-
Notifications
You must be signed in to change notification settings - Fork 2
122 lines (102 loc) · 3.79 KB
/
github-release.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
name: Weekly Release Build
on:
push:
branches: [API-37625-gh-release-build]
workflow_dispatch:
jobs:
install:
runs-on: ubuntu-latest
outputs:
node_version: ${{ steps.node_version.outputs.node_version }}
steps:
- uses: actions/checkout@v2
- name: Setup node
uses: actions/setup-node@v2
with:
node-version: 16
- id: node_version
name: Set Node Version to ENV
run: |
NODE_VERSION=$(node -v)
echo $NODE_VERSION
echo "node_version=$NODE_VERSION" >> $GITHUB_OUTPUT
- name: Install dependencies
run: npm ci
release_builds:
needs: [install]
runs-on: ubuntu-latest
strategy:
matrix:
environment: ['dev', 'staging']
steps:
- uses: actions/checkout@v2
- name: Setup node
uses: actions/setup-node@v2
with:
node-version: 16
- name: Install dependencies
run: npm ci
- name: Print env
run: printenv
- name: Run Build
env:
NODE_ENV: production
BUILD_ENV: ${{ matrix.environment }}
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: npm run build -- --env=${{ matrix.environment }}
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v1
with:
aws-access-key-id: ${{secrets.AWS_ACCESS_KEY_ID}}
aws-secret-access-key: ${{secrets.AWS_SECRET_ACCESS_KEY}}
aws-region: ${{secrets.AWS_REGION}}
role-to-assume: ${{secrets.AWS_ROLE_ARN}}
role-duration-seconds: 1200
role-session-name: GitHubActions
- name: Delay for CI jobs
run: sleep 90s
- name: Post to Slack
run: ./slackpost.sh -t started "started SAML Proxy release..."
- name: Check CI status
run: ./gh-status.sh -r ${REPO} -c ${COMMIT_HASH} -x ${XCHECKS}
- name: Get Old Tag
id: old_tag
run: echo "::set-output name=old_tag::$(git tag --sort=creatordate | grep fargate-saml-proxy | head -1)"
- name: Increment Tag
id: new_tag
run: echo "::set-output name=new_tag::$(./increment.sh ${{ steps.old_tag.outputs.old_tag }})"
- name: Create Release
run: |
if [ "${{ github.event_name }}" == "schedule" ]; then
gh release create ${{ steps.new_tag.outputs.new_tag }} -t ${{ steps.new_tag.outputs.new_tag }}
else
echo "Testing mode: Skipping release creation"
fi
- name: Tag ECR Image
run: |
if [ "${{ github.event_name }}" == "schedule" ]; then
make tag IMAGE=${IMAGE} TAG=${GITHUB_SHA:0:7} NEW_TAG=${{ steps.new_tag.outputs.new_tag }}
else
echo "Testing mode: Skipping release creation"
fi
- name: Tag ECR Image Tests
run: |
if [ "${{ github.event_name }}" == "schedule" ]; then
make tag IMAGE=${IMAGE}-tests TAG=${GITHUB_SHA:0:7} NEW_TAG=${{ steps.new_tag.outputs.new_tag }}
else
echo "Testing mode: Skipping release creation"
fi
- name: Deploy to AWS Codebuild
run: |
if [ "${{ github.event_name }}" == "schedule" ]; then
aws codebuild start-build --project-name saml-proxy-deploy --environment-variables-override name=RELEASE,value${{ steps.new_tag.outputs.new_tag }}
else
echo "Testing mode: Skipping release creation"
fi
- name: Post to Slack (Success or Failure)
run: |
if [ "${{ job.status }}" == "success" ]; then
./slackpost.sh -t success "SAML Proxy release ${{ steps.new_tag.outputs.new_tag }} was successful."
else
./slackpost.sh -t "There was an error with the release process for SAML Proxy."
fi