appQQQ's picture
init: import all code from Fin-EvalOps (with cache-fix middleware)
bcee114 verified
Raw
History Blame Contribute Delete
1.67 kB
name: Deploy frontend to GitHub Pages
on:
push:
branches: [main]
paths:
- "frontend/**"
- ".github/workflows/deploy.yml"
workflow_dispatch:
permissions:
contents: read
pages: write
id-token: write
concurrency:
group: pages
cancel-in-progress: true
jobs:
build:
runs-on: ubuntu-latest
defaults:
run:
working-directory: frontend
steps:
- uses: actions/checkout@v4
- uses: actions/setup-node@v4
with:
node-version: "20"
cache: npm
cache-dependency-path: frontend/package-lock.json
- name: Install
run: npm ci
- name: Secret-leak self-check
run: node scripts/check-no-secrets.mjs
- name: Build
env:
# Set in repo Settings β†’ Secrets and variables β†’ Actions β†’ Variables
VITE_API_BASE: ${{ vars.VITE_API_BASE }}
VITE_BASE_PATH: ${{ vars.VITE_BASE_PATH || '/Fin-EvalOps/' }}
run: npm run build
- name: Copy 404 fallback (React Router on Pages)
run: cp dist/index.html dist/404.html
- name: Verify no secret leaked into bundle
run: |
set -e
if grep -rE '117\.50\.195\.94|sk-[a-zA-Z0-9]{20,}|sk-ant-' dist; then
echo "::error::Secret-looking string found in dist!"
exit 1
fi
- uses: actions/upload-pages-artifact@v3
with:
path: frontend/dist
deploy:
needs: build
runs-on: ubuntu-latest
environment:
name: github-pages
url: ${{ steps.deployment.outputs.page_url }}
steps:
- id: deployment
uses: actions/deploy-pages@v4