fix(xyz): update xyz build (#10866)

* fix(xyz): update xyz build - should fix live samples - clean up * feedback * use stage playground runners for xyz
mdn · Apr 8, 2024 · 51b39a9 · 51b39a9
1 parent 6f2e9d0
commit 51b39a9
Showing 1 changed file with 22 additions and 16 deletions.
diff --git a/.github/workflows/xyz-build.yml b/.github/workflows/xyz-build.yml
@@ -21,8 +21,6 @@ on:
     secrets:
       GCP_PROJECT_NAME:
         required: true
-      GCS_BUCKET:
-        required: true
       WIP_PROJECT_ID:
         required: true
 
@@ -117,20 +115,15 @@ jobs:
           # (aka. local development). Usually defaults are supposed to be for
           # secure production but this is an exception and default
           # is not insecure.
-          BUILD_LIVE_SAMPLES_BASE_URL: https://live-samples.developer.allizom.xyz
+          BUILD_LIVE_SAMPLES_BASE_URL: https://live.mdnyalp.dev
+          BUILD_LEGACY_LIVE_SAMPLES_BASE_URL: https://live.mdnyalp.dev
 
           # Use the stage version of interactive examples.
           BUILD_INTERACTIVE_EXAMPLES_BASE_URL: https://interactive-examples.mdn.allizom.net
 
           # Now is not the time to worry about flaws.
           BUILD_FLAW_LEVELS: "*:ignore"
 
-          # This is the Google Analytics account ID for developer.mozilla.org
-          # If it's used on other domains (e.g. stage or dev builds), it's OK
-          # because ultimately Google Analytics will filter it out since the
-          # origin domain isn't what that account expects.
-          BUILD_GOOGLE_ANALYTICS_MEASUREMENT_ID: UA-36116321-5
-
           # This enables the Plus call-to-action banner and the Plus landing page
           REACT_APP_ENABLE_PLUS: true
 
@@ -159,8 +152,10 @@ jobs:
           REACT_APP_NEWSLETTER_ENABLED: false
 
           # Placement
-          REACT_APP_PLACEMENT_ENABLED: true
+          REACT_APP_PLACEMENT_ENABLED: false
 
+          # Playground
+          REACT_APP_PLAYGROUND_BASE_HOST: mdnyalp.dev
         run: |
 
           # Info about which CONTENT_* environment variables were set and to what.
@@ -209,15 +204,27 @@ jobs:
 
       - name: Setup gcloud
         uses: google-github-actions/setup-gcloud@v2
-        with:
-          install_components: "beta"
 
-      - name: Sync build with GCS bucket
+      - name: Sync build
         if: ${{ ! vars.SKIP_BUILD }}
         run: |-
           gsutil -q -m -h "Cache-Control: public, max-age=3600" cp -r client/build/static gs://${{ vars.GCP_BUCKET_NAME }}/main/
           gsutil -q -m -h "Cache-Control: public, max-age=3600" rsync -cdrj html,json,txt -y "^static/" client/build gs://${{ vars.GCP_BUCKET_NAME }}/main
 
+      - name: Authenticate with GCP
+        if: ${{ ! vars.SKIP_FUNCTION }}
+        uses: google-github-actions/auth@v2
+        with:
+          token_format: access_token
+          service_account: deploy-xyz-yari@${{ secrets.GCP_PROJECT_NAME }}.iam.gserviceaccount.com
+          workload_identity_provider: projects/${{ secrets.WIP_PROJECT_ID }}/locations/global/workloadIdentityPools/github-actions/providers/github-actions
+
+      - name: Setup gcloud
+        if: ${{ ! vars.SKIP_FUNCTION }}
+        uses: google-github-actions/setup-gcloud@v2
+        with:
+          install_components: "beta"
+
       - name: Generate redirects map
         if: ${{ ! vars.SKIP_FUNCTION }}
         working-directory: cloud-function
@@ -246,7 +253,8 @@ jobs:
             --memory=2GB \
             --timeout=120s \
             --set-env-vars="ORIGIN_MAIN=developer.allizom.xyz" \
-            --set-env-vars="ORIGIN_LIVE_SAMPLES=live-samples.developer.allizom.xyz" \
+            --set-env-vars="ORIGIN_LIVE_SAMPLES=live.mdnyalp.dev" \
+            --set-env-vars="ORIGIN_PLAY=mdnyalp.dev" \
             --set-env-vars="SOURCE_CONTENT=https://storage.googleapis.com/${{ vars.GCP_BUCKET_NAME }}/main/" \
             --set-env-vars="SOURCE_API=https://api.developer.allizom.org/" \
             --set-env-vars="SENTRY_DSN=${{ secrets.SENTRY_DSN_CLOUD_FUNCTION }}" \
@@ -256,8 +264,6 @@ jobs:
             --set-secrets="KEVEL_SITE_ID=projects/${{ secrets.GCP_PROJECT_NAME }}/secrets/stage-kevel-site-id/versions/latest" \
             --set-secrets="KEVEL_NETWORK_ID=projects/${{ secrets.GCP_PROJECT_NAME }}/secrets/stage-kevel-network-id/versions/latest" \
             --set-secrets="SIGN_SECRET=projects/${{ secrets.GCP_PROJECT_NAME }}/secrets/stage-sign-secret/versions/latest" \
-            --set-secrets="CARBON_ZONE_KEY=projects/${{ secrets.GCP_PROJECT_NAME }}/secrets/stage-carbon-zone-key/versions/latest" \
-            --set-secrets="CARBON_FALLBACK_ENABLED=projects/${{ secrets.GCP_PROJECT_NAME }}/secrets/stage-fallback-enabled/versions/latest" \
             2>&1 | sed "s/^/[$region] /" &
             pids+=($!)
           done