-
Notifications
You must be signed in to change notification settings - Fork 18
156 lines (147 loc) · 5.79 KB
/
centrifuge-app.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
name: Centrifuge App
on:
pull_request:
paths:
- 'centrifuge-app/**'
- 'centrifuge-js/**'
- 'centrifuge-react/**'
- '.github/workflows/centrifuge-app.yml'
- '.github/actions/deploy-gcs'
workflow_call:
inputs:
deploy_env:
type: string
required: false
# Fancy concurrency group string to allow for multi-staging deployments
concurrency:
group: 'centrifuge-app-${{ inputs.deploy_env || github.event.inputs.deploy_env }}@${{ github.event.name }}${{ github.event.pull_request.head.label || github.head_ref || github.ref }}'
cancel-in-progress: true
env:
artifact_name: "webpack${{ inputs.deploy_env && format('-{0}', inputs.deploy_env) }}"
jobs:
build-app:
runs-on: ubuntu-latest
defaults:
run:
working-directory: centrifuge-app
steps:
- name: Checkout
uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
- name: prepare env logic
id: prepare
uses: ./.github/actions/prepare-deploy
with:
app_base_name: app
deploy_to: ${{ inputs.deploy_env }}
- name: Setup Node
uses: actions/setup-node@64ed1c7eab4cce3362f8c340dee64e5eaeef8f7c #@v3.6.0
with:
node-version: '16'
cache: yarn
- name: set PR function values
if: github.event_name == 'pull_request'
shell: bash
env:
PINNING_URL: https:\/\/${{ vars.GCLOUD_REGION }}-${{ vars.GCP_DEV_PROJ }}.cloudfunctions.net\/pinning-api-pr${{ github.event.number }}
ONBOARDING_URL: https:\/\/${{ vars.GCLOUD_REGION }}-${{ vars.GCP_DEV_PROJ }}.cloudfunctions.net\/onboarding-api-pr${{ github.event.number }}
# Ex:
# sed -i .bak -e '/^REACT_APP_ONBOARDING_API_URL=/s/=.*/=https:\/\/europe-central2-peak-vista.cloudfunctions.net\/onboarding-api-pr1144/' $PWD/.env-config/.env.development
run: |
sed -i -e '/^REACT_APP_PINNING_API_URL=/s/=.*/=${{ env.PINNING_URL }}/' $PWD/.env-config/.env.${{ steps.prepare.outputs.env_name }}
sed -i -e '/^REACT_APP_ONBOARDING_API_URL=/s/=.*/=${{ env.ONBOARDING_URL }}/' $PWD/.env-config/.env.${{ steps.prepare.outputs.env_name }}
cat .env-config/.env.${{ steps.prepare.outputs.env_name }} | grep API
- name: Install Dependencies
# env:
# NODE_ENV: production
run: yarn install --immutable
- name: Lint
run: yarn lint
- name: Build centrifuge-app
working-directory: centrifuge-app
shell: bash
env:
# https://github.com/actions/runner-images/issues/70#issuecomment-1191708172
NODE_OPTIONS: '--max_old_space_size=4096'
run: |
yarn build:fabric
yarn build:centjs
yarn build:centReact
cat .env-config/.env.${{ steps.prepare.outputs.env_name }}
yarn build:app --mode ${{ steps.prepare.outputs.env_name }}
- uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce #@3.1.2
with:
name: ${{ env.artifact_name }}
path: ./centrifuge-app/build
if-no-files-found: error
- name: Archive staging artifacts
id: archive_staging
if: inputs.deploy_env == 'staging' && github.event_name == 'release'
uses: ./.github/actions/archive-release
with:
name: webpack
path: ./centrifuge-app/build
outputs:
front_url: ${{ steps.prepare.outputs.front_url }}
gh_env: ${{ steps.prepare.outputs.gh_env }}
deploy-app:
concurrency:
# Do not sync the same bucket in parallel
group: deploy-${{ needs.build-app.outputs.front_url }}-${{ github.event.name }}
cancel-in-progress: true
permissions:
contents: 'read'
id-token: 'write'
runs-on: ubuntu-latest
needs: build-app
environment: ${{ needs.build-app.outputs.gh_env }}
steps:
- name: Checkout
uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
with:
path: apps
- name: deploy to GCS
id: gcsdeploy
uses: ./apps/.github/actions/deploy-gcs
with:
artifact_name: ${{ env.artifact_name }}
bucket_url: ${{ needs.build-app.outputs.front_url }}
GWIP: ${{ secrets.GWIP }}
GSA: ${{ secrets.GSA }}
cors_config: ./apps/.github/actions/deploy-gcs/centrifuge-app-cors.json
outputs:
bucket_url: ${{ needs.build-app.outputs.front_url }}
gh_env: ${{ needs.build-app.outputs.gh_env }}
notify:
needs: deploy-app
permissions:
pull-requests: write
runs-on: ubuntu-latest
if: github.event_name == 'pull_request' || (inputs.deploy_env == 'ff-prod' && github.event_name == 'pull_request')
steps:
- name: PR comment with preview URL
id: prcomment
uses: thollander/actions-comment-pull-request@v2
env:
pull_sha: ${{ github.event.pull_request.head.sha }}
with:
comment_tag: pr_preview_url${{ inputs.deploy_env }}
mode: upsert
message: |
PR deployed in Google Cloud
URL: https://${{ needs.deploy-app.outputs.bucket_url }}
Commit #: ${{ env.pull_sha }}
To access the functions directly check the corresponding deploy Action
- name: Check notify outputs
run: |
echo "id : ${{ steps.prcomment.outputs.id }}"
echo "body : ${{ steps.prcomment.outputs.body }}"
echo "html_url : ${{ steps.prcomment.outputs.html_url }}"
# owasp_scan:
# needs: deploy-app
# runs-on: ubuntu-latest
# steps:
# - name: ZAP Scan
# uses: zaproxy/[email protected]
# with:
# target: https://${{ needs.deploy-app.outputs.bucket_url }}
# allow_issue_writing: false # Remove this to activate creating issues with the report