.github/workflows/deploy.yml
name: deploy
on:
workflow_run:
workflows: [ci]
types: [completed]
branches: [master]
workflow_dispatch: {}
concurrency:
group: deploy
cancel-in-progress: true
jobs:
deploy:
if: ${{ github.event.workflow_run.conclusion == 'success' && github.event_name != 'pull_request' }}
runs-on: ubuntu-latest
timeout-minutes: 10
permissions:
contents: write
id-token: write
attestations: write
steps:
- uses: actions/checkout@v4
- uses: actions/cache@v4
with:
path: .firebase
key: firebase-${{ github.run_id }}
restore-keys: |
firebase-
- uses: oven-sh/setup-bun@v2
with:
bun-version: latest
- run: bun install --frozen-lockfile
- run: bun run build
- uses: actions/attest-build-provenance@v1
with:
subject-path: packages/*/dist/**
- uses: actions/upload-artifact@v4
with:
name: dist
path: packages/*/dist/**
- name: Deploy to firebase
run: |
curl -Lo ./firebase_bin https://firebase.tools/bin/linux/latest
chmod +x ./firebase_bin
./firebase_bin deploy
env:
FIREBASE_TOKEN: ${{ secrets.FIREBASE_TOKEN }}