-
Notifications
You must be signed in to change notification settings - Fork 37
79 lines (66 loc) · 2.54 KB
/
post_release.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
# This workflow is triggered when a workflow run of the "Release to Production" workflow is completed or when manually triggered.
# The primary purpose of this workflow is to build the site, copy the packs data and upload it as artifacts.
# The packs data can be used as a fallback when the Palette API cannot return a packs list.
# The CVE data is also uploaded as an artifact. That way it can be used in the event the internal Security API is down.
# Additional post release processing can be added to this workflow as needed.
name: Post Release Processing
on:
workflow_run:
workflows: ["Release to Production"]
types: [completed]
workflow_dispatch:
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
FULLSTORY_ORGID: ${{ secrets.FULLSTORY_ORGID }}
ALGOLIA_ADMIN_KEY: ${{ secrets.ALGOLIA_ADMIN_KEY }}
ALGOLIA_APP_ID: ${{ secrets.ALGOLIA_APP_ID }}
ALGOLIA_SEARCH_KEY: ${{ secrets.ALGOLIA_SEARCH_KEY }}
ALGOLIA_INDEX_NAME: ${{ secrets.ALGOLIA_INDEX_NAME }}
PALETTE_API_KEY: ${{ secrets.PALETTE_API_KEY }}
DISABLE_PACKS_INTEGRATIONS: ${{ secrets.DISABLE_PACKS_INTEGRATIONS }}
DISABLE_SECURITY_INTEGRATIONS: ${{ secrets.DISABLE_SECURITY_INTEGRATIONS }}
DSO_AUTH_TOKEN: ${{ secrets.DSO_AUTH_TOKEN }}
jobs:
create-assets:
name: asset-builds
runs-on: ubuntu-latest
steps:
- name: Checkout Repository
uses: actions/checkout@v4
- name: Setup Node.js Environment
uses: actions/setup-node@v4
with:
node-version: "20"
cache: "npm"
- name: Install Dependencies
run: npm ci
- name: Build
run: |
touch .env
make build-ci
- name: Build with cached packs
if: ${{ env.BUILD_EXIT_CODE == '5' }}
uses: ./.github/actions/build-cached-packs
with:
gh-token: ${{ secrets.GITHUB_TOKEN }}
- name: Build with cached CVEs
if: ${{ env.BUILD_EXIT_CODE == '7' }}
uses: ./.github/actions/build-cached-cves
with:
gh-token: ${{ secrets.GITHUB_TOKEN }}
- name: Upload Build Packs
uses: actions/upload-artifact@v4
with:
name: "build-packs"
path: |
build/packs
.docusaurus/packs-integrations
if-no-files-found: error
retention-days: 7
- name: Upload Built Security Bulletins
uses: actions/upload-artifact@v4
with:
name: "security-bulletins"
path: .docusaurus/security-bulletins/default/data.json
if-no-files-found: error
retention-days: 7