From 19571f760256228fea9efef1475ae37b107db256 Mon Sep 17 00:00:00 2001 From: Genesis Alvarez Date: Wed, 23 Oct 2024 20:47:01 -0400 Subject: [PATCH 1/3] Add: dependabot --- .github/dependabot.yml | 15 +++++++++++++++ 1 file changed, 15 insertions(+) create mode 100644 .github/dependabot.yml diff --git a/.github/dependabot.yml b/.github/dependabot.yml new file mode 100644 index 0000000..c71e63e --- /dev/null +++ b/.github/dependabot.yml @@ -0,0 +1,15 @@ +version: 2 +updates: + - package-ecosystem: "npm" + directory: "/" + target-branch: main + schedule: + interval: "weekly" + open-pull-requests-limit: 20 + commit-message: + prefix: "deps" + + - package-ecosystem: "github-actions" + directory: "/" + schedule: + interval: "weekly" From 988ac26e3dc7e7884c07f49e8bb24c0b6ae0b0a3 Mon Sep 17 00:00:00 2001 From: Genesis Alvarez Date: Wed, 23 Oct 2024 20:48:32 -0400 Subject: [PATCH 2/3] fix: using reusable worflows --- .github/workflows/build-docker-image.yml | 107 ++++++++++++++++ .github/workflows/ci-tests.yml | 71 +++++++++++ .github/workflows/clean.yml | 35 ----- .github/workflows/cloudrun-deploy.yml | 92 ++++++++++++++ .github/workflows/code-quality.yml | 6 +- .github/workflows/delete-deployment.yml | 41 ++++++ .github/workflows/deploy-to-dev.yml | 42 ++++++ .github/workflows/deploy-to-prod.yml | 34 +++++ .github/workflows/deploy-to-staging.yml | 42 ++++++ .github/workflows/development.yml | 155 ----------------------- .github/workflows/production.yml | 101 --------------- .github/workflows/staging.yml | 134 -------------------- 12 files changed, 432 insertions(+), 428 deletions(-) create mode 100644 .github/workflows/build-docker-image.yml create mode 100644 .github/workflows/ci-tests.yml delete mode 100644 .github/workflows/clean.yml create mode 100644 .github/workflows/cloudrun-deploy.yml create mode 100644 .github/workflows/delete-deployment.yml create mode 100644 .github/workflows/deploy-to-dev.yml create mode 100644 .github/workflows/deploy-to-prod.yml create mode 100644 .github/workflows/deploy-to-staging.yml delete mode 100644 .github/workflows/development.yml delete mode 100644 .github/workflows/production.yml delete mode 100644 .github/workflows/staging.yml diff --git a/.github/workflows/build-docker-image.yml b/.github/workflows/build-docker-image.yml new file mode 100644 index 0000000..4510bdb --- /dev/null +++ b/.github/workflows/build-docker-image.yml @@ -0,0 +1,107 @@ +name: Build docker image + +on: + workflow_call: + inputs: + app_name: + required: true + type: string + dockerfile_path: + required: true + type: string + dockerfile_target: + required: true + type: string + registry: + required: true + type: string + outputs: + image_digest: + description: "The image digest to be used on a caller workflow" + value: ${{ jobs.build.outputs.image_digest }} + +jobs: + build: + name: Build images + timeout-minutes: 15 + runs-on: ubuntu-latest + outputs: + image_digest: ${{ steps.docker_build.outputs.digest }} + permissions: + contents: "read" + id-token: "write" + steps: + - uses: actions/checkout@v4.1.0 + with: + persist-credentials: false + + - name: Inject slug/short variables + uses: rlespinasse/github-slug-action@v4.4.1 + with: + short-length: 7 + + # Automatic tag management and OCI Image Format Specification for labels + - name: Docker meta + id: meta + uses: docker/metadata-action@v5.0.0 + with: + # list of Docker images to use as base name for tags + images: | + ${{ inputs.registry }}/${{ inputs.app_name }} + # generate Docker tags based on the following events/attributes + tags: | + type=schedule + # semver and ref,tag automatically add a "latest" tag, but only on stable releases + type=semver,pattern={{version}} + type=semver,pattern={{major}}.{{minor}} + type=semver,pattern={{major}} + type=ref,event=tag + type=ref,event=branch + type=ref,event=pr + type=sha + # edge is the latest commit on the default branch. + type=edge,enable={{is_default_branch}} + + # Setup Docker Buildx to allow use of docker cache layers from GH + - name: Set up Docker Buildx + id: buildx + uses: docker/setup-buildx-action@v3 + + - name: Login to Google Artifact Registry + uses: docker/login-action@v3.0.0 + with: + registry: us-docker.pkg.dev + username: _json_key + password: ${{ secrets.GAR_JSON_KEY }} + + # Build and push image to Google Artifact Registry, and possibly DockerHub + - name: Build & push + id: docker_build + uses: docker/build-push-action@v5.1.0 + with: + target: ${{ inputs.dockerfile_target }} + context: . + file: ${{ inputs.dockerfile_path }} + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} + push: true + build-args: | + NODE_ENV=${{ vars.NODE_ENV }} + SKIP_PREFLIGHT_CHECK=${{ vars.SKIP_PREFLIGHT_CHECK }} + DISABLE_ESLINT_PLUGIN=${{ vars.DISABLE_ESLINT_PLUGIN }} + + # To improve build speeds, for each branch we push an additional image to the registry, + # to be used as the caching layer, using the `max` caching mode. + # + # We use multiple cache sources to confirm a cache hit, starting from a per-branch cache, + # and if there's no hit, then continue with the `main` branch. When changes are added to a PR, + # they are usually smaller than the diff between the PR and `main` branch. So this provides the + # best performance. + # + # The caches are tried in top-down order, the first available cache is used: + # https://github.com/moby/moby/pull/26839#issuecomment-277383550 + cache-from: | + type=registry,ref=${{ inputs.registry }}/${{ inputs.app_name }}:${{ env.GITHUB_REF_SLUG_URL }}-cache + type=registry,ref=${{ inputs.registry }}/${{ inputs.app_name }}:${{ github.event.repository.default_branch }}-cache + cache-to: | + type=registry,ref=${{ inputs.registry }}/${{ inputs.app_name }}:${{ env.GITHUB_REF_SLUG_URL }}-cache,mode=min diff --git a/.github/workflows/ci-tests.yml b/.github/workflows/ci-tests.yml new file mode 100644 index 0000000..79dd22f --- /dev/null +++ b/.github/workflows/ci-tests.yml @@ -0,0 +1,71 @@ +name: Running tests + +permissions: read-all + +on: + workflow_call: + inputs: + node_env: + required: true + type: string + + pull_request: + branches: + - main + paths: + - '**.js*' + - '**.ts*' + - package*.json + - .github/workflows/ci-tests.yml + + push: + branches: + - main + paths: + - '**.js*' + - '**.ts*' + - package*.json + - .github/workflows/ci-tests.yml + +env: + NODE_ENV: ${{ inputs.node_env }} + NEXT_TELEMETRY_DISABLED: 1 + # we build a dev binary for use in CI so skip downloading + # canary next-swc binaries in the monorepo + NEXT_SKIP_NATIVE_POSTINSTALL: 1 + CI: true + +jobs: + versioning: + runs-on: ubuntu-latest + outputs: + version: ${{ steps.set.outputs.version }} + steps: + - name: Setting API Version + id: set + run: echo "::set-output name=version::${{ vars.NODE_ENV }}" + + test: + name: Test with Node.js ${{ matrix.node }} + timeout-minutes: 10 + runs-on: ubuntu-latest + + strategy: + fail-fast: false + matrix: + node: [lts/*, latest] + + steps: + - name: Cheking out the code + uses: actions/checkout@v4 + + - name: Use Node.js ${{ matrix.node }} + uses: actions/setup-node@v4.0.4 + with: + node-version: ${{ matrix.node }} + + - name: Installing dependencies + run: yarn install --frozen-lockfile + + - name: Running tests + run: yarn test \ No newline at end of file diff --git a/.github/workflows/clean.yml b/.github/workflows/clean.yml deleted file mode 100644 index 7b8ce98..0000000 --- a/.github/workflows/clean.yml +++ /dev/null @@ -1,35 +0,0 @@ -name: Cleaner - -on: - delete: - branches: - - "*" - - "!staging" - - "!main" - pull_request: - branches: - - "staging" - - "main" - types: - - closed - -env: - PROJECT_NAME: territorial-division - GAR_BASE: us-docker.pkg.dev/${{ secrets.GCP_PROJECT }} - -jobs: - delete: - runs-on: ubuntu-latest - steps: - - name: Inject slug/short variables - uses: rlespinasse/github-slug-action@v3.x - - - name: Set up Cloud SDK - uses: google-github-actions/setup-gcloud@master - with: - project_id: ${{ secrets.GCP_PROJECT }} - service_account_key: ${{ secrets.GAR_JSON_KEY }} - export_default_credentials: true - - - name: Removing CR service - run: gcloud run services delete ${{ env.GITHUB_REPOSITORY_NAME_PART_SLUG }}-${{ env.GITHUB_HEAD_REF_SLUG || env.GITHUB_REF_SLUG }} --region=${{ secrets.GCP_REGION }} --quiet diff --git a/.github/workflows/cloudrun-deploy.yml b/.github/workflows/cloudrun-deploy.yml new file mode 100644 index 0000000..57a62bd --- /dev/null +++ b/.github/workflows/cloudrun-deploy.yml @@ -0,0 +1,92 @@ +name: Deploy to Cloud Run + +on: + workflow_call: + inputs: + image: + required: false + type: string + image_digest: + required: false + type: string + region: + required: true + type: string + project: + required: true + type: string + environment: + required: false + type: string + default_name: + required: false + type: string + +jobs: + versioning: + runs-on: ubuntu-latest + outputs: + version: ${{ steps.set.outputs.version }} + steps: + - name: Getting API Version + id: get + uses: actions/github-script@v6 + if: ${{ github.event_name == 'release' }} + with: + result-encoding: string + script: | + return context.payload.release.tag_name.substring(0,2) + - name: Setting API Version + id: set + run: echo "version=${{ steps.get.outputs.result }}" >> "$GITHUB_OUTPUT" + + deploy: + name: Deploy to Cloud Run + needs: ['versioning'] + timeout-minutes: 15 + runs-on: ubuntu-latest + permissions: + contents: read + id-token: write + environment: + name: ${{ inputs.environment }} + url: ${{ steps.deploy.outputs.url }} + steps: + - name: Inject slug/short variables + uses: rlespinasse/github-slug-action@v4.4.1 + + - name: Authenticate to GCP + id: auth + uses: google-github-actions/auth@v1.1.1 + with: + credentials_json: ${{ secrets.GAR_JSON_KEY }} + + - name: Set up Cloud SDK + uses: google-github-actions/setup-gcloud@v1.1.1 + + - name: Deploy to cloud run + id: deploy + uses: google-github-actions/deploy-cloudrun@v2.6.0 + with: + image: ${{ inputs.image }} + service: ${{ env.GITHUB_REPOSITORY_NAME_PART_SLUG }}-${{ inputs.default_name || needs.versioning.outputs.version || env.GITHUB_HEAD_REF_SLUG || env.GITHUB_REF_SLUG }} + region: ${{ inputs.region }} + flags: | + --vpc-connector=projects/${{ secrets.GCP_PROJECT }}/locations/${{ secrets.GCP_REGION }}/connectors/${{ secrets.GCP_REGION }} + env_vars: | + NODE_ENV=${{ vars.NODE_ENV }} + DB_HOST=${{ secrets.DB_HOST }} + DB_PORT=${{ secrets.DB_PORT }} + DB_USER=${{ secrets.DB_USER }} + DB_PASSWORD=${{ secrets.DB_PASSWORD }} + DB_NAME=${{ secrets.DB_NAME }} + API_VERSION=${{ needs.versioning.outputs.version }} + + + - name: Allow unauthenticated calls to the service + run: | + gcloud run services add-iam-policy-binding ${{ env.GITHUB_REPOSITORY_NAME_PART_SLUG }}-${{ needs.versioning.outputs.version || env.GITHUB_HEAD_REF_SLUG || env.GITHUB_REF_SLUG }} \ + --region=${{ inputs.region }} --member=allUsers --role=roles/run.invoker --quiet + + - name: Test service with cURL + run: curl "${{ steps.deploy.outputs.url }}" diff --git a/.github/workflows/code-quality.yml b/.github/workflows/code-quality.yml index 08e2b27..a4efe74 100644 --- a/.github/workflows/code-quality.yml +++ b/.github/workflows/code-quality.yml @@ -25,12 +25,12 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v2 + uses: actions/checkout@v4.1.0 - name: Initialize CodeQL - uses: github/codeql-action/init@v1 + uses: github/codeql-action/init@v3 with: languages: ${{ matrix.language }} - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v1 + uses: github/codeql-action/analyze@v3 diff --git a/.github/workflows/delete-deployment.yml b/.github/workflows/delete-deployment.yml new file mode 100644 index 0000000..3c17c67 --- /dev/null +++ b/.github/workflows/delete-deployment.yml @@ -0,0 +1,41 @@ +name: Delete Cloud Run instances on PR closed by merged + +on: + pull_request: + branches: + - main + types: [closed] + +jobs: + delete-cloud-run: + if: github.event.pull_request.merged == true + runs-on: ubuntu-latest + steps: + - name: Inject slug/short variables + uses: rlespinasse/github-slug-action@v4.5.0 + + - id: 'auth' + name: 'Authenticate to Google Cloud' + uses: 'google-github-actions/auth@v2' + with: + credentials_json: '${{ secrets.GAR_JSON_KEY }}' + + - name: 'Set up Cloud SDK' + uses: 'google-github-actions/setup-gcloud@v2' + + - name: 'Display information about the current gcloud environment' + run: 'gcloud info' + + - name: Check if Cloud Run service exists + id: check_service + run: | + SERVICE_NAME=${{ env.GITHUB_REPOSITORY_NAME_PART_SLUG }}-${{ env.GITHUB_HEAD_REF_SLUG || env.GITHUB_REF_SLUG }} + if gcloud run services describe $SERVICE_NAME --region=${{ vars.GCP_REGION }} > /dev/null 2>&1; then + echo "service_exists=true" >> $GITHUB_ENV + else + echo "service_exists=false" >> $GITHUB_ENV + fi + + - name: 'Delete service' + if: env.service_exists == 'true' + run: gcloud run services delete ${{ env.GITHUB_REPOSITORY_NAME_PART_SLUG }}-${{ env.GITHUB_HEAD_REF_SLUG || env.GITHUB_REF_SLUG }} --region=${{ vars.GCP_REGION }} --quiet diff --git a/.github/workflows/deploy-to-dev.yml b/.github/workflows/deploy-to-dev.yml new file mode 100644 index 0000000..f5a1005 --- /dev/null +++ b/.github/workflows/deploy-to-dev.yml @@ -0,0 +1,42 @@ +name: Deploy to dev + +on: + workflow_dispatch: + pull_request: + branches: + - "main" + paths: + - "**.js*" + - "**.ts*" + - "package*.json" + - "Dockerfile" + - ".github/workflows/deploy-to-dev.yml" + types: [opened, synchronize, reopened, labeled] + +concurrency: + # Ensures that only one workflow task will run at a time. Previous builds, if + # already in process, will get cancelled. Only the latest commit will be allowed + # to run, cancelling any workflows in between + group: ${{ github.workflow }}-${{ github.job }}-${{ github.head_ref || github.run_id }} + cancel-in-progress: true + +jobs: + build: + uses: ./.github/workflows/build-docker-image.yml + with: + environment: development + dockerfile_path: ./Dockerfile + dockerfile_target: release + app_name: ${{ vars.APP_NAME }} + registry: ${{ vars.GCP_REGISTRY}} + secrets: inherit + + deploy: + needs: ["build"] + uses: ./.github/workflows/cloudrun-deploy.yml + with: + environment: development + project: ${{ vars.GCP_PROJECT }} + region: us-east1 + image: ${{ vars.GCP_IMAGE}}@${{ needs.build.outputs.image_digest }} + secrets: inherit \ No newline at end of file diff --git a/.github/workflows/deploy-to-prod.yml b/.github/workflows/deploy-to-prod.yml new file mode 100644 index 0000000..fd3b94b --- /dev/null +++ b/.github/workflows/deploy-to-prod.yml @@ -0,0 +1,34 @@ +name: Deploy to production + +on: + release: + types: + - published + +concurrency: + # Ensures that only one workflow task will run at a time. Previous builds, if + # already in process, will get cancelled. Only the latest commit will be allowed + # to run, cancelling any workflows in between + group: ${{ github.workflow }}-${{ github.job }}-${{ github.head_ref || github.run_id }} + cancel-in-progress: true + +jobs: + build: + uses: ./.github/workflows/build-docker-image.yml + with: + environment: production + dockerfile_path: ./Dockerfile + dockerfile_target: release + app_name: ${{ vars.APP_NAME }} + registry: ${{ vars.GCP_REGISTRY}} + secrets: inherit + + deploy: + needs: ["build"] + uses: ./.github/workflows/cloudrun-deploy.yml + with: + environment: production + project: ${{ vars.GCP_PROJECT }} + region: us-east1 + image: ${{ vars.GCP_IMAGE}}@${{ needs.build.outputs.image_digest }} + secrets: inherit \ No newline at end of file diff --git a/.github/workflows/deploy-to-staging.yml b/.github/workflows/deploy-to-staging.yml new file mode 100644 index 0000000..119684b --- /dev/null +++ b/.github/workflows/deploy-to-staging.yml @@ -0,0 +1,42 @@ +name: Deploy to staging + +on: + workflow_dispatch: + push: + branches: + - "main" + paths: + - '**.js*' + - '**.ts*' + - 'package*.json' + - 'Dockerfile' + - 'entrypoint.sh' + - '.github/workflows/deploy-to-staging.yml' + +concurrency: + # Ensures that only one workflow task will run at a time. Previous builds, if + # already in process, will get cancelled. Only the latest commit will be allowed + # to run, cancelling any workflows in between + group: ${{ github.workflow }}-${{ github.job }}-${{ github.head_ref || github.run_id }} + cancel-in-progress: true + +jobs: + build: + uses: ./.github/workflows/build-docker-image.yml + with: + environment: staging + dockerfile_path: ./Dockerfile + dockerfile_target: release + app_name: ${{ vars.APP_NAME }} + registry: ${{ vars.GCP_REGISTRY}} + secrets: inherit + + deploy: + needs: ['build'] + uses: ./.github/workflows/cloudrun-deploy.yml + with: + environment: staging + project: ${{ vars.GCP_PROJECT }} + region: us-east1 + image: ${{ vars.GCP_IMAGE}}@${{ needs.build.outputs.image_digest }} + secrets: inherit \ No newline at end of file diff --git a/.github/workflows/development.yml b/.github/workflows/development.yml deleted file mode 100644 index 4afb84b..0000000 --- a/.github/workflows/development.yml +++ /dev/null @@ -1,155 +0,0 @@ -name: Development Deployment - -on: - pull_request: - branches: - - main - paths: - - "**.js*" - - "**.ts*" - - "package*.json" - - "Dockerfile" - - ".github/workflows/development.yml" - types: - - opened - - reopened - - synchronize - - labeled - -env: - PROJECT_NAME: territorial-division - GAR_BASE: us-docker.pkg.dev/${{ secrets.GCP_PROJECT }} - SKIP_PREFLIGHT_CHECK: true - DISABLE_ESLINT_PLUGIN: true - NODE_ENV: development - -jobs: - versioning: - runs-on: ubuntu-latest - outputs: - version: ${{ steps.set.outputs.version }} - steps: - - name: Setting API Version - id: set - run: echo "::set-output name=version::${{ env.NODE_ENV }}" - - test: - runs-on: ubuntu-latest - strategy: - matrix: - node: ["14"] - steps: - - name: Cheking out the code - uses: actions/checkout@v2 - - - name: Use Node.js ${{ matrix.node }} - uses: actions/setup-node@v2 - with: - node-version: ${{ matrix.node }} - - - name: Installing dependencies - run: yarn install --frozen-lockfile - - - name: Running tests - run: yarn test - - build: - needs: [test, versioning] - runs-on: ubuntu-latest - if: github.event_name == 'pull_request' - steps: - - name: Cheking out the code - uses: actions/checkout@v2 - - - name: Inject slug/short variables - uses: rlespinasse/github-slug-action@v3.x - - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v1 - with: - driver-opts: network=host - - - name: Cache Docker layers - uses: actions/cache@v2 - with: - path: | - /tmp/.buildx-cache - key: ${{ runner.os }}-buildx-${{ env.GITHUB_HEAD_REF_SLUG || env.GITHUB_REF_SLUG }}-${{ env.GITHUB_SHA_SHORT }} - - - name: Login to GAR - uses: docker/login-action@v1 - with: - registry: ${{ env.GAR_BASE}} - username: _json_key - password: ${{ secrets.GAR_JSON_KEY }} - - - name: Build and push - id: docker_build - uses: docker/build-push-action@v2 - with: - target: release - tags: ${{ env.GAR_BASE }}/${{ env.PROJECT_NAME }}/${{ env.GITHUB_REPOSITORY_NAME_PART_SLUG }}:${{ env.GITHUB_HEAD_REF_SLUG || env.GITHUB_REF_SLUG }} - build-args: | - NODE_ENV=${{ env.NODE_ENV }} - SKIP_PREFLIGHT_CHECK=${{ env.SKIP_PREFLIGHT_CHECK }} - DISABLE_ESLINT_PLUGIN=${{ env.DISABLE_ESLINT_PLUGIN }} - push: true - context: . - cache-from: type=registry,ref=${{ env.GAR_BASE }}/${{ env.GITHUB_REPOSITORY_NAME_PART_SLUG }}:${{ env.GITHUB_HEAD_REF_SLUG || env.GITHUB_REF_SLUG }} - cache-to: type=inline - - - name: Image digest - run: echo ${{ steps.docker_build.outputs.digest }} - - deploy: - needs: [build, versioning] - runs-on: ubuntu-latest - if: github.event_name == 'pull_request' - steps: - - name: Inject slug/short variables - uses: rlespinasse/github-slug-action@v3.x - - - name: Deploy to Cloud Run - id: deploy - uses: google-github-actions/deploy-cloudrun@v0.9.0 - with: - image: ${{ env.GAR_BASE }}/${{ env.PROJECT_NAME }}/${{ env.GITHUB_REPOSITORY_NAME_PART_SLUG }}:${{ env.GITHUB_HEAD_REF_SLUG || env.GITHUB_REF_SLUG }} - service: ${{ env.GITHUB_REPOSITORY_NAME_PART_SLUG }}-${{ needs.versioning.outputs.version }} - credentials: ${{ secrets.GAR_JSON_KEY }} - region: ${{ secrets.GCP_REGION }} - flags: | - --vpc-connector=projects/${{ secrets.GCP_PROJECT }}/locations/${{ secrets.GCP_REGION }}/connectors/${{ secrets.GCP_REGION }} - env_vars: | - NODE_ENV=${{ env.NODE_ENV }} - DB_HOST=${{ secrets.DB_HOST }} - DB_PORT=${{ secrets.DB_PORT }} - DB_USER=${{ secrets.DB_USER }} - DB_PASSWORD=${{ secrets.DB_PASSWORD }} - DB_NAME=${{ secrets.DB_NAME }} - API_VERSION=${{ needs.versioning.outputs.version }} - - - name: Set up Cloud SDK - uses: google-github-actions/setup-gcloud@v0.6.0 - with: - project_id: ${{ secrets.GCP_PROJECT }} - service_account_key: ${{ secrets.GAR_JSON_KEY }} - export_default_credentials: true - - - name: Allow unauthenticated calls to the service - run: | - gcloud run services add-iam-policy-binding ${{ env.GITHUB_REPOSITORY_NAME_PART_SLUG }}-${{ needs.versioning.outputs.version }} \ - --region=${{ secrets.GCP_REGION }} --member=allUsers --role=roles/run.invoker --quiet - - - name: Testing CR service - id: test - run: curl "${{ steps.deploy.outputs.url }}" - - - name: Comment PR with DEV URL - if: ${{ success() }} - uses: peter-evans/create-or-update-comment@v1 - with: - issue-number: ${{ github.event.pull_request.number }} - body: | - **DEV URL:** - ${{ steps.deploy.outputs.url }} - reactions: heart diff --git a/.github/workflows/production.yml b/.github/workflows/production.yml deleted file mode 100644 index 0ed7ffb..0000000 --- a/.github/workflows/production.yml +++ /dev/null @@ -1,101 +0,0 @@ -name: Production Deployment - -on: - release: - types: - - published - -env: - PROJECT_NAME: territorial-division - GAR_BASE: us-docker.pkg.dev/${{ secrets.GCP_PROJECT }} - NODE_ENV: production - -jobs: - versioning: - runs-on: ubuntu-latest - outputs: - version: ${{ steps.set.outputs.version }} - steps: - - name: Getting API Version - id: get - uses: actions/github-script@v4 - with: - result-encoding: string - script: | - return context.payload.release.tag_name.substring(0,2) - - - name: Setting API Version - id: set - run: echo "::set-output name=version::${{ steps.get.outputs.result }}" - - build: - needs: [versioning] - runs-on: ubuntu-latest - steps: - - name: Inject slug/short variables - uses: rlespinasse/github-slug-action@v3.x - - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v1 - with: - driver-opts: network=host - - - name: Cache Docker layers - uses: actions/cache@v2 - with: - path: | - /tmp/.buildx-cache - key: ${{ runner.os }}-buildx-${{ env.GITHUB_HEAD_REF_SLUG || env.GITHUB_REF_SLUG }}-${{ env.GITHUB_SHA_SHORT }} - - - name: Login to GAR - uses: docker/login-action@v1 - with: - registry: ${{ env.GAR_BASE}} - username: _json_key - password: ${{ secrets.GAR_JSON_KEY }} - - - name: Build and push - id: docker_build - uses: docker/build-push-action@v2 - with: - target: release - tags: ${{ env.GAR_BASE }}/${{ env.PROJECT_NAME }}/${{ env.GITHUB_REPOSITORY_NAME_PART_SLUG }}:${{ env.GITHUB_HEAD_REF_SLUG || env.GITHUB_REF_SLUG }} - build-args: | - NODE_ENV=${{ env.NODE_ENV }} - SKIP_PREFLIGHT_CHECK=true - DISABLE_ESLINT_PLUGIN=false - push: true - cache-from: type=registry,ref=${{ env.GAR_BASE }}/${{ env.GITHUB_REPOSITORY_NAME_PART_SLUG }}:${{ env.GITHUB_HEAD_REF_SLUG || env.GITHUB_REF_SLUG }} - cache-to: type=inline - - - name: Image digest - run: echo ${{ steps.docker_build.outputs.digest }} - - deploy: - needs: [build, versioning] - runs-on: ubuntu-latest - steps: - - name: Inject slug/short variables - uses: rlespinasse/github-slug-action@v3.x - - - name: Deploy to Cloud Run - id: deploy - uses: google-github-actions/deploy-cloudrun@v0.9.0 - with: - image: ${{ env.GAR_BASE }}/${{ env.PROJECT_NAME }}/${{ env.GITHUB_REPOSITORY_NAME_PART_SLUG }}:${{ env.GITHUB_HEAD_REF_SLUG || env.GITHUB_REF_SLUG }} - service: ${{ env.GITHUB_REPOSITORY_NAME_PART_SLUG }}-${{ needs.versioning.outputs.version }} - credentials: ${{ secrets.GAR_JSON_KEY }} - region: ${{ secrets.GCP_REGION }} - flags: | - --vpc-connector=projects/${{ secrets.GCP_PROJECT }}/locations/${{ secrets.GCP_REGION }}/connectors/${{ secrets.GCP_REGION }} - env_vars: | - NODE_ENV=${{ env.NODE_ENV }} - DB_HOST=${{ secrets.DB_HOST }} - DB_PORT=${{ secrets.DB_PORT }} - DB_USER=${{ secrets.DB_USER }} - DB_PASSWORD=${{ secrets.DB_PASSWORD }} - DB_NAME=${{ secrets.DB_NAME }} - API_VERSION=${{ needs.versioning.outputs.version }} - - - name: Testing CR service - run: curl "${{ steps.deploy.outputs.url }}" diff --git a/.github/workflows/staging.yml b/.github/workflows/staging.yml deleted file mode 100644 index 31d4bd9..0000000 --- a/.github/workflows/staging.yml +++ /dev/null @@ -1,134 +0,0 @@ -name: Staging Deployment - -on: - push: - branches: - - main - paths: - - "**.js*" - - "**.ts*" - - "package*.json" - - "Dockerfile" - - ".github/workflows/staging.yml" - -env: - PROJECT_NAME: territorial-division - GAR_BASE: us-docker.pkg.dev/${{ secrets.GCP_PROJECT }} - SKIP_PREFLIGHT_CHECK: true - DISABLE_ESLINT_PLUGIN: true - NODE_ENV: staging - -jobs: - versioning: - runs-on: ubuntu-latest - outputs: - version: ${{ steps.set.outputs.version }} - steps: - - name: Setting API Version - id: set - run: echo "::set-output name=version::${{ env.NODE_ENV }}" - - test: - runs-on: ubuntu-latest - strategy: - matrix: - node: ["14"] - steps: - - name: Cheking out the code - uses: actions/checkout@v2 - - - name: Use Node.js ${{ matrix.node }} - uses: actions/setup-node@v2 - with: - node-version: ${{ matrix.node }} - - - name: Installing dependencies - run: yarn install --frozen-lockfile - - - name: Running tests - run: yarn test - - build: - needs: [test, versioning] - runs-on: ubuntu-latest - steps: - - name: Inject slug/short variables - uses: rlespinasse/github-slug-action@v3.x - - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v1 - with: - driver-opts: network=host - - - name: Cache Docker layers - uses: actions/cache@v2 - with: - path: | - /tmp/.buildx-cache - key: ${{ runner.os }}-buildx-${{ env.GITHUB_HEAD_REF_SLUG || env.GITHUB_REF_SLUG }}-${{ env.GITHUB_SHA_SHORT }} - - - name: Login to GAR - uses: docker/login-action@v1 - with: - registry: ${{ env.GAR_BASE }} - username: _json_key - password: ${{ secrets.GAR_JSON_KEY }} - - - name: Build and push - id: docker_build - uses: docker/build-push-action@v2 - with: - target: release - tags: ${{ env.GAR_BASE }}/${{ env.PROJECT_NAME }}/${{ env.GITHUB_REPOSITORY_NAME_PART_SLUG }}:${{ env.GITHUB_HEAD_REF_SLUG || env.GITHUB_REF_SLUG }} - build-args: | - NODE_ENV=${{ env.NODE_ENV }} - SKIP_PREFLIGHT_CHECK=${{ env.SKIP_PREFLIGHT_CHECK }} - DISABLE_ESLINT_PLUGIN=${{ env.DISABLE_ESLINT_PLUGIN }} - push: true - cache-from: type=registry,ref=${{ env.GAR_BASE }}/${{ env.GITHUB_REPOSITORY_NAME_PART_SLUG }}:${{ env.GITHUB_HEAD_REF_SLUG || env.GITHUB_REF_SLUG }} - cache-to: type=inline - - - name: Image digest - run: echo ${{ steps.docker_build.outputs.digest }} - - deploy: - needs: [build, versioning] - runs-on: ubuntu-latest - steps: - - name: Inject slug/short variables - uses: rlespinasse/github-slug-action@v3.x - - - name: Deploy to Cloud Run - id: deploy - uses: google-github-actions/deploy-cloudrun@v0.9.0 - with: - image: ${{ env.GAR_BASE}}/${{env.PROJECT_NAME}}/${{ env.GITHUB_REPOSITORY_NAME_PART_SLUG }}:${{ env.GITHUB_HEAD_REF_SLUG || env.GITHUB_REF_SLUG }} - service: ${{ env.GITHUB_REPOSITORY_NAME_PART_SLUG }}-${{ needs.versioning.outputs.version }} - credentials: ${{ secrets.GAR_JSON_KEY }} - region: ${{ secrets.GCP_REGION }} - flags: | - --vpc-connector=projects/${{ secrets.GCP_PROJECT }}/locations/${{ secrets.GCP_REGION }}/connectors/${{ secrets.GCP_REGION }} - env_vars: | - NODE_ENV=${{ env.NODE_ENV }} - DB_HOST=${{ secrets.DB_HOST }} - DB_PORT=${{ secrets.DB_PORT }} - DB_USER=${{ secrets.DB_USER }} - DB_PASSWORD=${{ secrets.DB_PASSWORD }} - DB_NAME=${{ secrets.DB_NAME }} - API_VERSION=${{ needs.versioning.outputs.version }} - - - name: Set up Cloud SDK - uses: google-github-actions/setup-gcloud@v0.6.0 - with: - project_id: ${{ secrets.GCP_PROJECT }} - service_account_key: ${{ secrets.GAR_JSON_KEY }} - export_default_credentials: true - - - name: Allow unauthenticated calls to the service - run: | - gcloud run services add-iam-policy-binding ${{ env.GITHUB_REPOSITORY_NAME_PART_SLUG }}-${{ needs.versioning.outputs.version }} \ - --region=${{ secrets.GCP_REGION }} --member=allUsers --role=roles/run.invoker - - - name: Testing CR service - id: test - run: curl "${{ steps.deploy.outputs.url }}" From fea486c5b6d55c6090977407486de843fc799572 Mon Sep 17 00:00:00 2001 From: Genesis Alvarez Date: Wed, 23 Oct 2024 21:42:57 -0400 Subject: [PATCH 3/3] Fix: Invalid input, environment is not defined in the referenced workflow. --- .github/workflows/build-docker-image.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/workflows/build-docker-image.yml b/.github/workflows/build-docker-image.yml index 4510bdb..172bde6 100644 --- a/.github/workflows/build-docker-image.yml +++ b/.github/workflows/build-docker-image.yml @@ -15,6 +15,9 @@ on: registry: required: true type: string + environment: + required: false + type: string outputs: image_digest: description: "The image digest to be used on a caller workflow"