-
Notifications
You must be signed in to change notification settings - Fork 19
Expand file tree
/
Copy pathcdkactions_build-and-deploy.yaml
More file actions
165 lines (155 loc) · 5.97 KB
/
cdkactions_build-and-deploy.yaml
File metadata and controls
165 lines (155 loc) · 5.97 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
# Generated by cdkactions. Do not modify
# Generated as part of the 'website' stack.
name: Build and Deploy
on: push
jobs:
react-check:
name: React Check
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- name: Cache
uses: actions/cache@v2
with:
path: "**/node_modules"
key: v0-${{ hashFiles('./yarn.lock') }}
- name: Install Dependencies
run: |-
cd .
yarn install --frozen-lockfile
- name: Lint
run: |-
cd .
yarn lint
- name: Test
run: |-
cd .
yarn test
- name: Upload Code Coverage
run: |-
ROOT=$(pwd)
cd .
yarn run codecov -p $ROOT -F frontend
container:
image: node:14
publish-frontend:
name: Publish frontend
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- uses: docker/setup-qemu-action@v1
- uses: docker/setup-buildx-action@v1
- name: Cache Docker layers
uses: actions/cache@v2
with:
path: /tmp/.buildx-cache
key: buildx-publish-frontend
- uses: docker/login-action@v1
with:
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }}
- name: Build/Publish
uses: docker/build-push-action@v2
with:
context: .
file: ./Dockerfile
push: ${{ github.ref == 'refs/heads/master' || startsWith(github.ref, 'refs/heads/feat/') == true }}
cache-from: type=local,src=/tmp/.buildx-cache,type=registry,ref=pennlabs/website:latest
cache-to: type=local,dest=/tmp/.buildx-cache
tags: pennlabs/website:latest,pennlabs/website:${{ github.sha }}
needs: react-check
deploy:
runs-on: ubuntu-latest
if: github.ref == 'refs/heads/master'
steps:
- uses: actions/checkout@v2
- id: synth
name: Synth cdk8s manifests
run: |-
cd k8s
yarn install --frozen-lockfile
# Get repo name (by removing owner/organization)
export RELEASE_NAME=${REPOSITORY#*/}
# Export RELEASE_NAME as an output
echo "::set-output name=RELEASE_NAME::$RELEASE_NAME"
yarn build
env:
PR_NUMBER: ${{ steps.pr.outputs.pull_request_number }}
GIT_SHA: ${{ github.sha }}
REPOSITORY: ${{ github.repository }}
AWS_ACCOUNT_ID: ${{ secrets.AWS_ACCOUNT_ID }}
- name: Deploy
if: steps.synth.outcome == 'success'
run: |-
aws eks --region us-east-1 update-kubeconfig --name production --role-arn arn:aws:iam::${AWS_ACCOUNT_ID}:role/kubectl
# Get repo name from synth step
RELEASE_NAME=${{ steps.synth.outputs.RELEASE_NAME }}
# Deploy
kubectl apply -f k8s/dist/ -l app.kubernetes.io/component=certificate
kubectl apply -f k8s/dist/ --prune -l app.kubernetes.io/part-of=$RELEASE_NAME
env:
AWS_ACCOUNT_ID: ${{ secrets.AWS_ACCOUNT_ID }}
AWS_ACCESS_KEY_ID: ${{ secrets.GH_AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.GH_AWS_SECRET_ACCESS_KEY }}
needs:
- publish-frontend
feature-branch-deploy:
runs-on: ubuntu-latest
if: startsWith(github.ref, 'refs/heads/feat/') == true
steps:
- uses: actions/checkout@v2
- name: Get Pull Request Metadata
id: pr
run: |-
echo "::set-output name=pull_request_number::$(gh pr view --json number -q .number || echo "")"
echo "::set-output name=pull_request_closed::$(gh pr view --json closed -q .closed || echo "")"
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- id: synth
name: Synth cdk8s manifests
if: (steps.pr.outputs.pull_request_number) && (steps.pr.outputs.pull_request_closed == 'false')
run: |-
cd k8s
yarn install --frozen-lockfile
# Get repo name (by removing owner/organization)
export DEPLOY_TO_FEATURE_BRANCH=true
export RELEASE_NAME=${REPOSITORY#*/}-pr-${{ steps.pr.outputs.pull_request_number }}
# Export RELEASE_NAME as an output
echo "::set-output name=RELEASE_NAME::$RELEASE_NAME"
yarn build
env:
PR_NUMBER: ${{ steps.pr.outputs.pull_request_number }}
GIT_SHA: ${{ github.sha }}
REPOSITORY: ${{ github.repository }}
AWS_ACCOUNT_ID: ${{ secrets.AWS_ACCOUNT_ID }}
- name: Deploy
if: steps.synth.outcome == 'success'
run: |-
aws eks --region us-east-1 update-kubeconfig --name production --role-arn arn:aws:iam::${AWS_ACCOUNT_ID}:role/kubectl
# Get repo name from synth step
RELEASE_NAME=${{ steps.synth.outputs.RELEASE_NAME }}
# Deploy
kubectl apply -f k8s/dist/ -l app.kubernetes.io/component=certificate
kubectl apply -f k8s/dist/ --prune -l app.kubernetes.io/part-of=$RELEASE_NAME
env:
AWS_ACCOUNT_ID: ${{ secrets.AWS_ACCOUNT_ID }}
AWS_ACCESS_KEY_ID: ${{ secrets.GH_AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.GH_AWS_SECRET_ACCESS_KEY }}
- name: Find announcement if exists
uses: peter-evans/find-comment@v2
id: find-announcement
with:
issue-number: ${{ steps.pr.outputs.pull_request_number }}
body-includes: Deployment preview for
token: ${{ secrets.GITHUB_TOKEN }}
- name: Announce successful feature branch deployment
uses: peter-evans/create-or-update-comment@v2
with:
comment-id: ${{ steps.find-announcement.outputs.comment-id }}
issue-number: ${{ steps.pr.outputs.pull_request_number }}
edit-mode: replace
body: |-
Deployment preview for commit `${{ github.sha }}` ready at:
[pr-${{ steps.pr.outputs.pull_request_number }}.pennlabs.org](https://pr-${{ steps.pr.outputs.pull_request_number }}.pennlabs.org)
needs:
- publish-frontend