[Prod] Build 133 of branch main by @kesara #133
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Build and Release | |
run-name: ${{ github.event.inputs.publish == 'true' && '[Prod]' || '[Dev]' }} Build ${{ github.run_number }} of branch ${{ github.ref_name }} by @${{ github.actor }} | |
on: | |
workflow_dispatch: | |
inputs: | |
publish: | |
description: 'Create Production Release' | |
default: false | |
required: true | |
type: boolean | |
sandbox: | |
description: 'Deploy to Sandbox' | |
default: true | |
required: true | |
type: boolean | |
deploy: | |
description: 'Deploy to K8S' | |
default: 'Skip' | |
required: true | |
type: choice | |
options: | |
- Skip | |
- Staging Only | |
- Staging + Prod | |
deployApp: | |
description: 'App to Deploy' | |
default: 'ietfwww' | |
required: true | |
type: choice | |
options: | |
- iabwww | |
- ietfwww | |
jobs: | |
# ----------------------------------------------------------------- | |
# BUILD / RELEASE | |
# ----------------------------------------------------------------- | |
build: | |
name: Build | |
runs-on: ubuntu-latest | |
outputs: | |
pkg_version: ${{ steps.buildvars.outputs.pkg_version }} | |
steps: | |
- uses: actions/checkout@v3 | |
with: | |
fetch-depth: 0 | |
- name: Get Next Version | |
if: ${{ github.event.inputs.publish == 'true' }} | |
id: semver | |
uses: ietf-tools/semver-action@v1 | |
with: | |
token: ${{ github.token }} | |
branch: main | |
patchList: fix, bugfix, perf, refactor, test, tests, chore, ci, build | |
skipInvalidTags: true | |
- name: Create Draft Release | |
uses: ncipollo/release-action@v1.12.0 | |
if: ${{ github.event.inputs.publish == 'true' }} | |
with: | |
prerelease: true | |
draft: false | |
commit: ${{ github.sha }} | |
tag: ${{ steps.semver.outputs.nextStrict }} | |
name: ${{ steps.semver.outputs.nextStrict }} | |
body: '*pending*' | |
token: ${{ secrets.GITHUB_TOKEN }} | |
- name: Set Build Variables | |
id: buildvars | |
run: | | |
if [[ $nextStrict ]]; then | |
echo "Using AUTO SEMVER mode: $nextStrict" | |
echo "pkg_version=$nextStrict" >> $GITHUB_OUTPUT | |
echo "image_tags=ghcr.io/${{ github.repository }}:$nextStrict,ghcr.io/${{ github.repository }}:latest" >> $GITHUB_OUTPUT | |
echo "::notice::Release $nextStrict created using branch $GITHUB_REF_NAME" | |
else | |
PKG_VERSION=v1.0.0-dev.$GITHUB_RUN_NUMBER | |
echo "Using TEST mode: $PKG_VERSION" | |
echo "pkg_version=$PKG_VERSION" >> $GITHUB_OUTPUT | |
echo "image_tags=ghcr.io/${{ github.repository }}:$PKG_VERSION" >> $GITHUB_OUTPUT | |
echo "::notice::Non-production build $PKG_VERSION created using branch $GITHUB_REF_NAME" | |
fi | |
- name: Set up QEMU | |
uses: docker/setup-qemu-action@v2 | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@v2 | |
- name: Login to GitHub Container Registry | |
uses: docker/login-action@v2 | |
with: | |
registry: ghcr.io | |
username: ${{ github.actor }} | |
password: ${{ secrets.GITHUB_TOKEN }} | |
- name: Docker Build & Push | |
uses: docker/build-push-action@v3 | |
with: | |
context: . | |
file: docker/Dockerfile | |
target: app-sandbox | |
platforms: linux/amd64,linux/arm64 | |
push: true | |
tags: ${{ steps.buildvars.outputs.image_tags }} | |
- name: Update CHANGELOG | |
id: changelog | |
uses: Requarks/changelog-action@v1 | |
if: ${{ github.event.inputs.publish == 'true' }} | |
with: | |
token: ${{ github.token }} | |
fromTag: ${{ steps.semver.outputs.nextStrict }} | |
toTag: ${{ steps.semver.outputs.current }} | |
writeToFile: false | |
- name: Create Release | |
uses: ncipollo/release-action@v1.12.0 | |
if: ${{ github.event.inputs.publish == 'true' }} | |
with: | |
makeLatest: true | |
allowUpdates: true | |
draft: false | |
tag: ${{ steps.semver.outputs.nextStrict }} | |
name: ${{ steps.semver.outputs.nextStrict }} | |
body: ${{ steps.changelog.outputs.changes }} | |
token: ${{ secrets.GITHUB_TOKEN }} | |
- name: Notify on Slack | |
if: ${{ always() }} | |
uses: slackapi/slack-github-action@v1.23.0 | |
with: | |
channel-id: ${{ secrets.SLACK_GH_BUILDS_CHANNEL_ID }} | |
payload: | | |
{ | |
"text": "www - Build <https://github.com/ietf-tools/www/actions/runs/${{ github.run_id }}|${{ steps.buildvars.outputs.pkg_version }}> by ${{ github.triggering_actor }} completed" | |
} | |
env: | |
SLACK_BOT_TOKEN: ${{ secrets.SLACK_GH_BOT }} | |
# ----------------------------------------------------------------- | |
# SANDBOX | |
# ----------------------------------------------------------------- | |
sandbox: | |
name: Deploy to Sandbox | |
if: ${{ github.event.inputs.sandbox == 'true' && github.event.inputs.publish == 'false' }} | |
needs: [build] | |
runs-on: [self-hosted, dev-server] | |
env: | |
PKG_VERSION: ${{needs.build.outputs.pkg_version}} | |
steps: | |
- name: Clear workspace folder from previous runs | |
# Fix because of bug in Checkout action: | |
# https://github.com/actions/checkout/issues/677 | |
run: | | |
rm -rf $GITHUB_WORKSPACE/.git | |
- uses: actions/checkout@v3 | |
- name: Download latest DB / media dump | |
env: | |
DEBIAN_FRONTEND: noninteractive | |
AWS_ACCESS_KEY_ID: ${{ secrets.DO_SPACES_DEV_KEY_ID }} | |
AWS_SECRET_ACCESS_KEY: ${{ secrets.DO_SPACES_DEV_ACCESS_KEY }} | |
run: | | |
aws s3 cp --quiet --endpoint-url=${{ secrets.DO_SPACES_DEV_ENDPOINT }} s3://wagtail/ietfwww.dump ./docker/database/ietfwww.dump | |
aws s3 cp --quiet --endpoint-url=${{ secrets.DO_SPACES_DEV_ENDPOINT }} s3://wagtail/media.tgz media.tgz | |
- name: Deploy to containers | |
env: | |
DEBIAN_FRONTEND: noninteractive | |
run: | | |
echo "Install Deploy to Container CLI dependencies..." | |
cd dev/deploy-to-container | |
npm ci | |
cd ../.. | |
echo "Start Deploy..." | |
node ./dev/deploy-to-container/cli.js --branch ${{ github.ref_name }} --domain dev.ietf.org --appversion ${{ env.PKG_VERSION }} --commit ${{ github.sha }} --ghrunid ${{ github.run_id }} | |
- name: Cleanup old docker resources | |
env: | |
DEBIAN_FRONTEND: noninteractive | |
run: | | |
docker image prune -a -f | |
# ----------------------------------------------------------------- | |
# STAGING | |
# ----------------------------------------------------------------- | |
staging: | |
name: Deploy to Staging | |
if: ${{ !failure() && !cancelled() && (github.event.inputs.deploy != 'Skip') }} | |
needs: [build] | |
runs-on: ubuntu-latest | |
environment: | |
name: staging | |
env: | |
PKG_VERSION: ${{needs.prepare.outputs.pkg_version}} | |
steps: | |
- name: Deploy to staging | |
uses: the-actions-org/workflow-dispatch@v4 | |
with: | |
workflow: deploy.yml | |
repo: ietf-tools/infra-k8s | |
ref: main | |
token: ${{ secrets.GH_INFRA_K8S_TOKEN }} | |
inputs: '{ "environment":"${{ secrets.GHA_K8S_CLUSTER }}", "app":"${{ github.event.inputs.deployApp }}", "appVersion":"${{ env.PKG_VERSION }}", "remoteRef":"${{ github.sha }}" }' | |
wait-for-completion: true | |
wait-for-completion-timeout: 10m | |
display-workflow-run-url: false | |
# ----------------------------------------------------------------- | |
# PROD | |
# ----------------------------------------------------------------- | |
prod: | |
name: Deploy to Production | |
if: ${{ !failure() && !cancelled() && github.event.inputs.deploy == 'Staging + Prod' }} | |
needs: [staging] | |
runs-on: ubuntu-latest | |
environment: | |
name: production | |
env: | |
PKG_VERSION: ${{needs.publish.outputs.pkg_version}} | |
steps: | |
- name: Deploy to production | |
uses: the-actions-org/workflow-dispatch@v4 | |
with: | |
workflow: deploy.yml | |
repo: ietf-tools/infra-k8s | |
ref: main | |
token: ${{ secrets.GH_INFRA_K8S_TOKEN }} | |
inputs: '{ "environment":"${{ secrets.GHA_K8S_CLUSTER }}", "app":"${{ github.event.inputs.deployApp }}", "appVersion":"${{ env.PKG_VERSION }}", "remoteRef":"${{ github.sha }}" }' | |
wait-for-completion: true | |
wait-for-completion-timeout: 10m | |
display-workflow-run-url: false |