Fix deployment for staging and prod

entur · Mar 14, 2023 · f48b695 · f48b695
1 parent 306e41e
commit f48b695
Show file tree

Hide file tree

Showing 3 changed files with 136 additions and 0 deletions.
diff --git a/.firebaserc b/.firebaserc
@@ -15,6 +15,20 @@
           "ent-ror-abzu-dev"
         ]
       }
+    },
+    "ent-ror-abzu-tst": {
+      "hosting": {
+        "staging": [
+          "ent-ror-abzu-tst"
+        ]
+      }
+    },
+    "ent-ror-abzu-prd": {
+      "hosting": {
+        "prod": [
+          "ent-ror-abzu-prd"
+        ]
+      }
     }
   },
   "etags": {}

diff --git a/.github/workflows/build_and_deploy.yml b/.github/workflows/build_and_deploy.yml
@@ -104,6 +104,7 @@ jobs:
           firebaseServiceAccount: '${{ secrets.FIREBASE_SERVICE_ACCOUNT_ENT_ROR_ABZU_TST }}'
           channelId: live
           projectId: ent-ror-abzu-tst
+          target: staging
   deploy_prod:
     runs-on: ubuntu-latest
     needs: [deploy_dev, deploy_staging]
@@ -120,3 +121,4 @@ jobs:
           firebaseServiceAccount: '${{ secrets.FIREBASE_SERVICE_ACCOUNT_ENT_ROR_ABZU_PRD }}'
           channelId: live
           projectId: ent-ror-abzu-prd
+          target: prod
diff --git a/firebase.json b/firebase.json
@@ -119,6 +119,126 @@
           ]
         }
       ]
+    },
+    {
+      "target": "staging",
+      "public": "build",
+      "ignore": [
+        "firebase.json",
+        "**/.*",
+        "**/node_modules/**"
+      ],
+      "rewrites": [
+        {
+          "source": "**",
+          "destination": "/index.html"
+        }
+      ],
+      "headers": [
+        {
+          "source": "**",
+          "headers": [
+            {
+              "key": "X-Content-Type-Options",
+              "value": "nosniff"
+            },
+            {
+              "key": "X-XSS-Protection",
+              "value": "0"
+            },
+            {
+              "key": "X-Frame-Options",
+              "value": "DENY"
+            },
+            {
+              "key": "Content-Security-Policy",
+              "value": "default-src 'self'; script-src 'self' maps.googleapis.com; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com; object-src 'none'; base-uri 'self'; connect-src 'self' api.dev.entur.io api.staging.entur.io api.entur.io maps.googleapis.com *.ingest.sentry.io ror-entur-dev.eu.auth0.com ror-entur-staging.eu.auth0.com auth2.entur.org; font-src 'self' fonts.gstatic.com; frame-src 'self' ror-entur-dev.eu.auth0.com ror-entur-staging.eu.auth0.com auth2.entur.org; img-src 'self' data: *.tile.openstreetmap.org cdnjs.cloudflare.com opencache.statkart.no gatekeeper1.geonorge.no *.googleapis.com maps.gstatic.com; manifest-src 'self'; media-src 'self'; worker-src 'none'; form-action 'none'; frame-ancestors 'none'; upgrade-insecure-requests; report-uri https://o209253.ingest.sentry.io/api/1354790/security/?sentry_key=2c74afd3e84f4dbf94232421f6b3f5dc"
+            },
+            {
+              "key": "Referrer-Policy",
+              "value": "strict-origin-when-cross-origin"
+            }
+          ]
+        },
+        {
+          "source": "**",
+          "headers": [
+            {
+              "key": "Cache-Control",
+              "value": "max-age=60"
+            }
+          ]
+        },
+        {
+          "source": "**/*.@(eot|otf|ttf|ttc|woff|woff2|css|js|map|json)",
+          "headers": [
+            {
+              "key": "Cache-Control",
+              "value": "max-age=31536000"
+            }
+          ]
+        }
+      ]
+    },
+    {
+      "target": "prod",
+      "public": "build",
+      "ignore": [
+        "firebase.json",
+        "**/.*",
+        "**/node_modules/**"
+      ],
+      "rewrites": [
+        {
+          "source": "**",
+          "destination": "/index.html"
+        }
+      ],
+      "headers": [
+        {
+          "source": "**",
+          "headers": [
+            {
+              "key": "X-Content-Type-Options",
+              "value": "nosniff"
+            },
+            {
+              "key": "X-XSS-Protection",
+              "value": "0"
+            },
+            {
+              "key": "X-Frame-Options",
+              "value": "DENY"
+            },
+            {
+              "key": "Content-Security-Policy",
+              "value": "default-src 'self'; script-src 'self' maps.googleapis.com; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com; object-src 'none'; base-uri 'self'; connect-src 'self' api.dev.entur.io api.staging.entur.io api.entur.io maps.googleapis.com *.ingest.sentry.io ror-entur-dev.eu.auth0.com ror-entur-staging.eu.auth0.com auth2.entur.org; font-src 'self' fonts.gstatic.com; frame-src 'self' ror-entur-dev.eu.auth0.com ror-entur-staging.eu.auth0.com auth2.entur.org; img-src 'self' data: *.tile.openstreetmap.org cdnjs.cloudflare.com opencache.statkart.no gatekeeper1.geonorge.no *.googleapis.com maps.gstatic.com; manifest-src 'self'; media-src 'self'; worker-src 'none'; form-action 'none'; frame-ancestors 'none'; upgrade-insecure-requests; report-uri https://o209253.ingest.sentry.io/api/1354790/security/?sentry_key=2c74afd3e84f4dbf94232421f6b3f5dc"
+            },
+            {
+              "key": "Referrer-Policy",
+              "value": "strict-origin-when-cross-origin"
+            }
+          ]
+        },
+        {
+          "source": "**",
+          "headers": [
+            {
+              "key": "Cache-Control",
+              "value": "max-age=60"
+            }
+          ]
+        },
+        {
+          "source": "**/*.@(eot|otf|ttf|ttc|woff|woff2|css|js|map|json)",
+          "headers": [
+            {
+              "key": "Cache-Control",
+              "value": "max-age=31536000"
+            }
+          ]
+        }
+      ]
     }
   ]
 }