-
Notifications
You must be signed in to change notification settings - Fork 119
131 lines (127 loc) · 4.8 KB
/
push-webcomponents-deploy.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
---
# (C) 2023 GoodData Corporation
# yamllint disable rule:line-length
name: Push ~ Build web component's container image
on:
push:
branches: ["master"]
concurrency:
group: ${{ github.ref }}
cancel-in-progress: true
env:
WEB_COMPONENTS_DIR: libs/sdk-ui-web-components
jobs:
build-web-components:
if: ${{ startsWith(github.event.head_commit.message, 'Release ') || startsWith(github.event.head_commit.message, format('chore{0} bump versions to', ':')) }}
runs-on:
group: infra1-runners-arc
labels: runners-cxa-xlarge # need the bigger runner than small because Web component build consume more resource
permissions:
contents: read
id-token: write
container:
image: 020413372491.dkr.ecr.us-east-1.amazonaws.com/3rdparty/library/node:18
steps:
- name: Checkout repository
uses: actions/checkout@v3
- name: Add repository to git safe directories to avoid dubious ownership issue
run: git config --global --add safe.directory $GITHUB_WORKSPACE
- name: Cache pnpm dependencies
id: cache-pnpm
uses: actions/cache@v3
with:
key: web-components-${{ hashFiles('common/config/rush/pnpm-lock.yaml') }}
path: |
common/temp/node_modules
common/temp/pnpm-store
- name: Run build web components app
run: |
npm i -g @microsoft/rush
rush install
rush build --to @gooddata/sdk-ui-web-components
tar czvf ./libs/sdk-ui-web-components/web-components.tar.gz -C ./$WEB_COMPONENTS_DIR/esm .
- name: Archive the build artifact
uses: actions/upload-artifact@v3
with:
name: web-components-artifact
path: ./${{ env.WEB_COMPONENTS_DIR }}/web-components.tar.gz
docker-build-web-components:
runs-on:
group: infra1-runners-arc
labels: runners-small
needs: [build-web-components]
permissions:
contents: read
packages: write
id-token: write
steps:
- name: Checkout repository
uses: actions/checkout@v3
- name: Set SHORT SHA and BRANCH ESCAPE REF NAME to ENV Variable to use for image tag later
run: |
echo "GITHUB_SHORT_SHA=${GITHUB_SHA::8}" >> $GITHUB_ENV
echo "GITHUB_ESCAPE_REF_NAME=${GITHUB_REF_NAME/\//-}" >> $GITHUB_ENV
- name: Set up QEMU to add multiplatform support
uses: docker/setup-qemu-action@v2
- name: Create docker context
run: |
docker context create builder
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
with:
endpoint: builder
- name: Get Vault secrets for ECR
uses: hashicorp/vault-action@v2
with:
url: "https://vault.ord1.infra.intgdc.com"
method: jwt
path: jwt/github
role: ecr-push
secrets: |
secret/data/v2/data-special/infra1-user-ecr-rw aws_ecr_access_key | AWS_ACCESS_KEY ;
secret/data/v2/data-special/infra1-user-ecr-rw aws_ecr_secret_key | AWS_SECRET_KEY ;
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v2
with:
aws-access-key-id: ${{ env.AWS_ACCESS_KEY }}
aws-secret-access-key: ${{ env.AWS_SECRET_KEY }}
aws-region: us-east-1
- name: Login to Amazon ECR
id: login-ecr
uses: aws-actions/amazon-ecr-login@v1
- uses: actions/download-artifact@v3
with:
name: web-components-artifact
path: ./${{ env.WEB_COMPONENTS_DIR }}
- name: Docker build and push image
uses: docker/build-push-action@v4
with:
context: ./${{ env.WEB_COMPONENTS_DIR }}
file: ./${{ env.WEB_COMPONENTS_DIR }}/Dockerfile
platforms: |
linux/amd64
linux/arm64
push: true
tags: |
020413372491.dkr.ecr.us-east-1.amazonaws.com/nas-testing/${{ github.event.repository.name }}:${{ env.GITHUB_ESCAPE_REF_NAME }}
020413372491.dkr.ecr.us-east-1.amazonaws.com/nas-testing/${{ github.event.repository.name }}:${{ env.GITHUB_SHORT_SHA }}
outputs:
github_short_sha: ${{ env.GITHUB_SHORT_SHA }}
generate-update:
runs-on:
group: infra1-runners-arc
labels: runners-small
needs: [docker-build-web-components]
steps:
- name: Repository Dispatch
uses: peter-evans/repository-dispatch@v3
with:
token: ${{ secrets.TOKEN_GITHUB_YENKINS_ADMIN }}
repository: gooddata/github-actions
event-type: public-ext-update
client-payload: |
{
"component": "web-components",
"branch": "${{ github.ref_name }}",
"github_short_sha": "${{ needs.docker-build-web-components.outputs.github_short_sha }}"
}