-
Notifications
You must be signed in to change notification settings - Fork 50
145 lines (126 loc) · 6.05 KB
/
ci-cd.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
name: CI/CD
# First runs linter and tests all affected projects
# Then, for each project that requires deployment, deploy-<project>-<service-type> is added
# Environment variables are labelled <project-name>_SHORT_DESCRIPTION
on:
push:
branches: ['main']
pull_request:
branches: ['main']
workflow_dispatch:
inputs:
manual-deploy:
description: 'App(s) to Deploy (dotcom, jpal-frontend)'
required: false
default: ''
concurrency:
# Never have two deployments happening at the same time (potential race condition)
group: '{{ github.head_ref || github.ref }}'
jobs:
pre-deploy:
runs-on: ubuntu-latest
outputs:
affected: ${{ steps.should-deploy.outputs.affected }}
steps:
- uses: actions/checkout@v3
with:
# We need to fetch all branches and commits so that Nx affected has a base to compare against.
fetch-depth: 0
- name: Use Node.js 16
uses: actions/setup-node@v3
with:
node-version: 16.x
cache: 'yarn'
- name: Install Dependencies
run: yarn install
# In any subsequent steps within this job (myjob) we can reference the resolved SHAs
# using either the step outputs or environment variables:
- name: Derive appropriate SHAs for base and head for `nx affected` commands
uses: nrwl/nx-set-shas@v3
- run: |
echo "BASE: ${{ env.NX_BASE }}"
echo "HEAD: ${{ env.NX_HEAD }}"
- name: Nx Affected Lint
run: npx nx affected -t lint
# - name: Nx Affected Test
# run: npx nx affected -t test
- name: Nx Affected Build
run: npx nx affected -t build
- name: Determine who needs to be deployed
id: should-deploy
run: |
echo "The following projects have been affected: [$(npx nx print-affected -t build --select=tasks.target.project)]";
echo "affected=$(npx nx print-affected -t build --select=tasks.target.project)" >> "$GITHUB_OUTPUT"
deploy-debug:
needs: pre-deploy
runs-on: ubuntu-latest
steps:
- name: Debug logs
run: |
echo "Manual Deploy: ${{github.event.inputs.manual-deploy}}";
echo "Affected Names: ${{needs.pre-deploy.outputs.affected}}";
echo "Event: ${{github.event_name}}";
echo "Ref: ${{github.ref}}";
echo "Will deploy?: ${{(github.event_name == 'push' || github.event_name == 'workflow_dispatch') && github.ref == 'refs/heads/main'}}";
deploy-c4cneudotcom:
needs: pre-deploy
if: (contains(github.event.inputs.manual-deploy, 'dotcom') || contains(needs.pre-deploy.outputs.affected, 'dotcom')) && (github.event_name == 'push' || github.event_name == 'workflow_dispatch') && github.ref == 'refs/heads/main'
runs-on: ubuntu-latest
# For "simplicity", deployment settings are configured in the AWS Amplify Console
# This just posts to a webhook telling Amplify to redeploy the main branch
steps:
- name: Tell Amplify to rebuild
run: curl -X POST -d {} ${DOTCOM_WEBHOOK_DEPLOY} -H "Content-Type:application/json"
env:
DOTCOM_WEBHOOK_DEPLOY: ${{ secrets.DOTCOM_WEBHOOK_DEPLOY }}
deploy-monarch-frontend:
needs: pre-deploy
if: (contains(github.event.inputs.manual-deploy, 'monarch-frontend') || contains(needs.pre-deploy.outputs.affected, 'monarch-frontend')) && (github.event_name == 'push' || github.event_name == 'workflow_dispatch') && github.ref == 'refs/heads/main'
runs-on: ubuntu-latest
# For "simplicity", deployment settings are configured in the AWS Amplify Console
# This just posts to a webhook telling Amplify to redeploy the main branch
steps:
- name: Tell Amplify to rebuild
run: curl -X POST -d {} ${MONARCH_WEBHOOK_DEPLOY} -H "Content-Type:application/json"
env:
MONARCH_WEBHOOK_DEPLOY: ${{ secrets.MONARCH_WEBHOOK_DEPLOY }}
deploy-monarch-backend:
needs: pre-deploy
if: (contains(github.event.inputs.manual-deploy, 'monarch-backend') || contains(needs.pre-deploy.outputs.affected, 'monarch-backend')) && (github.event_name == 'push' || github.event_name == 'workflow_dispatch') && github.ref == 'refs/heads/main'
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: Use Node.js 16
uses: actions/setup-node@v3
with:
node-version: 16.x
cache: 'yarn'
- name: Install Dependencies
run: yarn install
- run: npx nx build monarch-backend --configuration production
- name: default deploy
uses: appleboy/lambda-action@master
with:
aws_access_key_id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws_secret_access_key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws_region: ${{ secrets.AWS_REGION }}
function_name: monarch-monolith-lambda
source: dist/apps/monarch/monarch-backend/main.js
deploy-green-infrastructure-frontend:
needs: pre-deploy
if: (contains(github.event.inputs.manual-deploy, 'green-infrastructure-frontend') || contains(needs.pre-deploy.outputs.affected, 'green-infrastructure-frontend')) && (github.event_name == 'push' || github.event_name == 'workflow_dispatch') && github.ref == 'refs/heads/main'
runs-on: ubuntu-latest
# For "simplicity", deployment settings are configured in the AWS Amplify Console
# This just posts to a webhook telling Amplify to redeploy the main branch
steps:
- name: Tell Amplify to rebuild
run: curl -X POST -d {} ${GREEN_INFRASTRUCTURE_WEBHOOK_DEPLOY} -H "Content-Type:application/json"
env:
GREEN_INFRASTRUCTURE_WEBHOOK_DEPLOY: ${{ secrets.GREEN_INFRASTRUCTURE_WEBHOOK_DEPLOY }}
# If deploying a new service via actions, use the following template:
# deploy-<!!!REPLACE-ME!!!>:
# needs: pre-deploy
# if: (contains(github.event.inputs.manual-deploy, '<!!!REPLACE-ME!!!>') || contains(needs.pre-deploy.outputs.affected_names, <!!!REPLACE-ME!!!>)) && (github.event_name == 'push' || github.event_name == 'workflow_dispatch') && github.ref == 'refs/heads/main'
# runs-on: ubuntu-latest
# steps:
# ...