mirror of
https://github.com/standardnotes/server
synced 2026-01-16 20:04:32 -05:00
318 lines
9.4 KiB
YAML
318 lines
9.4 KiB
YAML
name: Server Application Reusable Workflow
|
|
|
|
on:
|
|
workflow_call:
|
|
inputs:
|
|
service_name:
|
|
required: true
|
|
type: string
|
|
workspace_name:
|
|
required: true
|
|
type: string
|
|
run_e2e_test_suite:
|
|
required: true
|
|
type: boolean
|
|
e2e_tag_parameter_name:
|
|
required: false
|
|
type: string
|
|
package_path:
|
|
required: true
|
|
type: string
|
|
secrets:
|
|
DOCKER_USERNAME:
|
|
required: true
|
|
DOCKER_PASSWORD:
|
|
required: true
|
|
CI_PAT_TOKEN:
|
|
required: true
|
|
AWS_ACCESS_KEY_ID:
|
|
required: true
|
|
AWS_SECRET_ACCESS_KEY:
|
|
required: true
|
|
|
|
jobs:
|
|
build:
|
|
runs-on: ubuntu-latest
|
|
|
|
steps:
|
|
- uses: actions/checkout@v3
|
|
|
|
- name: Cache build
|
|
id: cache-build
|
|
uses: actions/cache@v3
|
|
with:
|
|
path: packages/**/dist
|
|
key: ${{ runner.os }}-${{ inputs.service_name }}-build-${{ github.sha }}
|
|
|
|
- name: Set up Node
|
|
uses: actions/setup-node@v3
|
|
with:
|
|
registry-url: 'https://registry.npmjs.org'
|
|
node-version-file: '.nvmrc'
|
|
|
|
- name: Build
|
|
run: yarn build ${{ inputs.package_path }}
|
|
|
|
lint:
|
|
runs-on: ubuntu-latest
|
|
|
|
needs: build
|
|
|
|
steps:
|
|
- uses: actions/checkout@v3
|
|
|
|
- name: Cache build
|
|
id: cache-build
|
|
uses: actions/cache@v3
|
|
with:
|
|
path: packages/**/dist
|
|
key: ${{ runner.os }}-${{ inputs.service_name }}-build-${{ github.sha }}
|
|
|
|
- name: Set up Node
|
|
uses: actions/setup-node@v3
|
|
with:
|
|
registry-url: 'https://registry.npmjs.org'
|
|
node-version-file: '.nvmrc'
|
|
|
|
- name: Build
|
|
if: steps.cache-build.outputs.cache-hit != 'true'
|
|
run: yarn build ${{ inputs.package_path }}
|
|
|
|
- name: Lint
|
|
run: yarn lint:${{ inputs.service_name }}
|
|
|
|
test:
|
|
runs-on: ubuntu-latest
|
|
|
|
needs: build
|
|
|
|
steps:
|
|
- uses: actions/checkout@v3
|
|
|
|
- name: Cache build
|
|
id: cache-build
|
|
uses: actions/cache@v3
|
|
with:
|
|
path: packages/**/dist
|
|
key: ${{ runner.os }}-${{ inputs.service_name }}-build-${{ github.sha }}
|
|
|
|
- name: Set up Node
|
|
uses: actions/setup-node@v3
|
|
with:
|
|
registry-url: 'https://registry.npmjs.org'
|
|
node-version-file: '.nvmrc'
|
|
|
|
- name: Build
|
|
if: steps.cache-build.outputs.cache-hit != 'true'
|
|
run: yarn build ${{ inputs.package_path }}
|
|
|
|
- name: Test
|
|
run: yarn test:${{ inputs.service_name }}
|
|
|
|
e2e:
|
|
if: ${{ inputs.run_e2e_test_suite }} == true
|
|
runs-on: ubuntu-latest
|
|
|
|
needs: build
|
|
|
|
steps:
|
|
- uses: actions/checkout@v3
|
|
|
|
- name: Cache build
|
|
id: cache-build
|
|
uses: actions/cache@v3
|
|
with:
|
|
path: packages/**/dist
|
|
key: ${{ runner.os }}-${{ inputs.service_name }}-build-${{ github.sha }}
|
|
|
|
- name: Set up Node
|
|
uses: actions/setup-node@v3
|
|
with:
|
|
registry-url: 'https://registry.npmjs.org'
|
|
node-version-file: '.nvmrc'
|
|
|
|
- name: Build
|
|
if: steps.cache-build.outputs.cache-hit != 'true'
|
|
run: yarn build ${{ inputs.package_path }}
|
|
|
|
- name: Bundle
|
|
id: bundle
|
|
run: |
|
|
TEMP_DIR=$(mktemp -d -t "${{ inputs.service_name }}-${{ github.sha }}")
|
|
echo "::set-output name=dir::$TEMP_DIR"
|
|
yarn workspace ${{ inputs.workspace_name }} bundle --no-compress --output-directory $TEMP_DIR
|
|
|
|
- name: Login to Docker Hub
|
|
uses: docker/login-action@v2
|
|
with:
|
|
username: ${{ secrets.DOCKER_USERNAME }}
|
|
password: ${{ secrets.DOCKER_PASSWORD }}
|
|
|
|
- name: Set up QEMU
|
|
uses: docker/setup-qemu-action@master
|
|
with:
|
|
platforms: all
|
|
|
|
- name: Set up Docker Buildx
|
|
id: buildx
|
|
uses: docker/setup-buildx-action@master
|
|
|
|
- name: Publish Docker image for E2E testing
|
|
uses: docker/build-push-action@v3
|
|
with:
|
|
builder: ${{ steps.buildx.outputs.name }}
|
|
context: ${{ steps.bundle.outputs.dir }}
|
|
file: ${{ steps.bundle.outputs.dir }}/${{ inputs.package_path }}/Dockerfile
|
|
platforms: linux/amd64,linux/arm64
|
|
push: true
|
|
tags: standardnotes/${{ inputs.service_name }}:${{ github.sha }}
|
|
|
|
- name: Run E2E test suite
|
|
uses: convictional/trigger-workflow-and-wait@v1.6.3
|
|
with:
|
|
owner: standardnotes
|
|
repo: e2e
|
|
github_token: ${{ secrets.CI_PAT_TOKEN }}
|
|
workflow_file_name: testing-with-stable-client.yml
|
|
wait_interval: 30
|
|
client_payload: '{"${{ inputs.e2e_tag_parameter_name }}": "${{ github.sha }}"}'
|
|
propagate_failure: true
|
|
trigger_workflow: true
|
|
wait_workflow: true
|
|
|
|
publish:
|
|
needs: [ test, lint, e2e ]
|
|
|
|
runs-on: ubuntu-latest
|
|
|
|
steps:
|
|
- uses: actions/checkout@v3
|
|
|
|
- name: Cache build
|
|
id: cache-build
|
|
uses: actions/cache@v3
|
|
with:
|
|
path: packages/**/dist
|
|
key: ${{ runner.os }}-${{ inputs.service_name }}-build-${{ github.sha }}
|
|
|
|
- name: Set up Node
|
|
uses: actions/setup-node@v3
|
|
with:
|
|
registry-url: 'https://registry.npmjs.org'
|
|
node-version-file: '.nvmrc'
|
|
|
|
- name: Build
|
|
if: steps.cache-build.outputs.cache-hit != 'true'
|
|
run: yarn build ${{ inputs.package_path }}
|
|
|
|
- name: Bundle
|
|
id: bundle
|
|
run: |
|
|
TEMP_DIR=$(mktemp -d -t "${{ inputs.service_name }}-${{ github.sha }}")
|
|
echo "::set-output name=dir::$TEMP_DIR"
|
|
yarn workspace ${{ inputs.workspace_name }} bundle --no-compress --output-directory $TEMP_DIR
|
|
|
|
- name: Configure AWS credentials
|
|
uses: aws-actions/configure-aws-credentials@v1
|
|
with:
|
|
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
|
|
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
|
|
aws-region: us-east-1
|
|
|
|
- name: Login to Amazon ECR
|
|
id: login-ecr
|
|
uses: aws-actions/amazon-ecr-login@v1
|
|
|
|
- name: Publish Docker image
|
|
uses: docker/build-push-action@v3
|
|
env:
|
|
ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }}
|
|
ECR_REPOSITORY: ${{ inputs.service_name }}
|
|
IMAGE_TAG: ${{ github.sha }}
|
|
with:
|
|
builder: ${{ steps.buildx.outputs.name }}
|
|
context: ${{ steps.bundle.outputs.dir }}
|
|
file: ${{ steps.bundle.outputs.dir }}/${{ inputs.package_path }}/Dockerfile
|
|
platforms: linux/amd64,linux/arm64
|
|
push: true
|
|
tags: |
|
|
standardnotes/${{ inputs.service_name }}:latest
|
|
$ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG
|
|
$ECR_REGISTRY/$ECR_REPOSITORY:latest
|
|
|
|
deploy-web:
|
|
needs: publish
|
|
|
|
runs-on: ubuntu-latest
|
|
|
|
steps:
|
|
|
|
- name: Configure AWS credentials
|
|
uses: aws-actions/configure-aws-credentials@v1
|
|
with:
|
|
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
|
|
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
|
|
aws-region: us-east-1
|
|
|
|
- name: Download task definition
|
|
run: |
|
|
aws ecs describe-task-definition --task-definition ${{ inputs.service_name }}-prod --query taskDefinition > task-definition.json
|
|
|
|
- name: Fill in the new version in the Amazon ECS task definition
|
|
run: |
|
|
jq '(.containerDefinitions[] | select(.name=="${{ inputs.service_name }}-prod") | .environment[] | select(.name=="VERSION")).value = "${{ github.sha }}"' task-definition.json > tmp.json && mv tmp.json task-definition.json
|
|
|
|
- name: Fill in the new image ID in the Amazon ECS task definition
|
|
id: task-def-prod
|
|
uses: aws-actions/amazon-ecs-render-task-definition@v1
|
|
with:
|
|
task-definition: task-definition.json
|
|
container-name: ${{ inputs.service_name }}-prod
|
|
image: ${{ secrets.AWS_ECR_REGISTRY }}/${{ inputs.service_name }}:${{ github.sha }}
|
|
|
|
- name: Deploy Amazon ECS task definition
|
|
uses: aws-actions/amazon-ecs-deploy-task-definition@v1
|
|
with:
|
|
task-definition: ${{ steps.task-def-prod.outputs.task-definition }}
|
|
service: ${{ inputs.service_name }}-prod
|
|
cluster: prod
|
|
wait-for-service-stability: true
|
|
|
|
deploy-worker:
|
|
needs: publish
|
|
|
|
runs-on: ubuntu-latest
|
|
|
|
steps:
|
|
|
|
- name: Configure AWS credentials
|
|
uses: aws-actions/configure-aws-credentials@v1
|
|
with:
|
|
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
|
|
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
|
|
aws-region: us-east-1
|
|
|
|
- name: Download task definition
|
|
run: |
|
|
aws ecs describe-task-definition --task-definition ${{ inputs.service_name }}-worker-prod --query taskDefinition > task-definition.json
|
|
|
|
- name: Fill in the new version in the Amazon ECS task definition
|
|
run: |
|
|
jq '(.containerDefinitions[] | select(.name=="${{ inputs.service_name }}-worker-prod") | .environment[] | select(.name=="VERSION")).value = "${{ github.sha }}"' task-definition.json > tmp.json && mv tmp.json task-definition.json
|
|
|
|
- name: Fill in the new image ID in the Amazon ECS task definition
|
|
id: task-def-prod
|
|
uses: aws-actions/amazon-ecs-render-task-definition@v1
|
|
with:
|
|
task-definition: task-definition.json
|
|
container-name: ${{ inputs.service_name }}-worker-prod
|
|
image: ${{ secrets.AWS_ECR_REGISTRY }}/${{ inputs.service_name }}:${{ github.sha }}
|
|
|
|
- name: Deploy Amazon ECS task definition
|
|
uses: aws-actions/amazon-ecs-deploy-task-definition@v1
|
|
with:
|
|
task-definition: ${{ steps.task-def-prod.outputs.task-definition }}
|
|
service: ${{ inputs.service_name }}-worker-prod
|
|
cluster: prod
|
|
wait-for-service-stability: true
|