products/rewards (PR from TinaCMS) (#4454) #2615
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Main - build and deploy | |
| on: | |
| push: | |
| branches: | |
| - main | |
| workflow_dispatch: | |
| concurrency: | |
| group: main | |
| permissions: | |
| id-token: write | |
| contents: read | |
| env: | |
| SOURCE_IMG: staging | |
| DESTINATION_IMG: production | |
| jobs: | |
| run-tests-and-coverage: | |
| name: Run tests & coverage | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: write | |
| steps: | |
| - uses: actions/checkout@v6 | |
| - uses: pnpm/action-setup@v4 | |
| with: | |
| package_json_file: package.json | |
| - name: Install dependencies | |
| run: pnpm install | |
| - name: Run Tests & Coverage | |
| run: pnpm test-and-coverage --outputFile=coverage-report.json | |
| - name: Generate Coverage Report for main Build | |
| id: coverage | |
| uses: ArtiomTr/jest-coverage-report-action@v2 | |
| with: | |
| github-token: ${{ secrets.GITHUB_TOKEN }} | |
| coverage-file: coverage-report.json | |
| base-coverage-file: coverage-report.json | |
| skip-step: all | |
| annotations: none | |
| output: report-markdown | |
| - name: Code Coverage Summary | |
| shell: pwsh | |
| run: | | |
| $report_content='${{ steps.coverage.outputs.report }}' | |
| "$report_content" | Out-File -FilePath $env:GITHUB_STEP_SUMMARY -Append | |
| build: | |
| name: Build and upload artifacts | |
| uses: ./.github/workflows/template-build.yml | |
| with: | |
| tag: staging | |
| secrets: inherit | |
| deploy-staging: | |
| name: Deploy to staging slot | |
| needs: build | |
| runs-on: ubuntu-latest | |
| environment: | |
| name: production | |
| url: ${{ steps.deploy.outputs.url }} | |
| permissions: | |
| id-token: write | |
| contents: read | |
| outputs: | |
| url: ${{ steps.deploy.outputs.url }} | |
| steps: | |
| - uses: actions/checkout@v6 | |
| - name: Load .env file | |
| uses: xom9ikk/dotenv@v2 | |
| with: | |
| path: ./.github | |
| - name: Deploy to staging | |
| id: deploy | |
| uses: ./.github/actions/deploy | |
| with: | |
| slot_name: staging | |
| AZURE_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }} | |
| AZURE_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }} | |
| AZURE_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION_ID }} | |
| AZURE_RESOURCE_GROUP: ${{ env.AZURE_RESOURCE_GROUP }} | |
| APP_SERVICE_NAME: ${{ env.APP_SERVICE_NAME }} | |
| ACR_LOGIN_SERVER: ${{ env.ACR_LOGIN_SERVER }} | |
| IMAGE_NAME: ${{ env.IMAGE_NAME }} | |
| AZURE_SERVICE_PRINCIPAL_OBJECT_ID: ${{ secrets.AZURE_SERVICE_PRINCIPAL_OBJECT_ID }} | |
| test: | |
| name: Run Playwright Tests | |
| needs: deploy-staging | |
| uses: ./.github/workflows/template-ui-tests.yml | |
| with: | |
| deploy_url: ${{ needs.deploy-staging.outputs.url }} | |
| tests_to_run: "images seo-noindex" # staging slot should not be indexed | |
| swap-staging: | |
| name: Swap staging with production | |
| needs: test | |
| outputs: | |
| app_service_prod_url: ${{ steps.swap.outputs.production_url }} | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v6 | |
| - name: Load .env file | |
| uses: xom9ikk/dotenv@v2 | |
| with: | |
| path: ./.github | |
| - name: Azure CLI - Login | |
| uses: azure/login@v2 | |
| with: | |
| client-id: ${{ secrets.AZURE_CLIENT_ID }} | |
| tenant-id: ${{ secrets.AZURE_TENANT_ID }} | |
| subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }} | |
| - name: ACR - Login | |
| run: | | |
| az acr login --name ${{ env.ACR_LOGIN_SERVER }} | |
| - name: Tag Production ACR Image | |
| run: | | |
| # Pull the staging image from ACR | |
| docker pull ${{ env.ACR_LOGIN_SERVER }}/${{ env.IMAGE_NAME }}:${{ env.SOURCE_IMG }} | |
| # Tag the Docker image with the production tag | |
| docker tag ${{ env.ACR_LOGIN_SERVER }}/${{ env.IMAGE_NAME }}:${{ env.SOURCE_IMG}} \ | |
| ${{ env.ACR_LOGIN_SERVER }}/${{ env.IMAGE_NAME }}:${{ env.DESTINATION_IMG }} | |
| - name: Push Production ACR Image | |
| run: | | |
| # Push the newly tagged image to ACR | |
| docker push ${{ env.ACR_LOGIN_SERVER }}/${{ env.IMAGE_NAME }}:${{ env.DESTINATION_IMG }} | |
| - name: ♻️ Swap slots | |
| id: swap | |
| run: | | |
| az webapp deployment slot swap \ | |
| --resource-group ${{ env.AZURE_RESOURCE_GROUP }} \ | |
| --name ${{ env.APP_SERVICE_NAME }} \ | |
| --slot staging \ | |
| --target-slot production | |
| # Fetch the production URL and store it as an output | |
| PROD_URL=$(az webapp show --resource-group ${{ env.AZURE_RESOURCE_GROUP }} --name ${{ env.APP_SERVICE_NAME }} --query "defaultHostName" -o tsv) | |
| # Debugging - print the extracted value | |
| echo "Extracted production URL: $PROD_URL" | |
| # Save to outputs | |
| echo "production_url=${PROD_URL}" >> $GITHUB_OUTPUT | |
| lighthouse-insights: | |
| name: Run Lighthouse Insights | |
| uses: ./.github/workflows/template-lighthouse.yml | |
| needs: swap-staging | |
| permissions: | |
| actions: write | |
| contents: write | |
| with: | |
| url: https://${{ needs.swap-staging.outputs.app_service_prod_url }} | |
| secrets: | |
| GH_APP_KEY: ${{ secrets.GH_APP_KEY }} |