-
Notifications
You must be signed in to change notification settings - Fork 26
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Add workflows for tagging and building release for Production deploym…
…ents
- Loading branch information
Showing
3 changed files
with
183 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,47 @@ | ||
| name: Create Github Release | ||
|
|
||
| on: | ||
| push: | ||
| tags: | ||
| - 'v[0-9]+.[0-9]+.[0-9]+' | ||
|
|
||
| # Permission can be added at job level or workflow level | ||
| permissions: | ||
| contents: write # This is required for actions/checkout and create release | ||
|
|
||
| concurrency: | ||
| group: ${{ github.workflow }}-${{ github.ref }} | ||
| cancel-in-progress: true | ||
|
|
||
| jobs: | ||
| release: | ||
| name: Github Release | ||
| runs-on: ubuntu-latest | ||
|
|
||
| steps: | ||
| - name: Create Github Release | ||
| uses: actions/github-script@v6 | ||
| with: | ||
| github-token: ${{ github.token }} | ||
| script: | | ||
| if (!${{ toJson(github.ref_name) }}) { | ||
| core.setFailed("RELEASE_TAG is not defined.") | ||
| return; | ||
| } | ||
| try { | ||
| const response = await github.rest.repos.createRelease({ | ||
| name: ${{ toJson(github.ref_name) }}, | ||
| tag_name: ${{ toJson(github.ref_name) }}, | ||
| draft: false, | ||
| generate_release_notes: true, | ||
| owner: context.repo.owner, | ||
| prerelease: false, | ||
| repo: context.repo.repo, | ||
| }); | ||
| core.exportVariable('RELEASE_ID', response.data.id); | ||
| core.exportVariable('RELEASE_UPLOAD_URL', response.data.upload_url); | ||
| } catch (error) { | ||
| core.setFailed(error.message); | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,90 @@ | ||
| name: Manual Deployment to Production | ||
|
|
||
| # Run on pushes to main or PRs | ||
| on: | ||
| workflow_dispatch: | ||
| inputs: | ||
| tag: | ||
| description: Tagged version to deploy | ||
| required: true | ||
| type: string | ||
|
|
||
| concurrency: | ||
| group: ${{ github.workflow }}-${{ github.ref }} | ||
| cancel-in-progress: true | ||
|
|
||
| jobs: | ||
| deploy: | ||
| name: Deployment | ||
| runs-on: ubuntu-latest | ||
| defaults: | ||
| run: | ||
| working-directory: ./packages/app | ||
|
|
||
| steps: | ||
| - uses: actions/checkout@v4 | ||
|
|
||
| - name: Tag checkout | ||
| run: | | ||
| git fetch --prune --unshallow --tags | ||
| git checkout ${{ github.event.inputs.tag }} | ||
| - name: Setup Node.js | ||
| uses: actions/setup-node@v2 | ||
| with: | ||
| node-version: 16 | ||
|
|
||
| - uses: actions/cache@v2 | ||
| with: | ||
| path: '**/node_modules' | ||
| key: ${{ runner.os }}-modules-${{ hashFiles('**/yarn.lock') }} | ||
|
|
||
| - name: Install dependencies | ||
| run: | | ||
| yarn install | ||
| pip install awscli --upgrade --user | ||
| - name: Build App | ||
| run: yarn static | ||
|
|
||
| - name: Configure AWS Production credentials | ||
| uses: aws-actions/configure-aws-credentials@v1 | ||
| with: | ||
| aws-access-key-id: ${{ secrets.PROD_AWS_ACCESS_KEY_ID }} | ||
| aws-secret-access-key: ${{ secrets.PROD_AWS_SECRET_ACCESS_KEY }} | ||
| aws-region: ${{ secrets.AWS_DEFAULT_REGION }} | ||
|
|
||
| - name: Get the version | ||
| id: get_version | ||
| run: echo ::set-output name=VERSION::$(echo $GITHUB_REF | cut -d / -f 3) | ||
|
|
||
| # Script to prepare production deployments | ||
| # - run: bash ./.github/scripts/prepare_production_deployment.sh | ||
| # if: success() | ||
| # working-directory: ./ | ||
| # env: | ||
| # PROD_DEPLOYMENT_HOOK_TOKEN: ${{ secrets.PROD_DEPLOYMENT_HOOK_TOKEN }} | ||
| # PROD_DEPLOYMENT_HOOK_URL: ${{ secrets.PROD_DEPLOYMENT_HOOK_URL }} | ||
| # VERSION_TAG: ${{ steps.get_version.outputs.VERSION }} | ||
|
|
||
| - name: 'Deploy to S3: Production' | ||
| run: | | ||
| aws s3 sync out/ s3://${{ secrets.PROD_BUCKET_NAME }} --delete --exclude "*.html" --cache-control max-age=86400,public | ||
| aws s3 sync out/ s3://${{ secrets.PROD_BUCKET_NAME }} --delete --exclude "*" --include "*.html" --cache-control max-age=0,no-cache,no-store,must-revalidate --content-type text/html | ||
| - name: 'Cloudfront Production: cache invalidation' | ||
| if: (startsWith(github.event.ref, 'refs/tags/v') || github.event_name == 'release') | ||
| run: | | ||
| aws cloudfront create-invalidation --distribution-id ${{ secrets.PROD_AWS_CLOUDFRONT_ID }} --paths "/*" | ||
| notify: | ||
| uses: ./.github/workflows/slack_release_notification.yml | ||
| if: ${{ always() }} | ||
| needs: deploy | ||
| secrets: | ||
| RELEASES_SLACK_WEBHOOK_URL: ${{ secrets.RELEASES_SLACK_WEBHOOK_URL }} | ||
| with: | ||
| environment: Production | ||
| service: GC Token Lock UI | ||
| success: ${{ contains(join(needs.*.result, ','), 'success') }} | ||
| message: "deploy service `GC Token Lock UI` version `${{ inputs.tag }}`. Triggered by `${{ github.actor }}`." |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,46 @@ | ||
| name: Slack Notify Release | ||
| on: | ||
| workflow_call: | ||
| secrets: | ||
| RELEASES_SLACK_WEBHOOK_URL: | ||
| required: true | ||
| inputs: | ||
| environment: | ||
| type: string | ||
| required: true | ||
| message: | ||
| type: string | ||
| required: true | ||
| service: | ||
| type: string | ||
| required: true | ||
| success: | ||
| type: boolean | ||
| required: true | ||
|
|
||
| jobs: | ||
| notify: | ||
| name: Notify ${{ inputs.service }} release in ${{ inputs.environment }} | ||
| runs-on: ubuntu-latest | ||
| environment: ${{ inputs.environment }} | ||
| steps: | ||
| - name: Extract branch name | ||
| shell: bash | ||
| run: echo "branch=${GITHUB_HEAD_REF:-${GITHUB_REF#refs/heads/}}" >> $GITHUB_OUTPUT | ||
| id: extract_branch | ||
|
|
||
| - name: Extract commit | ||
| id: commit | ||
| uses: prompt/actions-commit-hash@v2 | ||
|
|
||
| - name: Get current date | ||
| id: date | ||
| run: echo "::set-output name=date::$(date +'%Y-%m-%dT%H:%M:%S')" | ||
|
|
||
| - id: slack | ||
| uses: slackapi/slack-github-action@v1.24.0 | ||
| with: | ||
| payload: "{\"username\":\"Releases\",\"icon_url\":\"https://avatars3.githubusercontent.com/u/134083290\",\"text\":\"${{ inputs.message }} - ${{ github.event.head_commit.message }}\",\"attachments\":[{\"text\":\"\",\"color\":\"${{ inputs.success == true && '#36a64f' || '#FF3131' }}\",\"author_name\":\"${{ inputs.service }}\",\"title\":\"\",\"fields\":[{\"title\":\"Environment\",\"short\":true,\"value\":\"`${{ inputs.environment }}`\"},{\"title\":\"Branch\",\"short\":true,\"value\":\"${{ steps.extract_branch.outputs.branch }}\"},{\"title\":\"Commit\",\"short\":true,\"value\":\"${{ steps.commit.outputs.short }}\"},{\"title\":\"Status\",\"short\":true,\"value\":\"${{ inputs.success == true && '🟢 SUCCEEDED' || '🔴 FAILED' }}\"},{\"title\":\"Time\",\"short\":true,\"value\":\"${{ steps.date.outputs.date }}\"}]}]}" | ||
| env: | ||
| SLACK_WEBHOOK_URL: ${{ secrets.RELEASES_SLACK_WEBHOOK_URL }} | ||
| SLACK_WEBHOOK_TYPE: "INCOMING_WEBHOOK" |