Skip to content

Commit

Permalink
feat: add staging
Browse files Browse the repository at this point in the history
  • Loading branch information
Fabrizio Cafolla committed Sep 19, 2024
1 parent 7157fdb commit f2f7414
Show file tree
Hide file tree
Showing 26 changed files with 155 additions and 242 deletions.
2 changes: 1 addition & 1 deletion .activate
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@ if [ -f "${VENV_FILE}" ]; then
else
echo "VENV_DIR: ${VENV_DIR}"
echo "VENV_FILE: ${VENV_FILE}"
echo "WARN No virtualenv found. Run 'make setup' to create one."
echo "WARN No virtualenv found. Run 'devbox shell'"
fi

ENV_FILE="${DEVBOX_PROJECT_ROOT}/.env"
Expand Down
49 changes: 0 additions & 49 deletions .github/workflows/actions/terraform-init/action.yml
View file

This file was deleted.

33 changes: 21 additions & 12 deletions .github/workflows/deploy-infrastructure.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@ permissions:
contents: read

env:
WORKSPACE: "production"
WORKSPACE: ${{ secrets.WORKSPACE }}

jobs:
deploy-infrastructure:
Expand All @@ -33,30 +33,39 @@ jobs:
with:
ref: ${{ env.COMMIT_SHA }}

- name: Terraform Init
id: terraform
uses: ./.github/workflows/actions/terraform-init
timeout-minutes: 5
- name: Install devbox
uses: jetify-com/[email protected]
with:
WORKSPACE: ${{ env.WORKSPACE }}
AWS_DEFAULT_REGION: ${{ secrets.AWS_DEFAULT_REGION }}
AWS_ACCOUNT_ID: ${{ secrets.AWS_ACCOUNT_ID }}
AWS_ROLE_NAME: ${{ secrets.AWS_ROLE_NAME }}
AWS_TERRAFORM_STATE_BUCKET: ${{ secrets.AWS_TERRAFORM_STATE_BUCKET }}
enable-cache: "true"

- name: Configure aws credentials
uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: arn:aws:iam::${{ secrets.AWS_ACCOUNT_ID }}:role/${{ secrets.AWS_ROLE_NAME }}
aws-region: ${{ secrets.AWS_DEFAULT_REGION }}
role-session-name: github-actions

- name: Terraform Plan
id: plan
continue-on-error: true
env:
AWS_DEFAULT_REGION: ${{ secrets.AWS_DEFAULT_REGION }}
AWS_ACCOUNT_ID: ${{ secrets.AWS_ACCOUNT_ID }}
AWS_ROLE_NAME: ${{ secrets.AWS_ROLE_NAME }}
run: |
make check-drift
devbox run infra check-drift
exitcode=$?
echo $exitcode
echo "run_apply=${exitcode}" >> "$GITHUB_OUTPUT"
- name: Terraform Apply
if: ${{ steps.plan.outputs.run_apply == '2' }}
env:
AWS_DEFAULT_REGION: ${{ secrets.AWS_DEFAULT_REGION }}
AWS_ACCOUNT_ID: ${{ secrets.AWS_ACCOUNT_ID }}
AWS_ROLE_NAME: ${{ secrets.AWS_ROLE_NAME }}
run: |
make apply-auto-approve
devbox run infra apply-auto-approve
- name: Update comment
if: ${{ success() && github.event.client_payload.slash_command.args.named.comment_id }}
Expand Down
48 changes: 7 additions & 41 deletions .github/workflows/deploy-website.yml
View file
Original file line number Diff line number Diff line change
@@ -1,32 +1,18 @@
name: Deploy Website

permissions: read-all

on:
repository_dispatch:
types:
- deploy-website
- deploy-website-command
# push:
# branches:
# - main
# paths:
# - "website/**"
# - "!website/tests/**"
# - "!website/Makefile"
# - "!website/README.md"
workflow_dispatch:

concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true

# Permissions for terramform-init action
permissions:
id-token: write
contents: read

env:
WORKSPACE: "production"

jobs:
deploy-website:
name: Deploy
Expand All @@ -45,40 +31,20 @@ jobs:
with:
ref: ${{ env.COMMIT_SHA }}

- name: Setup Python 3.12
uses: actions/setup-python@v5
with:
python-version: "3.12"
cache: "pip"

- name: Setup Node
uses: actions/setup-node@v4
with:
node-version-file: "website/.nvmrc"
cache-dependency-path: website/yarn.lock
cache: "yarn"

- name: Terraform Init
id: terraform
uses: ./.github/workflows/actions/terraform-init
timeout-minutes: 5
- name: Install devbox
uses: jetify-com/[email protected]
with:
WORKSPACE: ${{ env.WORKSPACE }}
AWS_DEFAULT_REGION: ${{ secrets.AWS_DEFAULT_REGION }}
AWS_ACCOUNT_ID: ${{ secrets.AWS_ACCOUNT_ID }}
AWS_ROLE_NAME: ${{ secrets.AWS_ROLE_NAME }}
AWS_TERRAFORM_STATE_BUCKET: ${{ secrets.AWS_TERRAFORM_STATE_BUCKET }}
enable-cache: "true"

- name: Build
timeout-minutes: 5
run: |
make setup-website VIRTUAL_ENV=false
make build
devbox run website build
- name: Deploy
timeout-minutes: 5
run: |
make deploy
devbox run deploy
- name: Update comment
if: ${{ success() && github.event.client_payload.slash_command.args.named.comment_id }}
Expand Down
1 change: 1 addition & 0 deletions .github/workflows/release.yml
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,7 @@
name: Release

on:
workflow_dispatch:
push:
branches:
- main
Expand Down
46 changes: 9 additions & 37 deletions .github/workflows/sync-database.yml
View file
Original file line number Diff line number Diff line change
@@ -1,19 +1,13 @@
name: Sync Database

permissions: read-all

on:
workflow_dispatch:
repository_dispatch:
types:
- sync-database

# Permissions for terramform-init action
permissions:
id-token: write
contents: read

env:
WORKSPACE: "production"

jobs:
sync-database:
name: Sync Database
Expand All @@ -22,6 +16,11 @@ jobs:
- name: Check out code
uses: actions/checkout@v4

- name: Install devbox
uses: jetify-com/[email protected]
with:
enable-cache: "true"

- name: Load env
id: env
run: |
Expand All @@ -35,7 +34,7 @@ jobs:
hash_commit_awesome_italia_opensource="${{ github.event.client_payload.hash }}"
fi
pr_body="${pr_body}\n\n Sync database pipeline: [${{ github.run_id }}](https://github.com/italia-opensource/italiaopensource.com/actions/runs/${{ github.run_id }})"
pr_body="${pr_body}. Sync database pipeline: [${{ github.run_id }}](https://github.com/italia-opensource/italiaopensource.com/actions/runs/${{ github.run_id }})"
echo "pr_branch_name=${pr_branch_name}" >> $GITHUB_OUTPUT
echo "pr_branch_name=${pr_branch_name}"
Expand All @@ -46,35 +45,11 @@ jobs:
echo "hash_commit_awesome_italia_opensource=${hash_commit_awesome_italia_opensource}" >> $GITHUB_OUTPUT
echo "hash_commit_awesome_italia_opensource=${hash_commit_awesome_italia_opensource}"
- name: Setup Python 3.12
uses: actions/setup-python@v5
with:
python-version: "3.12"
cache: "pip"

- name: Setup Node
uses: actions/setup-node@v4
with:
node-version-file: "website/.nvmrc"
cache-dependency-path: website/yarn.lock
cache: "yarn"

- name: Terraform Init
id: terraform
uses: ./.github/workflows/actions/terraform-init
timeout-minutes: 5
with:
WORKSPACE: ${{ env.WORKSPACE }}
AWS_DEFAULT_REGION: ${{ secrets.AWS_DEFAULT_REGION }}
AWS_ACCOUNT_ID: ${{ secrets.AWS_ACCOUNT_ID }}
AWS_ROLE_NAME: ${{ secrets.AWS_ROLE_NAME }}
AWS_TERRAFORM_STATE_BUCKET: ${{ secrets.AWS_TERRAFORM_STATE_BUCKET }}

- name: Build
id: build
timeout-minutes: 5
run: |
make download HASH_COMMIT="${{ steps.env.outputs.hash_commit_awesome_italia_opensource}}"
devbox run website download HASH_COMMIT="${{ steps.env.outputs.hash_commit_awesome_italia_opensource}}"
git checkout HEAD -- infrastructure/.terraform.lock.hcl # Ignore changes to the lock file
status=$(git status -s)
Expand All @@ -87,9 +62,6 @@ jobs:
exit 0
fi
make setup-website VIRTUAL_ENV=false
make build
echo "has_changed=true" >> $GITHUB_OUTPUT
- name: Create Pull Request
Expand Down
3 changes: 1 addition & 2 deletions .github/workflows/test.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,7 @@ concurrency:
cancel-in-progress: true

env:
WORKSPACE: "ci" # @TODO: Create infrastructure in pull-request workspace
WORKSPACE: ${{ secrets.WORKSPACE }}

jobs:
test-data:
Expand All @@ -41,7 +41,6 @@ jobs:
- name: Tests
timeout-minutes: 10
env:
WORKSPACE: ${{ env.WORKSPACE }}
AWS_DEFAULT_REGION: ${{ secrets.AWS_DEFAULT_REGION }}
AWS_ACCOUNT_ID: ${{ secrets.AWS_ACCOUNT_ID }}
AWS_ROLE_NAME: ${{ secrets.AWS_ROLE_NAME }}
Expand Down
23 changes: 14 additions & 9 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,38 +18,43 @@ devbox run website start

If you want start website with italian lang run: `devbox run website start LOCALE=it`.

If you want start website with multi-lang run: `devbox run website build serve`
If you want start website with multi-lang run: `devbox run website build && devbox run website serve`

**Develop infrastructure in local:**

With doppler access:
**[Doppler] Develop infrastructure in local:**

```bash
devbox shell

doppler login

devbox run doppler
devbox run doppler <staging|production>

# WARN: Before run `infra` cmd export AWS Credentials or Profile
# WARN: Before run `infra` cmd export your AWS Credentials or AWS Profile into .env

devbox run infra setup

devbox run infra plan

devbox run deploy
```

Or set your env vars without doppler:
To switch env run: `devbox run switch-env <staging|production>`

**[Without Doppler] Develop infrastructure in local:**

```bash
echo 'export WORKSPACE=staging|production' >> .env
echo 'export AWS_ACCOUNT_ID=...' >> .env
echo 'export AWS_DEFAULT_REGION=...' >> .env
echo 'export AWS_TERRAFORM_STATE_BUCKET=...' >> .env # (optional) If not set, use local backend by default
echo 'export AWS_TERRAFORM_STATE_BUCKET=...' >> .env # (optional) If not set by default use local backend

# WARN: Before run `infra` cmd export AWS Credentials or Profile
# WARN: Before run `infra` cmd export your AWS Credentials or AWS Profile into .env

devbox shell

devbox run infra setup

devbox run infra plan

devbox run deploy
```
Loading

0 comments on commit f2f7414

Please sign in to comment.