DSpot-ERP/.github/workflows/webapp-dependencies.yml at dev-dspot · DSpotDevelopers/DSpot-ERP · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
name: Generate WebApp dependencies image

on:
  workflow_call:
    inputs:
      ref:
        description: 'The branch, tag or SHA to checkout'
        required: false
        type: string
        default: ''
  workflow_dispatch:
    inputs:
      environment:
        description: 'Environment to deploy to'
        type: choice
        required: true
        default: 'staging'
        options:
          - staging
          - production
      force_rebuild:
        description: 'Force rebuild even if no changes detected'
        type: boolean
        required: false
        default: false

jobs:
  check-web-changes:
    name: Check for dependency changes
    runs-on: ubuntu-latest
    outputs:
      changes_detected: ${{ steps.check-web-changes.outputs.changes_detected }}
    steps:
      - name: Checkout Repository
        uses: actions/checkout@v3
        with:
          ref: ${{ inputs.ref || github.ref }}
          fetch-depth: 0

      - name: Check for changes in dependency files
        id: check-web-changes
        run: |
          # If force_rebuild is true, skip detection
          if [ "${{ inputs.force_rebuild || false }}" = "true" ]; then
            echo "changes_detected=true" >> $GITHUB_OUTPUT
            echo "Force rebuild requested - skipping change detection"
            exit 0
          fi

          # For manual triggers or workflow calls, check if files have changed
          if git rev-parse --verify HEAD^1 >/dev/null 2>&1; then
            # If we have a parent commit, compare with it
            CHANGED_FILES=$(git diff --name-only HEAD^1 HEAD)
          else
            # If this is the first commit or we're on a different branch
            # List all tracked files
            CHANGED_FILES=$(git ls-tree -r --name-only HEAD)
          fi

          # Define the pattern for dependency-related files
          DEPENDENCY_PATTERN="^package\.json$|^yarn\.lock$|^apps\/gauzy\/package\.json$"
          DEPENDENCY_PATTERN="$DEPENDENCY_PATTERN|^packages\/(contracts|ui-auth|ui-config|ui-core)\/.*package\.json$"
          # Detect changes in UI and contracts source code that affect compilation
          DEPENDENCY_PATTERN="$DEPENDENCY_PATTERN|^packages\/contracts\/src\/.*\.ts$"
          DEPENDENCY_PATTERN="$DEPENDENCY_PATTERN|^packages\/ui-auth\/src\/.*\.ts$"
          DEPENDENCY_PATTERN="$DEPENDENCY_PATTERN|^packages\/ui-config\/src\/.*\.ts$"
          DEPENDENCY_PATTERN="$DEPENDENCY_PATTERN|^packages\/ui-core\/src\/.*\.ts$"
          DEPENDENCY_PATTERN="$DEPENDENCY_PATTERN|^packages\/plugins\/[a-z\-]+(-ui)\/.*package\.json$"
          DEPENDENCY_PATTERN="$DEPENDENCY_PATTERN|^\.deploy\/dependencies\/webapp\/|^\.github\/workflows\/webapp-dependencies\.yml$"

          if echo "$CHANGED_FILES" | grep -q -E "$DEPENDENCY_PATTERN"; then
            echo "changes_detected=true" >> $GITHUB_OUTPUT
            echo "Dependency changes detected"
          else
            echo "changes_detected=false" >> $GITHUB_OUTPUT
            echo "No dependency changes detected"
          fi

  handle-no-changes:
    name: Handle no changes
    needs: check-web-changes
    if: needs.check-web-changes.outputs.changes_detected != 'true'
    runs-on: ubuntu-latest
    steps:
      - name: No changes required
        run: |
          echo "No dependency changes detected. No rebuild required."
          exit 0

  generate-dependencies:
    name: Generate dependencies image
    needs: check-web-changes
    if: needs.check-web-changes.outputs.changes_detected == 'true'
    runs-on: ubuntu-latest
    # Determine environment based on manual input or ref
    environment: ${{ inputs.environment || (startsWith(github.ref, 'refs/tags/v') && 'production' || 'staging') }}
    permissions:
      contents: read
      id-token: write
    # Environment variables are defined at the job level
    env:
      # These values come from the environment configuration in GitHub
      AWS_REGION: ${{ vars.AWS_REGION }}
      ECR_REGISTRY: ${{ vars.ECR_REGISTRY }}
      ECR_REPOSITORY_DEPENDENCIES: ${{ vars.ECR_REPOSITORY_DEPENDENCIES }}

    steps:
      - name: Checkout Repository
        uses: actions/checkout@v3
        with:
          ref: ${{ inputs.ref || github.ref }}

      - name: Configure AWS credentials
        uses: aws-actions/configure-aws-credentials@v1
        with:
          role-to-assume: ${{ secrets.AWS_ROLE_ARN }}
          aws-region: ${{ env.AWS_REGION }}

      - name: Login to Amazon ECR
        id: login-ecr
        uses: aws-actions/amazon-ecr-login@v1

      - name: Build dependency images
        run: |
          docker build \
            -t ${{ env.ECR_REGISTRY }}/${{ env.ECR_REPOSITORY_DEPENDENCIES }}:latest-webapp \
            -f .deploy/dependencies/webapp/Dockerfile \
            .

      - name: Push images to Amazon ECR
        run: |
          docker push ${{ env.ECR_REGISTRY }}/${{ env.ECR_REPOSITORY_DEPENDENCIES }} --all-tags