chore: prevent jsr modules to be published #788
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI | |
| on: | |
| push: | |
| branches: [main] | |
| pull_request: | |
| branches: [main] | |
| jobs: | |
| build: | |
| runs-on: ubuntu-20.04-xl | |
| env: | |
| AWS_DEFAULT_REGION: us-east-1 | |
| AWS_BACKUP_REGION: eu-central-1 | |
| GOOGLE_PROJECT_ID: test-project | |
| CI: true | |
| steps: | |
| - name: Setup Deno environment | |
| uses: denolib/setup-deno@v2.3.0 | |
| with: | |
| deno-version: v1.24.0 | |
| - uses: actions/checkout@v3 | |
| - name: Format | |
| run: | | |
| deno fmt --check | |
| cd terraform && terraform fmt -check -recursive | |
| - name: Lint | |
| run: deno lint --unstable | |
| - name: Set up Cloud SDK | |
| uses: google-github-actions/setup-gcloud@v1 | |
| with: | |
| install_components: "beta,cloud-datastore-emulator" | |
| - name: Run Datastore Emulator | |
| run: | | |
| gcloud config set project $GOOGLE_PROJECT_ID | |
| gcloud beta emulators datastore start --use-firestore-in-datastore-mode --host-port=0.0.0.0:8081 & | |
| sleep 5 | |
| echo "DATASTORE_HOST=http://localhost:8081" >> $GITHUB_ENV | |
| - name: Docker build | |
| run: make build | |
| - name: Test | |
| run: make test | |
| - name: Validate | |
| run: | | |
| terraform init -backend=false | |
| terraform validate | |
| working-directory: terraform | |
| - name: Push container to ECR (prod) | |
| if: github.ref == 'refs/heads/main' | |
| run: | | |
| ECR_ID=$(aws sts get-caller-identity --query Account --output text).dkr.ecr.$AWS_DEFAULT_REGION.amazonaws.com | |
| IMAGE_ID=$ECR_ID/deno_registry2:$GITHUB_RUN_ID | |
| aws ecr get-login-password --region $AWS_DEFAULT_REGION | docker login --username AWS --password-stdin $ECR_ID | |
| docker tag deno_registry2:latest $IMAGE_ID | |
| docker push $IMAGE_ID | |
| env: | |
| AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| - name: Authenticate with GCP (prod) | |
| if: github.ref == 'refs/heads/main' | |
| uses: google-github-actions/auth@v0 | |
| with: | |
| credentials_json: ${{ secrets.GCP_SA_KEY }} | |
| - name: Create terraform plan (prod) | |
| if: github.ref == 'refs/heads/main' | |
| run: | | |
| terraform init \ | |
| -backend-config "bucket=$TERRAFORM_STATE_BUCKET" \ | |
| -backend-config "region=$AWS_DEFAULT_REGION" | |
| terraform plan \ | |
| -var env=prod \ | |
| -var apiland_auth_token=${{ secrets.APILAND_AUTH_TOKEN }} \ | |
| -var aws_backup_region=$AWS_BACKUP_REGION \ | |
| -var aws_default_region=$AWS_DEFAULT_REGION \ | |
| -var docker_tag=$GITHUB_RUN_ID \ | |
| -var github_token=${{ secrets.GH_TOKEN }} \ | |
| -var google_client_email=${{ secrets.GOOGLE_CLIENT_EMAIL }} \ | |
| -var google_project_id=${{ secrets.GOOGLE_PROJECT_ID }} \ | |
| -var google_private_key_id=${{ secrets.GOOGLE_PRIVATE_KEY_ID }} \ | |
| -var "google_private_key=${{ secrets.GOOGLE_PRIVATE_KEY }}" \ | |
| -out plan.tfplan | |
| env: | |
| TERRAFORM_STATE_BUCKET: deno-registry2-prod-terraform-state-b3a31d16 | |
| AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| working-directory: terraform | |
| - name: Deploy infrastructure (prod) | |
| if: github.ref == 'refs/heads/main' | |
| run: terraform apply -parallelism=3 plan.tfplan | |
| env: | |
| AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| working-directory: terraform |