Build and Release #48
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build and Release | |
| on: | |
| push: | |
| tags: | |
| - '*' | |
| workflow_dispatch: | |
| inputs: | |
| publish: | |
| description: 'Create Production Release' | |
| required: true | |
| type: boolean | |
| deploy: | |
| description: 'Deploy to K8S' | |
| default: 'Skip' | |
| required: true | |
| type: choice | |
| options: | |
| - Skip | |
| - Staging Only | |
| - Staging + Prod | |
| jobs: | |
| publish: | |
| name: Publish | |
| runs-on: ubuntu-latest | |
| outputs: | |
| pkg_version: ${{ steps.buildvars.outputs.pkg_version }} | |
| steps: | |
| - uses: actions/checkout@v3 | |
| with: | |
| fetch-depth: 0 | |
| - name: Get Next Version | |
| if: ${{ github.event.inputs.publish == 'true' }} | |
| id: semver | |
| uses: ietf-tools/semver-action@v1 | |
| with: | |
| token: ${{ github.token }} | |
| branch: main | |
| - name: Set Next Version Env Var | |
| if: ${{ github.event.inputs.publish == 'true' }} | |
| run: | | |
| echo "NEXT_VERSION=$nextStrict" >> $GITHUB_ENV | |
| - name: Create Draft Release | |
| uses: ncipollo/release-action@v1 | |
| if: ${{ github.event.inputs.publish == 'true' }} | |
| with: | |
| prerelease: true | |
| draft: false | |
| commit: ${{ github.sha }} | |
| tag: ${{ env.NEXT_VERSION }} | |
| name: v${{ env.NEXT_VERSION }} | |
| body: '*pending*' | |
| token: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Set Build Variables | |
| id: buildvars | |
| run: | | |
| if [[ $NEXT_VERSION ]]; then | |
| echo "Using AUTO SEMVER mode: $NEXT_VERSION" | |
| echo "SHOULD_DEPLOY=true" >> $GITHUB_ENV | |
| echo "PKG_VERSION=$NEXT_VERSION" >> $GITHUB_ENV | |
| echo "pkg_version=$NEXT_VERSION" >> $GITHUB_OUTPUT | |
| echo "::notice::Release created using branch $GITHUB_REF_NAME" | |
| elif [[ "$GITHUB_REF" =~ ^refs/tags/* ]]; then | |
| echo "Using TAG mode: $GITHUB_REF_NAME" | |
| echo "SHOULD_DEPLOY=true" >> $GITHUB_ENV | |
| echo "PKG_VERSION=$GITHUB_REF_NAME" >> $GITHUB_ENV | |
| echo "pkg_version=$GITHUB_REF_NAME" >> $GITHUB_OUTPUT | |
| echo "::notice::Release created using tag $GITHUB_REF_NAME" | |
| else | |
| echo "Using TEST mode: v2.0.0-dev.$GITHUB_RUN_NUMBER" | |
| echo "SHOULD_DEPLOY=false" >> $GITHUB_ENV | |
| echo "PKG_VERSION=2.0.0-dev.$GITHUB_RUN_NUMBER" >> $GITHUB_ENV | |
| echo "pkg_version=2.0.0-dev.$GITHUB_RUN_NUMBER" >> $GITHUB_OUTPUT | |
| echo "::notice::Non-production build created using branch $GITHUB_REF_NAME" | |
| fi | |
| - name: Setup Node.js | |
| uses: actions/[email protected] | |
| with: | |
| node-version: 16.x | |
| - name: Setup Python | |
| uses: actions/setup-python@v2 | |
| with: | |
| python-version: '3.x' | |
| - name: Make Release Build | |
| env: | |
| DEBIAN_FRONTEND: noninteractive | |
| run: | | |
| echo "Building assets..." | |
| cd frontend | |
| npm ci | |
| npm run build | |
| cd .. | |
| echo "Setting version" | |
| echo "PKG_VERSION: $PKG_VERSION" | |
| echo "GITHUB_SHA: $GITHUB_SHA" | |
| echo "GITHUB_REF_NAME: $GITHUB_REF_NAME" | |
| sed -i -r -e "s|^__version__ += '.*'$|__version__ = '$PKG_VERSION'|" backend/mlarchive/__init__.py | |
| sed -i -r -e "s|^__release_hash__ += '.*'$|__release_hash__ = '$GITHUB_SHA'|" backend/mlarchive/__init__.py | |
| sed -i -r -e "s|^__release_branch__ += '.*'$|__release_branch__ = '$GITHUB_REF_NAME'|" backend/mlarchive/__init__.py | |
| echo "Build release tarball..." | |
| mkdir -p /home/runner/work/release | |
| tar -czf /home/runner/work/release/release.tar.gz -X dev/deploy/exclude-patterns.txt . | |
| - name: Collect + Push Statics | |
| env: | |
| DEBIAN_FRONTEND: noninteractive | |
| AWS_ACCESS_KEY_ID: ${{ secrets.CF_R2_STATIC_KEY_ID }} | |
| AWS_SECRET_ACCESS_KEY: ${{ secrets.CF_R2_STATIC_KEY_SECRET }} | |
| AWS_DEFAULT_REGION: auto | |
| AWS_ENDPOINT_URL: ${{ secrets.CF_R2_ENDPOINT }} | |
| run: | | |
| echo "Collecting statics..." | |
| docker run --rm --name collectstatics -v $(pwd):/workspace ghcr.io/ietf-tools/mailarchive-app-base:latest sh build/app/collectstatics.sh | |
| echo "Pushing statics..." | |
| cd static | |
| aws s3 sync . s3://static/mailarchive/$PKG_VERSION --only-show-errors | |
| - name: Augment dockerignore for docker image build | |
| env: | |
| DEBIAN_FRONTEND: noninteractive | |
| run: | | |
| cat >> .dockerignore <<EOL | |
| .devcontainer | |
| .github | |
| .vscode | |
| helm | |
| charts | |
| playwright | |
| svn-history | |
| docker-compose.yml | |
| EOL | |
| - name: Set up QEMU | |
| uses: docker/setup-qemu-action@v3 | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Login to GitHub Container Registry | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Build Release Docker Image | |
| uses: docker/build-push-action@v5 | |
| with: | |
| context: . | |
| file: build/app/Dockerfile | |
| platforms: linux/amd64,linux/arm64 | |
| push: true | |
| tags: ghcr.io/ietf-tools/mailarchive:${{ env.PKG_VERSION }} | |
| - name: Update CHANGELOG | |
| id: changelog | |
| uses: Requarks/changelog-action@v1 | |
| if: env.SHOULD_DEPLOY == 'true' | |
| with: | |
| token: ${{ github.token }} | |
| tag: ${{ env.PKG_VERSION }} | |
| writeToFile: false | |
| - name: Create Release | |
| uses: ncipollo/release-action@v1 | |
| if: env.SHOULD_DEPLOY == 'true' | |
| with: | |
| allowUpdates: true | |
| draft: false | |
| tag: ${{ env.PKG_VERSION }} | |
| name: v${{ env.PKG_VERSION }} | |
| body: ${{ steps.changelog.outputs.changes }} | |
| artifacts: "/home/runner/work/release/release.tar.gz" | |
| token: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Upload Build Artifacts | |
| uses: actions/[email protected] | |
| if: env.SHOULD_DEPLOY == 'false' | |
| with: | |
| name: release | |
| path: /home/runner/work/release/release.tar.gz | |
| # ----------------------------------------------------------------- | |
| # STAGING | |
| # ----------------------------------------------------------------- | |
| staging: | |
| name: Deploy to Staging | |
| if: ${{ !failure() && !cancelled() && (github.event.inputs.deploy == 'Staging Only' || github.event.inputs.deploy == 'Staging + Prod') }} | |
| needs: [publish] | |
| runs-on: ubuntu-latest | |
| environment: | |
| name: staging | |
| env: | |
| PKG_VERSION: ${{needs.prepare.outputs.pkg_version}} | |
| steps: | |
| - name: Deploy to staging | |
| uses: the-actions-org/workflow-dispatch@v4 | |
| with: | |
| workflow: deploy.yml | |
| repo: ietf-tools/infra-k8s | |
| ref: main | |
| token: ${{ secrets.GH_INFRA_K8S_TOKEN }} | |
| inputs: '{ "environment":"${{ secrets.GHA_K8S_CLUSTER }}", "app":"mailarchive", "appVersion":"${{ env.PKG_VERSION }}", "remoteRef":"${{ github.sha }}" }' | |
| wait-for-completion: true | |
| wait-for-completion-timeout: 10m | |
| display-workflow-run-url: false | |
| # ----------------------------------------------------------------- | |
| # PROD | |
| # ----------------------------------------------------------------- | |
| prod: | |
| name: Deploy to Production | |
| if: ${{ !failure() && !cancelled() && github.event.inputs.deploy == 'Staging + Prod' }} | |
| needs: [staging] | |
| runs-on: ubuntu-latest | |
| environment: | |
| name: production | |
| env: | |
| PKG_VERSION: ${{needs.publish.outputs.pkg_version}} | |
| steps: | |
| - name: Deploy to production | |
| uses: the-actions-org/workflow-dispatch@v4 | |
| with: | |
| workflow: deploy.yml | |
| repo: ietf-tools/infra-k8s | |
| ref: main | |
| token: ${{ secrets.GH_INFRA_K8S_TOKEN }} | |
| inputs: '{ "environment":"${{ secrets.GHA_K8S_CLUSTER }}", "app":"mailarchive", "appVersion":"${{ env.PKG_VERSION }}", "remoteRef":"${{ github.sha }}" }' | |
| wait-for-completion: true | |
| wait-for-completion-timeout: 10m | |
| display-workflow-run-url: false |