Merge pull request #13 from FusionAuth/jj/release-workflow

add deploy workflow, update default branch name
FusionAuth · Jun 6, 2024 · 53b35ea · 53b35ea
2 parents 1ae6224 + bd0677a
commit 53b35ea
Show file tree

Hide file tree

Showing 3 changed files with 118 additions and 30 deletions.
diff --git a/.github/workflows/deploy.yaml b/.github/workflows/deploy.yaml
@@ -0,0 +1,86 @@
+# Run locally with act:
+#
+# act pull_request [--input command=[command]] \
+#  --platform fusionauth-builder=[ecr-repo-name]/fusionauth-builder:latest] \
+#  --workflows ./.github/workflows/release.yaml \
+#  --env-file <(aws configure export-credentials --profile [aws-profile] --format env)
+
+name: Deploy
+
+on:
+  push:
+    branches:
+      - main
+  pull_request:
+    branches:
+      - main
+  workflow_dispatch:
+    inputs:
+      command:
+        type: choice
+        options:
+          - build    # build only
+          - publish  # build & publish to rubygems
+          - release  # build & release to svn
+        default: build
+
+permissions:
+  contents: read
+
+jobs:
+  build:
+    if: |
+      github.event_name == 'pull_request' ||
+      github.event_name == 'push' ||
+      github.event_name == 'workflow_dispatch' && inputs.command == 'build'
+    runs-on: fusionauth-builder
+    steps:
+      - name: checkout
+        uses: actions/checkout@v4
+
+      - name: compile
+        shell: bash -l {0}
+        run: sb compile
+
+  deploy:
+    if: |
+      github.event_name == 'workflow_dispatch' &&
+      (inputs.command == 'release' || inputs.command == 'publish')
+    runs-on: fusionauth-builder
+    steps:
+      - name: checkout
+        uses: actions/checkout@v4
+
+      - name: set aws credentials
+        uses: aws-actions/configure-aws-credentials@v4
+        with:
+          role-to-assume: arn:aws:iam::752443094709:role/github-actions
+          role-session-name: aws-auth-action
+          aws-region: us-west-2
+
+      - name: get secret
+        run: |
+          while IFS=$'\t' read -r key value; do
+            echo "::add-mask::${value}"
+            echo "${key}=${value}" >> $GITHUB_ENV
+          done < <(aws secretsmanager get-secret-value \
+            --region us-west-2 \
+            --secret-id platform/rubygems \
+            --query SecretString \
+            --output text | \
+            jq -r 'to_entries[] | [.key, .value] | @tsv')
+
+      - name: set gem credentials
+        run: |
+          mkdir -p ~/.gem
+          echo "${{ env.API_KEY }}" > ~/.gem/credentials
+
+      - name: release to svn
+        if: inputs.command == 'release'
+        shell: bash -l {0}
+        run: sb release
+
+      - name: publish to rubygems
+        if: inputs.command == 'publish'
+        shell: bash -l {0}
+        run: sb publish
diff --git a/.github/workflows/docs.yml b/.github/workflows/docs.yml
@@ -2,7 +2,8 @@ name: Generate Docs
 
 on:
   push:
-    branches: [ "master" ]
+    branches:
+      - main
 
 permissions:
   contents: write
@@ -11,21 +12,20 @@ jobs:
   build:
     runs-on: ubuntu-latest
     steps:
-    - uses: actions/checkout@v4
+      - uses: actions/checkout@v4
 
-    - name: Set up Ruby
-      uses: ruby/setup-ruby@v1
-      with:
-        bundler-cache: true
+      - name: Set up Ruby
+        uses: ruby/setup-ruby@v1
+        with:
+          bundler-cache: true
 
-    - name: Generate docs
-      run: |
-        rm -f doc/index.db
-        rdoc --format=markdown lib/fusionauth/fusionauth_client.rb
-
-    - name: Commit
-      uses: EndBug/add-and-commit@v9 
-      with:
-        add: 'doc/'
-        message: ':memo: Updating docs'
+      - name: Generate docs
+        run: |
+          rm -f doc/index.db
+          rdoc --format=markdown lib/fusionauth/fusionauth_client.rb
 
+      - name: Commit
+        uses: EndBug/add-and-commit@v9 
+        with:
+          add: 'doc/'
+          message: ':memo: Updating docs'
diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
@@ -2,9 +2,11 @@ name: Test Library
 
 on:
   push:
-    branches: [ "master" ]
+    branches:
+      - main
   pull_request:
-    branches: [ "master" ]
+    branches:
+      - main
 
 permissions:
   contents: read
@@ -13,19 +15,19 @@ jobs:
   build:
     runs-on: ubuntu-latest
     steps:
-    - uses: actions/checkout@v4
+      - uses: actions/checkout@v4
 
-    - name: Set up FusionAuth
-      working-directory: .github/fusionauth
-      run: docker compose up -d
+      - name: Set up FusionAuth
+        working-directory: .github/fusionauth
+        run: docker compose up -d
 
-    - name: Set up Ruby
-      uses: ruby/setup-ruby@v1
-      with:
-        bundler-cache: true
+      - name: Set up Ruby
+        uses: ruby/setup-ruby@v1
+        with:
+          bundler-cache: true
 
-    - name: Waiting for FusionAuth App
-      run: timeout 30 bash -c 'while [[ "$(curl -s -o /dev/null -w ''%{http_code}'' localhost:9011)" != "200" ]]; do sleep 5; done' || false
+      - name: Waiting for FusionAuth App
+        run: timeout 30 bash -c 'while [[ "$(curl -s -o /dev/null -w ''%{http_code}'' localhost:9011)" != "200" ]]; do sleep 5; done' || false
 
-    - name: Run test suite
-      run: rake test
+      - name: Run test suite
+        run: rake test