netboot.xyz/.github/workflows/rolling.yml

name: rolling

on:
  push:
    paths:
      - 'endpoints.yml'
      - 'roles/netbootxyz/defaults/main.yml'
    branches:
      - development

env:
  DISCORD_HOOK_URL: ${{ secrets.DISCORD_HOOK_URL }}
  GITHUB_SHA: ${{ github.sha }}

jobs:
  rolling:
    name: Build Release
    runs-on: ubuntu-latest
    steps:
    - uses: actions/checkout@v2
      with:
        ref: 'master'

    - name: Retrieve Certs
      run: |
        ./script/retrieve_certs
      env:
        GIT_USER: ${{ secrets.GIT_USER }}
        GIT_AUTH: ${{ secrets.GIT_AUTH }}
        GIT_URL: ${{ secrets.GIT_URL }}
        CERTS_KEY: ${{ secrets.CERTS_KEY }}

    - name: Set Release Tag
      run: echo "release_tag=$(cat version.txt)" >> $GITHUB_ENV

    - name: Download endpoints.yml and main.yml from Development
      run: |
        wget https://raw.githubusercontent.com/netbootxyz/netboot.xyz/development/endpoints.yml -O endpoints.yml
        wget https://raw.githubusercontent.com/netbootxyz/netboot.xyz/development/roles/netbootxyz/defaults/main.yml -O roles/netbootxyz/defaults/main.yml

    - name: Build release
      run: |
        ./script/build_release rolling

    - name: Configure AWS credentials
      uses: aws-actions/configure-aws-credentials@v1
      with:
        aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
        aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
        aws-region: ${{ secrets.AWS_ACCESS_REGION }}

    - name: Deploy master to rolling bucket
      run: |
        aws s3 sync --no-progress --acl public-read s3out-latest s3://${{ secrets.AWS_S3_BUCKET_PROD }}

    - name: Invalidate Cloudfront
      run: |
        aws cloudfront create-invalidation --distribution-id ${{ secrets.CLOUDFRONT_DIST_ID_PROD }} --paths "/*" "/ipxe/*"

    - name: Notify Discord on failure
      if: failure()
      run: |
        ./script/message failure

    - name: Notify Discord on completion
      if: success()
      run: |
        ./script/message rolling-push