From b45c7be669228e8e2f776493050ea0f54e3d4446 Mon Sep 17 00:00:00 2001 From: Mikhail Yarmaliuk Date: Thu, 13 Jul 2023 19:50:26 +0200 Subject: [PATCH] fix: reuse workflows --- .github/workflows/build.yml | 63 +++++++++ .github/workflows/deploy-aws.yml | 60 +++++++++ .github/workflows/docker-build.yml | 67 ++++++++++ .github/workflows/pr-check.yml | 7 +- .github/workflows/release-r.yml | 44 ++++++ .github/workflows/release.yml | 206 +++++------------------------ 6 files changed, 269 insertions(+), 178 deletions(-) create mode 100644 .github/workflows/build.yml create mode 100644 .github/workflows/deploy-aws.yml create mode 100644 .github/workflows/docker-build.yml create mode 100644 .github/workflows/release-r.yml diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml new file mode 100644 index 0000000..96f423a --- /dev/null +++ b/.github/workflows/build.yml @@ -0,0 +1,63 @@ +name: SSR BOOST Build + +on: + workflow_call: + inputs: + node-version: + required: false + type: string + default: 18.13.0 + app-build-args: + required: false + type: string + docker-file: + required: false + type: string + default: node_modules/@lomray/vite-ssr-boost/workflow/Dockerfile + secrets: + github-token: + required: false + +jobs: + build: + runs-on: ubuntu-latest + concurrency: + group: ${{ github.ref }}-build + cancel-in-progress: true + + steps: + - uses: actions/checkout@v3 + + - run: echo "//npm.pkg.github.com/:_authToken=${{ secrets.github-token }}" > ~/.npmrc + + - uses: actions/setup-node@v3 + with: + node-version: ${{ inputs.config-path }} + cache: 'npm' + + - name: Install dependencies + run: npm ci + + - name: Run eslint + run: npm run lint:check + + - name: Typescript check + run: npm run ts:check + + - name: Stylelint check + run: npm run style:check + + - name: Build application + run: | + npm pkg delete scripts.prepare + npm run build -- ${{ inputs.app-build-args }} + + - name: Archive build + uses: actions/upload-artifact@v3 + with: + name: build-artifact + path: | + build + package.json + package-lock.json + ${{ inputs.docker-file }} diff --git a/.github/workflows/deploy-aws.yml b/.github/workflows/deploy-aws.yml new file mode 100644 index 0000000..16173cc --- /dev/null +++ b/.github/workflows/deploy-aws.yml @@ -0,0 +1,60 @@ +name: SSR BOOST Deploy AWS + +on: + workflow_call: + inputs: + image: + required: true + type: string + service: + required: true + type: string + cluster: + required: true + type: string + task-container-name: + required: true + type: string + task-definition: + required: false + type: string + default: .github/task-definition.json + secrets: + AWS_ACCESS_KEY_ID: + required: true + AWS_SECRET_ACCESS_KEY: + required: true + AWS_REGION: + required: true + +jobs: + deploy-aws: + runs-on: ubuntu-latest + concurrency: + group: ${{ github.ref }}-deploy-aws + cancel-in-progress: true + + steps: + - uses: actions/checkout@v3 + + - name: Configure AWS credentials + uses: aws-actions/configure-aws-credentials@v2 + with: + aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} + aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + aws-region: ${{ secrets.AWS_REGION }} + + - name: Update AWS ECS Task Definition + id: task-def + uses: aws-actions/amazon-ecs-render-task-definition@v1 + with: + task-definition: ${{ inputs.task-definition }} + container-name: ${{ inputs.task-container-name }} + image: ${{ inputs.image }} + + - name: Deploy AWS ECS Task Definition + uses: aws-actions/amazon-ecs-deploy-task-definition@v1 + with: + task-definition: ${{ steps.task-def.outputs.task-definition }} + service: ${{ inputs.service }} + cluster: ${{ inputs.cluster }} diff --git a/.github/workflows/docker-build.yml b/.github/workflows/docker-build.yml new file mode 100644 index 0000000..11da611 --- /dev/null +++ b/.github/workflows/docker-build.yml @@ -0,0 +1,67 @@ +name: SSR BOOST Docker build + +on: + workflow_call: + inputs: + registry: + required: true + type: string + image-name: + required: true + type: string + version: + required: true + type: string + app-build-path: + required: true + type: string + secrets: + github-token: + required: true + +jobs: + docker-build: + runs-on: ubuntu-latest + concurrency: + group: ${{ github.ref }}-build-docker + cancel-in-progress: true + outputs: + # get docker image tag with version + image-tag: ${{ fromJSON(steps.meta.outputs.json).tags[0] }} + + steps: + - uses: actions/download-artifact@v3 + with: + name: build-artifact + + - name: Setup Docker buildx + uses: docker/setup-buildx-action@v2 + + - name: Log into registry + uses: docker/login-action@v2 + with: + registry: ${{ inputs.registry }} + username: ${{ github.actor }} + password: ${{ secrets.github-token }} + + - name: Extract Docker metadata + id: meta + uses: docker/metadata-action@v4 + with: + images: ${{ inputs.registry }}/${{ inputs.image-name }} + tags: | + type=raw,prefix={{branch}}-,value=${{ inputs.version }} + type=raw,prefix=latest-,value={{branch}} + + - name: Build and push Docker image + id: build-and-push + uses: docker/build-push-action@v4 + with: + context: . + push: true + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} + cache-from: type=gha + cache-to: type=gha,mode=max + build-args: | + BUILD_PATH=${{ inputs.app-build-path }} diff --git a/.github/workflows/pr-check.yml b/.github/workflows/pr-check.yml index dfdaa5d..c109092 100644 --- a/.github/workflows/pr-check.yml +++ b/.github/workflows/pr-check.yml @@ -2,9 +2,12 @@ name: Check PR on: pull_request: - branches: [ prod, staging ] + branches: [ prod ] types: [ synchronize ] +env: + NODE_VERSION: 18.13.0 + jobs: check: runs-on: ubuntu-latest @@ -19,7 +22,7 @@ jobs: - uses: actions/setup-node@v3 with: - node-version: '18.13.0' + node-version: ${{ env.NODE_VERSION }} cache: 'npm' - name: Install dependencies diff --git a/.github/workflows/release-r.yml b/.github/workflows/release-r.yml new file mode 100644 index 0000000..3761ca6 --- /dev/null +++ b/.github/workflows/release-r.yml @@ -0,0 +1,44 @@ +name: SSR BOOST Release + +on: + workflow_call: + inputs: + has-release-asset: + required: false + type: boolean + default: false + secrets: + github-token: + required: true + +jobs: + release: + runs-on: ubuntu-latest + concurrency: + group: ${{ github.ref }}-release + cancel-in-progress: true + outputs: + version: ${{ steps.package-version.outputs.version }} + + steps: + - uses: actions/checkout@v3 + + - uses: actions/download-artifact@v3 + with: + name: build-artifact + + - name: Create release asset + if: ${{ inputs.has-release-asset }} + run: zip -r build.zip build package.json package-lock.json README.md + + - name: Install dependencies + run: npm ci + + - name: Release + env: + GITHUB_TOKEN: ${{ secrets.github-token }} + run: npx semantic-release + + - name: Get version + id: package-version + run: npx @lomray/microservices-cli package-version diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 288c221..a91d6df 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -2,188 +2,42 @@ name: Semantic release on: push: - branches: [ prod, staging ] - -env: - NODE_VERSION: 18.13.0 - APP_BUILD_ARGS: --unlock-robots - APP_BUILD_PATH: ./build - REGISTRY: ghcr.io - IMAGE_NAME: ${{ github.repository }}/web - DOCKER_FILE: node_modules/@lomray/vite-ssr-boost/workflow/Dockerfile - ECS_TASK_DEFINITION: .github/task-definition.json - ECS_TASK_CONTAINER_NAME: web - ECS_SERVICE: vite-template - ECS_CLUSTER: Development + branches: [ prod ] jobs: build: - runs-on: ubuntu-latest - concurrency: - group: ${{ github.ref }}-build - cancel-in-progress: true - - steps: - - uses: actions/checkout@v3 - - - run: echo "//npm.pkg.github.com/:_authToken=${{ secrets.GITHUB_TOKEN }}" > ~/.npmrc - - - uses: actions/setup-node@v3 - with: - node-version: ${{ env.NODE_VERSION }} - cache: 'npm' - - - name: Install dependencies - run: npm ci - - - name: Run eslint - run: npm run lint:check - - - name: Typescript check - run: npm run ts:check - - - name: Stylelint check - run: npm run style:check - - - name: Build application - run: | - npm pkg delete scripts.prepare - npm run build -- ${{ env.APP_BUILD_ARGS }} - - - name: Create release asset - run: zip -r build.zip build package.json package-lock.json README.md - - - name: Archive build - uses: actions/upload-artifact@v3 - with: - name: build-artifact - path: | - build - package.json - package-lock.json - build.zip - - - name: Archive dockerfile - uses: actions/upload-artifact@v3 - with: - name: dockerfile-artifact - path: ${{ env.DOCKER_FILE }} - - - name: Archive AWS task definition - uses: actions/upload-artifact@v3 - with: - name: aws-task-definition-artifact - path: ${{ env.ECS_TASK_DEFINITION }} + uses: ./.github/workflows/build.yml + with: + app-build-args: --unlock-robots release: needs: [build] - runs-on: ubuntu-latest - concurrency: - group: ${{ github.ref }}-release - cancel-in-progress: true - outputs: - version: ${{ steps.package-version.outputs.version }} - - steps: - - uses: actions/checkout@v3 - - - uses: actions/download-artifact@v3 - with: - name: build-artifact - - - name: Install dependencies - run: npm ci - - - name: Release - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - run: npx semantic-release - - - name: Get version - id: package-version - run: npx @lomray/microservices-cli package-version + uses: ./.github/workflows/release-r.yml + with: + has-release-asset: true + secrets: + github-token: ${{ secrets.GITHUB_TOKEN }} docker-build: needs: [build, release] - runs-on: ubuntu-latest - concurrency: - group: ${{ github.ref }}-build-docker - cancel-in-progress: true - outputs: - # get docker image tag with version - image-tag: ${{ fromJSON(steps.meta.outputs.json).tags[0] }} - - steps: - - uses: actions/download-artifact@v3 - with: - name: build-artifact - - - uses: actions/download-artifact@v3 - with: - name: dockerfile-artifact - - - name: Setup Docker buildx - uses: docker/setup-buildx-action@v2 - - - name: Log into registry - uses: docker/login-action@v2 - with: - registry: ${{ env.REGISTRY }} - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} - - - name: Extract Docker metadata - id: meta - uses: docker/metadata-action@v4 - with: - images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} - tags: | - type=raw,prefix={{branch}}-,value=${{ needs.release.outputs.version }} - type=raw,prefix=latest-,value={{branch}} - - - name: Build and push Docker image - id: build-and-push - uses: docker/build-push-action@v4 - with: - context: . - push: true - tags: ${{ steps.meta.outputs.tags }} - labels: ${{ steps.meta.outputs.labels }} - cache-from: type=gha - cache-to: type=gha,mode=max - build-args: | - BUILD_PATH=${{ env.APP_BUILD_PATH }} - - deploy: - needs: [ docker-build ] - runs-on: ubuntu-latest - concurrency: - group: ${{ github.ref }}-deploy - cancel-in-progress: true - - steps: - - uses: actions/download-artifact@v3 - with: - name: aws-task-definition-artifact - - - name: Configure AWS credentials - uses: aws-actions/configure-aws-credentials@v2 - with: - aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} - aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} - aws-region: ${{ secrets.AWS_REGION }} - - - name: Update AWS ECS Task Definition - id: task-def - uses: aws-actions/amazon-ecs-render-task-definition@v1 - with: - task-definition: task-definition.json - container-name: ${{ env.ECS_TASK_CONTAINER_NAME }} - image: ${{ needs.docker-build.outputs.image-tag }} - - - name: Deploy AWS ECS Task Definition - uses: aws-actions/amazon-ecs-deploy-task-definition@v1 - with: - task-definition: ${{ steps.task-def.outputs.task-definition }} - service: ${{ env.ECS_SERVICE }} - cluster: ${{ env.ECS_CLUSTER }} + uses: ./.github/workflows/docker-build.yml + with: + registry: ghcr.io + image-name: ${{ github.repository }}/web + version: ${{ needs.release.outputs.version }} + app-build-path: ./build + secrets: + github-token: ${{ secrets.GITHUB_TOKEN }} + + deploy-aws: + needs: [docker-build] + uses: ./.github/workflows/deploy-aws.yml + with: + image: ${{ needs.docker-build.outputs.image-tag }} + service: vite-template + cluster: Development + task-container-name: web + secrets: + AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} + AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + AWS_REGION: ${{ secrets.AWS_REGION }}