Skip to content

Handle platform specific provides yml #295

Handle platform specific provides yml

Handle platform specific provides yml #295

Workflow file for this run

name: cd
on:
push:
branches: main
workflow_dispatch:
concurrency:
group: publish
cancel-in-progress: true
# WARNING WARNING
# we do --size-only because there is no other easy strategy to ensure that
# we are not invalidating cloudfront for files that have not changed
# this is risky for `/index.html` which is why we go the extra mile
# and do a content hash check
jobs:
publish:
runs-on: ubuntu-latest
name: ${{ matrix.cfg.host }}
strategy:
matrix:
cfg:
- host: pkgx.dev
cfid: E15VQ3SI584CSG
s3id: www.pkgx.dev
- host: pkgx.sh
cfid: E8ZRC36XS5K65
s3id: www.pkgx.sh
- host: pkgx.app
cfid: EFLDW0FN49Z5Z
s3id: www.pkgx.app
- host: mash.pkgx.sh
cfid: E1H6XLDEJ08BJK
s3id: hub.pkgx.sh
steps:
- uses: actions/checkout@v4
- uses: aws-actions/configure-aws-credentials@v2
with:
aws-access-key-id: ${{ secrets.WWW_AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.WWW_AWS_SECRET_ACCESS_KEY }}
aws-region: us-east-2
- run: npm ci
- run: npm run build
env:
VITE_HOST: ${{ matrix.cfg.host }}
NODE_ENV: production
- name: determine paths to invalidate
run: |
aws s3 \
sync dist s3://${{ matrix.cfg.s3id }} \
--size-only \
--dryrun | \
awk '{print $3}' | \
sed 's/^dist//' > paths-to-invalidate.txt
- name: sync immutable assets
run: aws s3 sync
dist/assets
s3://${{ matrix.cfg.s3id }}/assets
--metadata-directive REPLACE
--cache-control max-age=31536000,immutable
--size-only
- name: sync mutable, cachable assets
run: aws s3
sync dist/ s3://${{ matrix.cfg.s3id }}
--exclude assets
--exclude index.html
--metadata-directive REPLACE
--cache-control max-age=86400
--size-only
- name: sync index.html
id: invalidate
run: |
aws s3 cp s3://${{ matrix.cfg.s3id }}/index.html ./index.html.remote
local_hash=$(shasum dist/index.html | awk '{print $1}')
remote_hash=$(shasum index.html.remote | awk '{print $1}')
if [ "$local_hash" != "$remote_hash" ]; then
aws s3 cp dist/index.html s3://${{ matrix.cfg.s3id }}/index.html \
--metadata-directive REPLACE \
--cache-control no-cache,must-revalidate
echo /index.html >> paths-to-invalidate.txt
fi
if [ -s paths-to-invalidate.txt ]; then
echo "status=proceed" >> $GITHUB_OUTPUT
fi
- name: invalidate
if: ${{ steps.invalidate.outputs.status == 'proceed' }}
run:
aws cloudfront
create-invalidation
--distribution-id ${{ matrix.cfg.cfid }}
--paths $(cat paths-to-invalidate.txt)
blog:
name: blog.pkgx.dev
runs-on: ubuntu-latest
defaults:
run:
working-directory: blog
steps:
- uses: aws-actions/configure-aws-credentials@v2
with:
aws-access-key-id: ${{ secrets.WWW_AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.WWW_AWS_SECRET_ACCESS_KEY }}
aws-region: us-east-2
- uses: actions/checkout@v4
- uses: pkgxdev/setup@v2
- run: pkgx hugo
- run: pkgx hugo deploy
indexer:
needs: publish
uses: ./.github/workflows/indexer.yml
secrets: inherit