-
Notifications
You must be signed in to change notification settings - Fork 0
54 lines (45 loc) · 2.05 KB
/
nix-github-actions.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
name: Nix Flake actions
on:
pull_request:
push:
branches:
- master
- main
jobs:
build:
permissions:
contents: 'read'
id-token: 'write'
packages: 'read'
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
fetch-depth: '0'
- id: 'auth'
uses: 'google-github-actions/auth@v1'
with:
workload_identity_provider: 'projects/43005639550/locations/global/workloadIdentityPools/github/providers/github'
service_account: 'github-uploader@www-cartman-fi.iam.gserviceaccount.com'
token_format: 'access_token'
- uses: cachix/install-nix-action@v27
- run: nix build path:.
# We're using above, so that we can have access to .git in derivation
#- run: nix build .
- name: 'Set up Cloud SDK'
uses: 'google-github-actions/setup-gcloud@v1'
with:
version: '>= 416.0.0'
skip_install: true
- name: Upload
run: cd result; gsutil -m rsync -d -r . gs://www-cartman-handbook-prod
- name: Set metadata
run: |
gsutil -m setmeta -h "Cache-Control:public, max-age=120, s-maxage=120" -h "Content-Language:en" "gs://www-cartman-handbook-prod/**/*.html" && \
gsutil -m setmeta -h "Cache-Control:public, max-age=7200, s-maxage=7200" "gs://www-cartman-handbook-prod/**/*.css" && \
gsutil -m setmeta -h "Cache-Control:public, max-age=3600, s-maxage=7200" "gs://www-cartman-handbook-prod/**/*.png" || true && \
gsutil -m setmeta -h "Cache-Control:public, max-age=3600, s-maxage=7200" "gs://www-cartman-handbook-prod/**/*.jpg" || true && \
gsutil -m setmeta -h "Cache-Control:public, max-age=3600, s-maxage=7200" "gs://www-cartman-handbook-prod/**/*.svg" || true && \
gsutil -m setmeta -h "Cache-Control:public, max-age=3600, s-maxage=7200" "gs://www-cartman-handbook-prod/**/*.json" || true
- name: Invalidate CDN cache
run: gcloud --project www-cartman-fi compute url-maps invalidate-cdn-cache site --path "/*" --async