add missing parameters (#1919) #1936

Workflow file for this run

	name: Deploy

	on:
	push:
	branches:
	- main
	- dev

	env:
	APP_IMAGE_NAME: app
	ARTIFACT_REGISTRY_URL: oci://europe-west4-docker.pkg.dev/nuclia-internal/charts
	MANAGER_IMAGE_NAME: manager
	CDN_STORAGE: ${{ github.ref == 'refs/heads/main' && secrets.CDN_STORAGE \|\| secrets.CDN_STORAGE_DEV }}
	DOCS_STORAGE: ${{ github.ref == 'refs/heads/main' && secrets.DOCS_STORAGE \|\| secrets.DOCS_STORAGE_DEV }}
	GCP_WORKLOAD_IDENTITY_PROVIDER: 'projects/224545243904/locations/global/workloadIdentityPools/gh-nuclia/providers/gh-nuclia-provider'
	GCP_SERVICE_ACCOUNT: '[email protected]'
	DEPLOYMENT_ENVIRONMENT: ${{ github.ref == 'refs/heads/main' && 'stage' \|\| 'dev' }}
	PROMO_PRODUCTION: false

	permissions:
	id-token: write
	contents: write

	jobs:
	build:
	runs-on: ubuntu-latest

	outputs:
	deploy-widget: ${{ steps.check-deploy.outputs.deploy-widget }}
	deploy-app: ${{ steps.check-deploy.outputs.deploy-app }}
	deploy-nucliadb-admin: ${{ steps.check-deploy.outputs.deploy-nucliadb-admin }}
	deploy-manager: ${{ steps.check-deploy.outputs.deploy-manager }}
	deploy-sistema: ${{ steps.check-deploy.outputs.deploy-sistema }}

	steps:
	- uses: actions/checkout@v4
	with:
	fetch-depth: 0

	- name: Authenticate to Google Cloud
	id: gcp-auth
	uses: google-github-actions/auth@v2
	with:
	workload_identity_provider: '${{ env.GCP_WORKLOAD_IDENTITY_PROVIDER }}'
	service_account: '${{ env.GCP_SERVICE_ACCOUNT }}'
	token_format: access_token

	- name: 'Set up Cloud SDK'
	uses: 'google-github-actions/setup-gcloud@v2'

	- name: Login to Google Artifact Registry
	uses: docker/login-action@v3
	with:
	registry: europe-west4-docker.pkg.dev
	username: oauth2accesstoken
	password: ${{ steps.gcp-auth.outputs.access_token }}

	- uses: nrwl/nx-set-shas@v3

	- uses: actions/setup-node@v3
	with:
	node-version: 20
	cache: 'yarn'

	- name: Calculate short sha
	run: echo "SHORT_SHA=`echo hash${GITHUB_SHA} \| cut -c1-12`" >> $GITHUB_ENV

	- name: Install project dependencies
	run: \|-
	yarn
	yarn missdev

	- name: Unit tests
	run: npx nx affected --target=test --parallel=3 --exclude=sdk-demo,search-widget-demo,core,sistema-demo

	- name: Build affected apps
	run: npx nx affected --target=build --parallel=3 --configuration production --exclude=sdk-demo,search-widget-demo

	- name: Get package version
	run: node -p -e '`PACKAGE_VERSION=${require("./package.json").version}`' >> $GITHUB_ENV

	- name: Tag if new version
	uses: pkgdeps/[email protected]
	if: github.ref == 'refs/heads/main'
	with:
	github_token: ${{ secrets.GITHUB_TOKEN }}
	github_repo: ${{ github.repository }}
	version: ${{ env.PACKAGE_VERSION }}
	git_commit_sha: ${{ github.sha }}
	git_tag_prefix: 'v'

	- name: Check apps to deploy
	id: check-deploy
	run: \|-
	(test -d dist/libs/search-widget && echo "deploy-widget=yes" >> $GITHUB_OUTPUT) \|\| echo "Widget unchanged"
	(test -d dist/apps/dashboard && echo "deploy-app=yes" >> $GITHUB_OUTPUT) \|\| echo "Dashboard unchanged"
	(test -d dist/apps/nucliadb-admin && echo "deploy-nucliadb-admin=yes" >> $GITHUB_OUTPUT) \|\| echo "NucliaDB admin unchanged"
	(test -d dist/apps/manager-v2 && echo "deploy-manager=yes" >> $GITHUB_OUTPUT) \|\| echo "Manager unchanged"
	(test -d dist/apps/sistema-demo && echo "deploy-sistema=yes" >> $GITHUB_OUTPUT) \|\| echo "Sistema demo unchanged"
	(test -d dist/sdk-core && echo "deploy-sdk=yes" >> $GITHUB_OUTPUT) \|\| echo "SDK unchanged"

	- name: Publish widget
	if: steps.check-deploy.outputs.deploy-widget == 'yes'
	run: \|-
	find dist/libs/search-widget -type f -name *.umd.js -exec sed -i.bak "s,__NUCLIA_DEV_VERSION__,$GITHUB_SHA,g" {} \;
	gsutil copy dist/libs/search-widget/*.umd.js gs://$CDN_STORAGE
	gsutil copy dist/libs/search-widget/*.css gs://$CDN_STORAGE
	gsutil copy -r libs/search-widget/public/* gs://$CDN_STORAGE

	- name: Publish SDK
	if: steps.check-deploy.outputs.deploy-sdk == 'yes' && github.ref == 'refs/heads/main'
	uses: JS-DevTools/npm-publish@v1
	with:
	token: ${{ secrets.NPM_TOKEN }}
	package: ./dist/sdk-core/package.json

	- name: Generate and push SDK docs
	if: steps.check-deploy.outputs.deploy-sdk == 'yes' && github.ref == 'refs/heads/main'
	run: \|-
	sh ./tools/build-sdk-docs.sh
	gsutil -m rsync -r ./libs/sdk-core/docs gs://$DOCS_STORAGE/js-sdk

	- name: Build dashboard image for Artifact Repository
	if: steps.check-deploy.outputs.deploy-app == 'yes'
	env:
	CONTAINER_REGISTRY: europe-west4-docker.pkg.dev/nuclia-internal/private
	run: \|-
	docker build -t $CONTAINER_REGISTRY/$APP_IMAGE_NAME:${SHORT_SHA} -f docker/Dockerfile --build-arg appId=app --build-arg appFolder=dashboard --build-arg noRelativeCss=true .
	docker tag $CONTAINER_REGISTRY/$APP_IMAGE_NAME:${SHORT_SHA} $CONTAINER_REGISTRY/$APP_IMAGE_NAME:main
	docker push $CONTAINER_REGISTRY/$APP_IMAGE_NAME:${SHORT_SHA}
	docker push $CONTAINER_REGISTRY/$APP_IMAGE_NAME:main

	- name: Publish NucliaDB admin app
	if: steps.check-deploy.outputs.deploy-nucliadb-admin == 'yes' && github.ref == 'refs/heads/main'
	run: \|-
	sed -i.bak "s,STF_DOCKER_CONFIG_VERSION,$GITHUB_SHA,g" dist/apps/nucliadb-admin/assets/deployment/app-config.json
	cp -r dist/apps/nucliadb-admin/* tools/python-nucliadb-admin-dist/nucliadb_admin_assets/
	make -C tools/python-nucliadb-admin-dist/ publish ARGS="--build=${{github.run_number}}"
	env:
	TWINE_USERNAME: __token__
	TWINE_PASSWORD: ${{ secrets.PYPI_TOKEN }}

	- name: Build manager image for Artifact Repository
	if: steps.check-deploy.outputs.deploy-manager == 'yes'
	env:
	CONTAINER_REGISTRY: europe-west4-docker.pkg.dev/nuclia-internal/private
	run: \|-
	docker build -t $CONTAINER_REGISTRY/$MANAGER_IMAGE_NAME:${SHORT_SHA} -f docker/Dockerfile --build-arg appId=manager --build-arg appFolder=manager-v2 --build-arg noRelativeCss=true .
	docker tag $CONTAINER_REGISTRY/$MANAGER_IMAGE_NAME:${SHORT_SHA} $CONTAINER_REGISTRY/$MANAGER_IMAGE_NAME:main
	docker push $CONTAINER_REGISTRY/$MANAGER_IMAGE_NAME:${SHORT_SHA}
	docker push $CONTAINER_REGISTRY/$MANAGER_IMAGE_NAME:main

	- name: Create 404 page for gh-pages
	if: steps.check-deploy.outputs.deploy-sistema == 'yes' && github.ref == 'refs/heads/main'
	run: \|-
	cp dist/apps/sistema-demo/index.html dist/apps/sistema-demo/404.html

	- name: Deploy sistema-demo to GH pages
	if: steps.check-deploy.outputs.deploy-sistema == 'yes' && github.ref == 'refs/heads/main'
	uses: JamesIves/github-pages-deploy-action@v4
	with:
	folder: dist/apps/sistema-demo

	- name: Upload sourcemaps to Sentry
	uses: getsentry/[email protected]
	if: github.ref == 'refs/heads/main'
	env:
	SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }}
	SENTRY_ORG: nuclia
	SENTRY_PROJECT: application

	deploy-app:
	name: Deploy dashboard
	runs-on: ubuntu-latest
	needs: build
	if: needs.build.outputs.deploy-app == 'yes'
	outputs:
	json-summary: \|
	{
	"components": [
	{
	"component": "app",
	"chart-version": "${{ steps.version_step.outputs.version_number }}",
	"component-type": "global"
	}
	]
	}

	steps:
	- name: Checkout repository
	uses: actions/checkout@v4

	- name: Authenticate to Google Cloud
	id: gcp-auth
	uses: google-github-actions/auth@v2
	with:
	workload_identity_provider: "${{ env.GCP_WORKLOAD_IDENTITY_PROVIDER }}"
	service_account: "${{ env.GCP_SERVICE_ACCOUNT }}"
	token_format: access_token

	- name: Login to Google Artifact Registry
	uses: docker/login-action@v3
	with:
	registry: europe-west4-docker.pkg.dev
	username: oauth2accesstoken
	password: ${{ steps.gcp-auth.outputs.access_token }}

	- name: Calculate short sha
	run: echo "SHORT_SHA=`echo hash${GITHUB_SHA} \| cut -c1-12`" >> $GITHUB_ENV

	- name: Set helm package image
	id: version_step
	env:
	CONTAINER_REGISTRY: europe-west4-docker.pkg.dev/nuclia-internal/nuclia
	run: \|-
	sed -i.bak "s#IMAGE_TO_REPLACE#$APP_IMAGE_NAME:${SHORT_SHA}#" ./charts/app/values.yaml
	sed -i.bak "s#CONTAINER_REGISTRY_TO_REPLACE#$CONTAINER_REGISTRY#" ./charts/app/values.yaml
	VERSION=`cat apps/dashboard/VERSION`
	VERSION_SHA=$VERSION-${SHORT_SHA}
	sed -i.bak "s#99999.99999.99999#$VERSION_SHA#" ./charts/app/Chart.yaml
	echo "version_number=$VERSION_SHA" >> $GITHUB_OUTPUT

	- name: Install Helm
	uses: azure/setup-helm@v3
	with:
	version: v3.15.3

	- name: Push helm package
	run: \|-
	helm lint charts/app
	helm package charts/app
	helm push app-${{ steps.version_step.outputs.version_number }}.tgz ${{ env.ARTIFACT_REGISTRY_URL }}

	deploy-manager:
	name: Deploy manager
	runs-on: ubuntu-latest
	needs: build
	if: needs.build.outputs.deploy-manager == 'yes'
	outputs:
	json-summary: \|
	{
	"components": [
	{
	"component": "manager",
	"chart-version": "${{ steps.version_step.outputs.version_number }}",
	"component-type": "global"
	}
	]
	}

	steps:
	- name: Checkout repository
	uses: actions/checkout@v4

	- name: Authenticate to Google Cloud
	id: gcp-auth
	uses: google-github-actions/auth@v2
	with:
	workload_identity_provider: "${{ env.GCP_WORKLOAD_IDENTITY_PROVIDER }}"
	service_account: "${{ env.GCP_SERVICE_ACCOUNT }}"
	token_format: access_token

	- name: Login to Google Artifact Registry
	uses: docker/login-action@v3
	with:
	registry: europe-west4-docker.pkg.dev
	username: oauth2accesstoken
	password: ${{ steps.gcp-auth.outputs.access_token }}

	- name: Calculate short sha
	run: echo "SHORT_SHA=`echo hash${GITHUB_SHA} \| cut -c1-12`" >> $GITHUB_ENV

	- name: Set helm package image
	id: version_step
	env:
	CONTAINER_REGISTRY: europe-west4-docker.pkg.dev/nuclia-internal/nuclia
	run: \|-
	sed -i.bak "s#IMAGE_TO_REPLACE#$MANAGER_IMAGE_NAME:${SHORT_SHA}#" ./charts/manager/values.yaml
	sed -i.bak "s#CONTAINER_REGISTRY_TO_REPLACE#$CONTAINER_REGISTRY#" ./charts/manager/values.yaml
	VERSION=`cat apps/manager-v2/VERSION`
	VERSION_SHA=$VERSION-$SHORT_SHA
	sed -i.bak "s#99999.99999.99999#$VERSION_SHA#" ./charts/manager/Chart.yaml
	echo "version_number=$VERSION_SHA" >> $GITHUB_OUTPUT

	- name: Install Helm
	uses: azure/setup-helm@v3
	with:
	version: v3.15.3

	- name: Push helm package
	run: \|-
	helm lint charts/manager
	helm package charts/manager
	helm push manager-${{ steps.version_step.outputs.version_number }}.tgz ${{ env.ARTIFACT_REGISTRY_URL }}

	send-to-promotion:
	runs-on: ubuntu-latest
	needs: [deploy-manager, deploy-app]
	if: \|
	!failure() && !cancelled() && github.event_name == 'push' &&
	( needs.deploy-manager.result != 'skipped' \|\|
	needs.deploy-app.result != 'skipped' )
	steps:
	- name: Generate a token
	id: app-token
	uses: actions/create-github-app-token@v1
	with:
	app-id: ${{ secrets.GHAPP_ID_NUCLIABOT }}
	private-key: ${{ secrets.PK_GHAPP_NUCLIABOT }}
	owner: nuclia

	- name: Create components promotion summary. Trigger1
	env:
	SKIP_QUEUE: ${{ contains(github.event.pull_request.labels.*.name, 'skip-promo-queue') }}
	SKIP_ARGO_HEALTH: false
	ENVIRONMENT: ${{ github.ref == 'refs/heads/main' && 'stage' \|\| 'dev' }}
	PROMO_PRODUCTION: ${{ env.PROMO_PRODUCTION }}
	TEAM: ${{ secrets.TEAM_NAME }}
	SLACK_TEAM: ${{ secrets.SLACK_TEAM }}
	run: \|
	MERGED_JSON=$(jq -cs \
	--arg environment "$ENVIRONMENT" \
	--arg skip_queue "$SKIP_QUEUE" \
	--arg promo_production "$PROMO_PRODUCTION" \
	--arg team "$TEAM" \
	--arg slack_team "$SLACK_TEAM" \
	--arg skip_argo_health "$SKIP_ARGO_HEALTH" \
	--arg commit_sha "${{ github.sha }}" \
	'{
	components: map(.components) \| add
	} + {
	skip_promo_queue: ($skip_queue == "true")
	} + {
	skip_argo_health: ($skip_argo_health == "true")
	} + {
	environment: $environment
	} + {
	promo_production: ($promo_production == "true")
	} + {
	team: $team
	} + {
	slack_team: $slack_team
	} + {
	tests: {
	"run-e2e": true,
	"run-nua-e2e": false
	}
	} + {
	"commit-sha": $commit_sha
	}' \
	<(echo '${{ needs.deploy-manager.outputs.json-summary }}') \
	<(echo '${{ needs.deploy-app.outputs.json-summary }}')
	)

	echo "JSON_PROMO_SUMMARY=$MERGED_JSON" >> $GITHUB_ENV

	- name: Send to promotion queue
	id: send-to-promo
	uses: peter-evans/repository-dispatch@v3
	with:
	token: ${{ steps.app-token.outputs.token }}
	repository: nuclia/core-apps
	event-type: promotions
	client-payload: '${{ env.JSON_PROMO_SUMMARY }}'

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

add missing parameters (#1919) #1936

Workflow file

add missing parameters (#1919) #1936

Jobs

Run details

Workflow file for this run