diff --git a/.github/workflows/check-pull-request.yml b/.github/workflows/check-pull-request.yml new file mode 100644 index 0000000..a460cda --- /dev/null +++ b/.github/workflows/check-pull-request.yml @@ -0,0 +1,29 @@ +name: Check pull request +on: + pull_request: + types: + - opened + - reopened + - ready_for_review + - synchronize + +jobs: + check-pull-request: + runs-on: ubuntu-latest + steps: + - name: Check out repository code + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # pin@v4 + - name: Install Ruby + uses: ruby/setup-ruby@d4526a55538b775af234ba4af27118ed6f8f6677 # pin@v1 + with: + bundler-cache: true + - name: setup python + uses: actions/setup-python@65d7f2d534ac1bc67fcd62888c5f4f3d2cb2b236 # pin@v4 + - name: install linter + run: pip install vale==3.0.7 + - name: Vale configuration + run: vale sync + - name: Build + run: bundle exec middleman build --verbose + - name: Vale check + run: vale source/ diff --git a/.github/workflows/deploy-to-aws.yml b/.github/workflows/deploy-to-aws.yml new file mode 100644 index 0000000..ab4592b --- /dev/null +++ b/.github/workflows/deploy-to-aws.yml @@ -0,0 +1,43 @@ +name: AWS build and deploy + +on: + schedule: + - cron: '00 6 * * *' # deploy at 6am to get updated readmes + workflow_dispatch: + push: + branches: + - main + +defaults: + run: + shell: bash + +jobs: + deploy: + runs-on: ubuntu-latest + timeout-minutes: 60 + permissions: + id-token: write + contents: read + steps: + - name: Check out repository code + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # pin@v4 + - name: Install Ruby + uses: ruby/setup-ruby@22fdc77bf4148f810455b226c90fb81b5cbc00a7 # pin@v1 + with: + bundler-cache: true + - name: Install Gems + run: bundle install + + - name: Build + run: bundle exec middleman build + + - name: Upload to ECR and tag + uses: govuk-one-login/devplatform-upload-action-ecr@2670d3fde00e5e9eed187135e853f273763cab02 # pin@1.2.4 + with: + role-to-assume-arn: ${{ secrets.AWS_ROLE_TO_ASSUME }} + container-sign-kms-key-arn: ${{ secrets.CONTAINER_SIGN_KMS_KEY }} + ecr-repo-name: ${{ secrets.ECR_REPOSITORY }} + artifact-bucket-name: ${{ secrets.ARTIFACT_BUCKET }} + dockerfile: './DockerfileAWS' + checkout-repo: false