fix(deps): update all minor updates #527
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build and Push | |
| on: | |
| push: | |
| branches: | |
| - main | |
| - develop | |
| # DO NOT use pull_request_target, use pull_request | |
| pull_request: | |
| branches: | |
| - main | |
| - develop | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.ref }}-build | |
| cancel-in-progress: true | |
| jobs: | |
| frontend: | |
| runs-on: ubuntu-24.04 | |
| permissions: | |
| contents: 'read' | |
| id-token: 'write' | |
| timeout-minutes: 10 | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Use mise | |
| run: | | |
| curl https://mise.run | sh | |
| echo "$HOME/.local/share/mise/bin" >> $GITHUB_PATH | |
| echo "$HOME/.local/share/mise/shims" >> $GITHUB_PATH | |
| - uses: 'google-github-actions/auth@v2' | |
| with: | |
| # use permissions above | |
| # see: https://github.com/google-github-actions/auth/blob/main/docs/EXAMPLES.md | |
| project_id: 'advena-dev' | |
| workload_identity_provider: 'projects/38358387786/locations/global/workloadIdentityPools/github/providers/my-repo' | |
| service_account: '[email protected]' | |
| - name: 'Set up Cloud SDK' | |
| uses: 'google-github-actions/setup-gcloud@v2' | |
| with: | |
| version: '>= 363.0.0' | |
| - name: 'Use gcloud CLI' | |
| run: 'gcloud info' | |
| - name: 'Authorize Docker push' | |
| run: gcloud auth configure-docker us-central1-docker.pkg.dev | |
| - name: Set up Node | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: '22.14.0' | |
| cache: 'npm' | |
| cache-dependency-path: ./frontend/web/pnpm-lock.yaml | |
| - name: Install pnpm | |
| run: npm install -g pnpm | |
| - name: Install dependencies | |
| run: mise exec -- pnpm install | |
| working-directory: ./frontend/web | |
| - name: Run build dev | |
| if: github.ref == 'refs/heads/develop' | |
| run: | | |
| set -eo pipefail | |
| mise run fe:build:dev | |
| working-directory: ./frontend/web | |
| env: # use dotenvx .env.keys for Next.js build with protected github option (allow hironow, and select non-hironow, actions and reusable workflows) | |
| DOTENV_PRIVATE_KEY_DEV: ${{ secrets.FRONTEND_WEB_DOTENV_PRIVATE_KEY_DEV }} | |
| - name: Run build prd | |
| if: github.ref == 'refs/heads/main' | |
| run: | | |
| set -eo pipefail | |
| mise run fe:build:prd | |
| working-directory: ./frontend/web | |
| env: # use dotenvx .env.keys for Next.js build with protected github option | |
| DOTENV_PRIVATE_KEY_PRD: ${{ secrets.FRONTEND_WEB_DOTENV_PRIVATE_KEY_PRD }} | |
| - name: Run push dev | |
| if: github.ref == 'refs/heads/develop' | |
| run: | | |
| set -eo pipefail | |
| mise run fe:push:dev | |
| working-directory: ./frontend/web | |
| - name: Run push prd | |
| if: github.ref == 'refs/heads/main' | |
| run: | | |
| set -eo pipefail | |
| mise run fe:push:prd | |
| working-directory: ./frontend/web | |
| backend: | |
| runs-on: ubuntu-24.04 | |
| permissions: | |
| contents: 'read' | |
| id-token: 'write' | |
| timeout-minutes: 10 | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Use mise | |
| run: | | |
| curl https://mise.run | sh | |
| echo "$HOME/.local/share/mise/bin" >> $GITHUB_PATH | |
| echo "$HOME/.local/share/mise/shims" >> $GITHUB_PATH | |
| - uses: 'google-github-actions/auth@v2' | |
| with: | |
| # use permissions above | |
| project_id: 'advena-dev' | |
| workload_identity_provider: 'projects/38358387786/locations/global/workloadIdentityPools/github/providers/my-repo' | |
| service_account: '[email protected]' | |
| - name: 'Set up Cloud SDK' | |
| uses: 'google-github-actions/setup-gcloud@v2' | |
| with: | |
| version: '>= 363.0.0' | |
| - name: 'Use gcloud CLI' | |
| run: 'gcloud info' | |
| - name: 'Authorize Docker push' | |
| run: gcloud auth configure-docker us-central1-docker.pkg.dev | |
| - name: Install uv | |
| uses: astral-sh/setup-uv@v5 | |
| with: | |
| enable-cache: true | |
| cache-dependency-glob: ./backend/genai/uv.lock | |
| - name: Set up Python | |
| uses: actions/setup-python@v5 | |
| with: | |
| python-version: '3.13' | |
| - name: Install dependencies | |
| run: mise exec -- uv sync --frozen | |
| working-directory: ./backend/genai | |
| - name: Run build dev | |
| if: github.ref == 'refs/heads/develop' | |
| run: | | |
| set -eo pipefail | |
| mise run be:build:dev | |
| working-directory: ./backend/genai | |
| # not use dotenvx .env.keys for build | |
| - name: Run build prd | |
| if: github.ref == 'refs/heads/main' | |
| run: | | |
| set -eo pipefail | |
| mise run be:build:prd | |
| working-directory: ./backend/genai | |
| # not use dotenvx .env.keys for build | |
| - name: Run push dev | |
| if: github.ref == 'refs/heads/develop' | |
| run: | | |
| set -eo pipefail | |
| mise run be:push:dev | |
| working-directory: ./backend/genai | |
| - name: Run push prd | |
| if: github.ref == 'refs/heads/main' | |
| run: | | |
| set -eo pipefail | |
| mise run be:push:prd | |
| working-directory: ./backend/genai |