.github/workflows/upload-sourcemaps.yml #395
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Upload Source Maps | ||
|
Check failure on line 1 in .github/workflows/upload-sourcemaps.yml
|
||
| on: | ||
| push: | ||
| branches: [main, 'release/*'] | ||
| paths: | ||
| - 'packages/client/**' | ||
| - 'packages/admin/**' | ||
| - 'packages/shared/**' | ||
| release: | ||
| types: [published] | ||
| workflow_dispatch: | ||
| inputs: | ||
| app: | ||
| description: 'App to upload source maps for' | ||
| required: true | ||
| type: choice | ||
| options: | ||
| - both | ||
| - client | ||
| - admin | ||
| permissions: | ||
| contents: read | ||
| concurrency: | ||
| group: sourcemaps-${{ github.ref }} | ||
| cancel-in-progress: true | ||
| jobs: | ||
| upload-sourcemaps: | ||
| name: Upload ${{ matrix.title }} Source Maps | ||
| runs-on: ubuntu-latest | ||
| strategy: | ||
| fail-fast: false | ||
| matrix: | ||
| include: | ||
| - app: client | ||
| title: Client | ||
| build: build:client | ||
| dist: packages/client/dist | ||
| project: green-goods-client | ||
| env_id_secret: POSTHOG_CLIENT_ENV_ID | ||
| - app: admin | ||
| title: Admin | ||
| build: build:admin | ||
| dist: packages/admin/dist | ||
| project: green-goods-admin | ||
| env_id_secret: POSTHOG_ADMIN_ENV_ID | ||
| # Skip if workflow_dispatch selected a different app | ||
| if: | | ||
| github.event_name != 'workflow_dispatch' || | ||
| github.event.inputs.app == 'both' || | ||
| github.event.inputs.app == matrix.app | ||
| steps: | ||
| - name: Checkout | ||
| uses: actions/checkout@v4 | ||
| - name: Setup Bun | ||
| uses: oven-sh/setup-bun@v2 | ||
| with: | ||
| bun-version: latest | ||
| - name: Setup Node.js | ||
| uses: actions/setup-node@v4 | ||
| with: | ||
| node-version: '22' | ||
| - name: Restore Bun cache | ||
| uses: actions/cache@v4 | ||
| with: | ||
| path: ~/.bun/install/cache | ||
| key: ${{ runner.os }}-bun-${{ hashFiles('**/bun.lock') }} | ||
| restore-keys: ${{ runner.os }}-bun- | ||
| - name: Install dependencies | ||
| run: bun install --frozen-lockfile | ||
| - name: Determine environment | ||
| id: env | ||
| env: | ||
| GIT_REF: ${{ github.ref }} | ||
| APP_NAME: ${{ matrix.app }} | ||
| run: | | ||
| if [[ "$GIT_REF" == "refs/heads/main" ]]; then | ||
| echo "env=production" >> $GITHUB_OUTPUT | ||
| echo "chain_id=42161" >> $GITHUB_OUTPUT | ||
| else | ||
| echo "env=staging" >> $GITHUB_OUTPUT | ||
| echo "chain_id=11155111" >> $GITHUB_OUTPUT | ||
| fi | ||
| # Get version from package.json | ||
| VERSION=$(jq -r '.version' "packages/$APP_NAME/package.json") | ||
| echo "app_version=$VERSION" >> $GITHUB_OUTPUT | ||
| - name: Load env vars from Varlock + 1Password environment | ||
| env: | ||
| APP_ENV: ${{ steps.env.outputs.env }} | ||
| OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }} | ||
| OP_ENVIRONMENT: ${{ vars.OP_ENVIRONMENT }} | ||
| run: | | ||
| if [[ -z "$OP_ENVIRONMENT" ]]; then | ||
| echo "::error::Missing repository variable OP_ENVIRONMENT" | ||
| echo "Set OP_ENVIRONMENT to your 1Password environment ID/name." | ||
| exit 1 | ||
| fi | ||
| if [[ -z "$OP_SERVICE_ACCOUNT_TOKEN" ]]; then | ||
| echo "::error::Missing GitHub secret OP_SERVICE_ACCOUNT_TOKEN" | ||
| exit 1 | ||
| fi | ||
| bunx varlock run -- bash -lc ' | ||
| for key in \ | ||
| VITE_WALLETCONNECT_PROJECT_ID \ | ||
| VITE_PIMLICO_API_KEY \ | ||
| VITE_ENVIO_INDEXER_URL \ | ||
| VITE_POSTHOG_KEY \ | ||
| VITE_POSTHOG_ADMIN_KEY \ | ||
| POSTHOG_ENV_ID \ | ||
| POSTHOG_CLI_TOKEN | ||
| do | ||
| val="${!key:-}" | ||
| if [[ -n "$val" ]]; then | ||
| printf "%s=%s\n" "$key" "$val" >> "$GITHUB_ENV" | ||
| fi | ||
| done | ||
| ' | ||
| - name: Build ${{ matrix.title }} with source maps | ||
| run: bun run ${{ matrix.build }} | ||
| env: | ||
| APP_ENV: ${{ steps.env.outputs.env }} | ||
| # Ensure source maps are generated | ||
| NODE_ENV: production | ||
| VITE_USE_HASH_ROUTER: 'false' | ||
| VITE_CHAIN_ID: ${{ steps.env.outputs.chain_id }} | ||
| VITE_APP_VERSION: ${{ steps.env.outputs.app_version }} | ||
| VITE_POSTHOG_HOST: "https://app.posthog.com" | ||
| - name: Verify source maps exist | ||
| env: | ||
| DIST_DIR: ${{ matrix.dist }} | ||
| run: | | ||
| SOURCEMAPS=$(find "$DIST_DIR" -name "*.map" | wc -l) | ||
| if [[ "$SOURCEMAPS" -eq 0 ]]; then | ||
| echo "::error::No source maps found in $DIST_DIR" | ||
| exit 1 | ||
| fi | ||
| echo "Found $SOURCEMAPS source map files" | ||
| - name: Upload source maps to PostHog | ||
| # Pin PostHog/upload-source-maps for reproducible uploads; update version after verifying new releases. | ||
| uses: PostHog/upload-source-maps@v0.5.7.0 | ||
| with: | ||
| directory: ${{ matrix.dist }} | ||
| env-id: ${{ env.POSTHOG_ENV_ID }} | ||
| cli-token: ${{ env.POSTHOG_CLI_TOKEN }} | ||
| project: ${{ matrix.project }} | ||
| version: ${{ github.sha }} | ||
| delete-after-upload: 'true' | ||
| batch-size: '50' | ||
| ignore: '*.css.map' | ||
| - name: Verify source maps removed from dist | ||
| env: | ||
| DIST_DIR: ${{ matrix.dist }} | ||
| run: | | ||
| REMAINING=$(find "$DIST_DIR" -name "*.js.map" | wc -l) | ||
| if [[ "$REMAINING" -gt 0 ]]; then | ||
| echo "::warning::$REMAINING .js.map files still present after upload" | ||
| # Remove any remaining source maps | ||
| find "$DIST_DIR" -name "*.js.map" -delete | ||
| fi | ||
| echo "Source maps cleaned up successfully" | ||
| - name: Upload Summary | ||
| env: | ||
| PROJECT_NAME: ${{ matrix.project }} | ||
| COMMIT_SHA: ${{ github.sha }} | ||
| ENVIRONMENT: ${{ steps.env.outputs.env }} | ||
| APP_VERSION: ${{ steps.env.outputs.app_version }} | ||
| APP_TITLE: ${{ matrix.title }} | ||
| run: | | ||
| echo "## $APP_TITLE Source Maps Uploaded" >> $GITHUB_STEP_SUMMARY | ||
| echo "" >> $GITHUB_STEP_SUMMARY | ||
| echo "| Property | Value |" >> $GITHUB_STEP_SUMMARY | ||
| echo "|----------|-------|" >> $GITHUB_STEP_SUMMARY | ||
| echo "| **Project** | $PROJECT_NAME |" >> $GITHUB_STEP_SUMMARY | ||
| echo "| **Version** | \`$COMMIT_SHA\` |" >> $GITHUB_STEP_SUMMARY | ||
| echo "| **Environment** | $ENVIRONMENT |" >> $GITHUB_STEP_SUMMARY | ||
| echo "| **App Version** | $APP_VERSION |" >> $GITHUB_STEP_SUMMARY | ||
| echo "" >> $GITHUB_STEP_SUMMARY | ||
| echo "Source maps have been uploaded to PostHog and removed from the build artifacts." >> $GITHUB_STEP_SUMMARY | ||
| notify-failure: | ||
| name: Notify on Failure | ||
| runs-on: ubuntu-latest | ||
| needs: upload-sourcemaps | ||
| if: failure() | ||
| steps: | ||
| - name: Create failure summary | ||
| run: | | ||
| echo "## Source Map Upload Failed" >> $GITHUB_STEP_SUMMARY | ||
| echo "" >> $GITHUB_STEP_SUMMARY | ||
| echo "The source map upload workflow failed. Possible causes:" >> $GITHUB_STEP_SUMMARY | ||
| echo "" >> $GITHUB_STEP_SUMMARY | ||
| echo "1. **Missing secrets**: Ensure \`OP_SERVICE_ACCOUNT_TOKEN\` exists and 1Password fields are configured" >> $GITHUB_STEP_SUMMARY | ||
| echo "2. **Build failure**: Check the build step for TypeScript or dependency errors" >> $GITHUB_STEP_SUMMARY | ||
| echo "3. **PostHog API error**: Check PostHog status and API token permissions" >> $GITHUB_STEP_SUMMARY | ||
| echo "" >> $GITHUB_STEP_SUMMARY | ||
| echo "### Required Secrets" >> $GITHUB_STEP_SUMMARY | ||
| echo "" >> $GITHUB_STEP_SUMMARY | ||
| echo "| Secret | Description |" >> $GITHUB_STEP_SUMMARY | ||
| echo "|--------|-------------|" >> $GITHUB_STEP_SUMMARY | ||
| echo "| \`OP_SERVICE_ACCOUNT_TOKEN\` | 1Password service account token in GitHub secrets |" >> $GITHUB_STEP_SUMMARY | ||
| echo "| \`OP_ENVIRONMENT\` | GitHub repository variable pointing to 1Password environment |" >> $GITHUB_STEP_SUMMARY | ||
| echo "| \`POSTHOG_CLI_TOKEN\` | Value present in that 1Password environment |" >> $GITHUB_STEP_SUMMARY | ||
| echo "| \`POSTHOG_ENV_ID\` | Value present in that 1Password environment |" >> $GITHUB_STEP_SUMMARY | ||
