i ts-node && npm run postbuild # Production image, copy all the files and run next