mirror of
https://github.com/roleypoly/roleypoly.git
synced 2025-04-25 11:59:11 +00:00
Katalina
3291f9aacc
* miniflare init * feat(api): add tests * chore: more tests, almost 100% * add sessions/state spec * add majority of routes and datapaths, start on interactions * nevermind, no interactions * nevermind x2, tweetnacl is bad but SubtleCrypto has what we need apparently * simplify interactions verify * add brute force interactions tests * every primary path API route is refactored! * automatically import from legacy, or die trying. * check that we only fetch legacy once, ever * remove old-src, same some historic pieces * remove interactions & worker-utils package, update misc/types * update some packages we don't need specific pinning for anymore * update web references to API routes since they all changed * fix all linting issues, upgrade most packages * fix tests, divorce enzyme where-ever possible * update web, fix integration issues * pre-build api * fix tests * move api pretest to api package.json instead of CI * remove interactions from terraform, fix deploy side configs * update to tf 1.1.4 * prevent double writes to worker in GCS, port to newer GCP auth workflow * fix api.tf var refs, upgrade node action * change to curl-based script upload for worker script due to terraform provider limitations * oh no, cloudflare freaked out :(
173 lines
4.4 KiB
YAML
173 lines
4.4 KiB
YAML
name: Roleypoly CI
|
|
|
|
on:
|
|
push:
|
|
pull_request:
|
|
|
|
jobs:
|
|
node_test:
|
|
runs-on: ubuntu-latest
|
|
name: Node CI
|
|
steps:
|
|
- uses: actions/checkout@master
|
|
|
|
- uses: actions/setup-node@v2.5.1
|
|
with:
|
|
node-version: '16'
|
|
cache: yarn
|
|
|
|
- run: yarn install --frozen-lockfile
|
|
|
|
- run: yarn lint
|
|
|
|
- run: yarn test
|
|
|
|
worker_build:
|
|
runs-on: ubuntu-latest
|
|
name: Worker Build & Publish
|
|
needs:
|
|
- node_test
|
|
strategy:
|
|
matrix:
|
|
worker:
|
|
- api
|
|
steps:
|
|
- uses: actions/checkout@master
|
|
|
|
- uses: actions/setup-node@v2.5.1
|
|
with:
|
|
node-version: '16'
|
|
cache: yarn
|
|
|
|
- id: 'auth'
|
|
uses: 'google-github-actions/auth@v0'
|
|
with:
|
|
credentials_json: '${{ secrets.GCS_TF_KEY }}'
|
|
|
|
- name: Set up Cloud SDK
|
|
uses: google-github-actions/setup-gcloud@v0
|
|
with:
|
|
project_id: ${{ secrets.GCS_PROJECT_ID }}
|
|
export_default_credentials: true
|
|
|
|
- name: Check if already deployed
|
|
id: check
|
|
run: |
|
|
gsutil stat gs://roleypoly-artifacts/workers/${{ github.sha }}/index.mjs \
|
|
&& echo ::set-output name=skip::1 \
|
|
|| echo ::set-output name=skip::0
|
|
|
|
- run: yarn install --frozen-lockfile
|
|
if: steps.check.outputs.skip == '0'
|
|
|
|
- run: |
|
|
yarn build:api
|
|
if: steps.check.outputs.skip == '0'
|
|
|
|
- id: upload-file
|
|
if: github.event_name == 'push' && steps.check.outputs.skip == '0'
|
|
uses: google-github-actions/upload-cloud-storage@main
|
|
with:
|
|
path: packages/api/dist/index.mjs
|
|
destination: roleypoly-artifacts/workers/${{ github.sha }}
|
|
|
|
docker_build:
|
|
name: Docker Build & Publish
|
|
runs-on: ubuntu-latest
|
|
needs:
|
|
- node_test
|
|
strategy:
|
|
matrix:
|
|
dockerfile:
|
|
- bot
|
|
steps:
|
|
- uses: actions/checkout@master
|
|
|
|
- uses: actions/cache@v2.1.6
|
|
with:
|
|
path: /tmp/.buildx-cache
|
|
key: ${{ runner.os }}-buildx-${{ github.sha }}
|
|
restore-keys: |
|
|
${{ runner.os }}-buildx-
|
|
|
|
- name: Docker meta
|
|
id: docker_meta
|
|
uses: crazy-max/ghaction-docker-meta@v1
|
|
with:
|
|
images: |
|
|
ghcr.io/roleypoly/${{matrix.dockerfile}}
|
|
tag-sha: true
|
|
|
|
- name: Set up Docker Buildx
|
|
id: buildx
|
|
uses: docker/setup-buildx-action@v1
|
|
with:
|
|
install: true
|
|
|
|
- name: Login to GHCR
|
|
uses: docker/login-action@v1
|
|
with:
|
|
registry: ghcr.io
|
|
username: roleypoly
|
|
password: ${{ secrets.GHCR_PAT }}
|
|
|
|
- name: Build and push
|
|
uses: docker/build-push-action@v2
|
|
id: docker
|
|
with:
|
|
context: .
|
|
file: ./hack/dockerfiles/${{matrix.dockerfile}}.Dockerfile
|
|
push: true
|
|
cache-from: type=local,src=/tmp/.buildx-cache
|
|
cache-to: type=local,dest=/tmp/.buildx-cache
|
|
tags: ${{ steps.docker_meta.outputs.tags }}
|
|
labels: ${{ steps.docker_meta.outputs.labels }}
|
|
|
|
- name: Pre-deploy - Save digest.txt
|
|
run: |
|
|
echo "${{ steps.docker.outputs.digest }}" > digest.txt
|
|
|
|
- name: Pre-deploy - Make digest artifact
|
|
uses: actions/upload-artifact@v2.2.4
|
|
with:
|
|
name: ${{ matrix.dockerfile }}-digest
|
|
path: digest.txt
|
|
|
|
trigger_deploy:
|
|
name: Deploy to Stage
|
|
needs:
|
|
- docker_build
|
|
- worker_build
|
|
if: github.ref == 'refs/heads/main' || github.ref == 'refs/heads/miniflare'
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- name: Get Bot digest
|
|
uses: actions/download-artifact@v2
|
|
with:
|
|
name: bot-digest
|
|
path: .digests/bot
|
|
|
|
- name: Set digests as addressable
|
|
id: digests
|
|
env:
|
|
IMAGES: bot
|
|
run: |
|
|
set_digest_output() {
|
|
echo ::set-output name=$1::@$(cat .digests/$1/digest.txt)
|
|
}
|
|
|
|
for image in $IMAGES; do
|
|
set_digest_output $image
|
|
done
|
|
|
|
- name: Invoke Deploy workflow
|
|
uses: benc-uk/workflow-dispatch@v1
|
|
with:
|
|
workflow: Deploy
|
|
token: ${{ secrets.GITOPS_TOKEN }}
|
|
inputs: |-
|
|
{
|
|
"environment": "stage",
|
|
"worker_tag": "${{ github.sha }}",
|
|
"bot_tag": "${{ steps.digests.output.bot }}"
|
|
}
|