New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[PVT#181020089] Implement better deployment monitoring and try out asset precompilation in GAH #2157
Conversation
#Please enter the commit message for your changes. Lines starting
Co-authored-by: Elliot <elliot@greenriver.org>
Co-authored-by: Elliot <elliot@greenriver.org>
…/deployment-stuff
…t need it now that we've got other sanitization?
@eanders Per my most recent commit message, |
I think what you have is fine. Thanks! |
…nt to trigger a full asset rebuild.
Pivotal Story
Logging
I replaced our manual log tailing with a call out to the awscliv2's log tailing, which mimics
tail -f
and is more stable than our homerolled version. This has significantly reduced the need for asking the user to confirm continuation of the deploy task if the logs can't be found/aren't up to date.Monitoring
I just added basic timing to a bunch of deploy steps. Here are some times from a representative deployment:
Asset Precompilation in GitHub Actions
Here's the flow as it exists in this code:
a. Pull in secrets file from Secrets Manager (parameter store char limit too low)
b. Start bin/compile_assets.rb, which iterates through each install and...
s3://openpath-ecs-assets/#{target_group_name}
app/assets
(including the downloaded theme files) and .env.secretss3://openpath-ecs-assets/#{target_group_name}/#{checksum}
assets:precompile
and push the results (public/assets
) tos3://openpath-ecs-assets/#{target_group_name}/#{checksum}
.a. Checksum is generated again, and if matching compiled assets are not available, the deploy will warn you and wait for 60 seconds to try again
a. Pull down theme files and generate checksum again (this doesn't seem to be very computationally expensive)
b. Pull down compiled assets the same way we do now, except with the checksum instead of the githash
The idea is that we are directly mapping the contents of the uncompiled assets with the compiled assets in S3, instead of mapping via the githash. And so it will always be easy to check if we have a valid compiled version for the current asset code.