Merge pull request #5 from mlibrary/11ty-docker

CI and drupal updates

.github/workflows/build-main.yml

@@ -1,53 +1,67 @@
-name: Build drupal image on push to main
+name: Build and deploy drupal image 
 
 on:
-  push:
-    branches: [ main ]
-
-env:
-  IMAGE_NAME: design-system-cms
+  workflow_dispatch:
+    inputs:
+      tag:
+        description: tag
+        required: true
 
 jobs:
-  #changes:
-    #runs-on: ubuntu-latest
-    #outputs:
-      #drupal: ${{ steps.filter.outputs.drupal }}
-    #steps:
-    #- uses: dorny/paths-filter@v2
-      #id: filter
-      #with:
-        #filters: |
-          #drupal:
-            #- 'drupal/**'
-
   build-drupal:
-    #needs: changes
-    #if: ${{ needs.changes.outputs.drupal == 'true' }}
     environment: cms
     runs-on: ubuntu-latest
     steps:
-    - uses: actions/checkout@v2
+    - name: Clone latest repository
+      uses: actions/checkout@v2
+      with:
+        fetch-depth: 0
+    - name: Check that the tag exists in repo
+      id: tag_check
+      run: |
+        if git rev-parse 'refs/tags/${{ github.event.inputs.tag }}' &> /dev/null; then
+          echo '::set-output name=tag::${{ github.event.inputs.tag }}'
+        elif git rev-parse '${{ github.event.inputs.tag }}' &> /dev/null; then
+          echo "::set-output name=tag::`git rev-parse '${{ github.event.inputs.tag }}'`"
+        else
+          echo "Couldn't figure out tag from input: ${{ github.event.inputs.tag }}"
+          echo "Aborting deployment."
+          false
+        fi
     - name: Log into Github Container Registry
       uses: docker/login-action@v1
       with:
         registry: ghcr.io
         username: ${{ github.actor }}
         password: ${{ secrets.GITHUB_TOKEN }}
-    - name: Build and Push
+    - name: Check that the tag exists in container registry
+      id: image_check
+      run: |
+        if docker manifest inspect ghcr.io/mlibrary/${{ secrets.IMAGE_NAME }}:${{ steps.tag_check.outputs.tag }} > /dev/null; then
+          echo '::set-output name=image_exists::true'
+          echo "image exists!"
+        else
+          echo "image doesn't exist; Starting to Build and push image"
+        fi
+    - name: Checkout Correct repository
+      if: ${{ steps.image_check.outputs.image_exists != 'true' }}
+      uses: actions/checkout@v2
+      with:
+        ref: ${{ github.event.inputs.tag }}
+    - name: Build and Push Image
       uses: docker/build-push-action@v2
+      if: ${{ steps.image_check.outputs.image_exists != 'true' }}
       with:
         context: drupal/.
         push: true
         tags: | 
-           ghcr.io/mlibrary/${{ secrets.IMAGE_NAME }}:latest
-           ghcr.io/mlibrary/${{ secrets.IMAGE_NAME }}:${{ github.sha }}
-    #- name: Deploy to kubernetes
-      #uses: mlibrary/deploy-to-kubernetes@v1
-      #with:
-        #github_username: ${{ github.actor }}
-        #github_token: ${{ secrets.GITHUB_TOKEN }}
-        #image: mlibrary/${{ secrets.IMAGE_NAME }}:${{ github.sha }}
-        #cluster_ca: ${{ secrets.HATCHER_CLUSTER_CA }}
-        #cluster_server: https://hatcher.kubernetes.lib.umich.edu
-        #namespace_token: ${{ secrets.HATCHER_TOKEN }}
-        #namespace: ${{ secrets.NAMESPACE }}
+           ghcr.io/mlibrary/${{ secrets.IMAGE_NAME }}:${{steps.tag_check.outputs.tag}}
+    - name: Deploy to kubernetes
+      uses: mlibrary/deploy-to-kubernetes@v3
+      with:
+        registry_token: ${{ secrets.GITHUB_TOKEN }}
+        image: ghcr.io/mlibrary/${{ secrets.IMAGE_NAME }}:${{steps.tag_check.outputs.tag}}
+        cluster_ca: ${{ secrets.HATCHER_CLUSTER_CA }}
+        cluster_server: https://hatcher.kubernetes.lib.umich.edu
+        namespace_token: ${{ secrets.HATCHER_TOKEN }}
+        namespace: ${{ secrets.NAMESPACE }}

.github/workflows/production.yml

@@ -0,0 +1,82 @@
+#  Name of workflow
+name: Production workflow
+
+# When workflow is triggered
+on:
+  #push:
+    #branches:
+      #- main
+  # schedule:
+    # - cron: '0 11 * * MON-FRI'
+  #repository_dispatch:
+    #types: [ publish_production ]
+  workflow_dispatch:
+    inputs:
+      tag:
+        description: tag; default is what's on main
+        required: false
+
+# Jobs to carry out
+jobs:
+  build:
+    # Operating system to run job on
+    runs-on: ubuntu-latest
+    # Environment to run job on
+    environment: production
+    # Environment variables
+    env:
+      DRUPAL_AUTH: ${{ secrets.DRUPAL_AUTH }}
+      DRUPAL_URL: 'https://design-system-cms.kubernetes.lib.umich.edu'
+    # Steps in job
+    steps:
+      # Get code from repo
+      - name: Checkout code
+        uses: actions/checkout@v1
+        with:
+          fetch-depth: 0
+      # Get tag from action input
+      - name: Check that the tag exists
+        if: ${{ github.event_name == 'workflow_dispatch' && github.event.inputs.tag != '' }}
+        id: tag_check
+        run: |
+          if git rev-parse 'refs/tags/${{ github.event.inputs.tag }}' &> /dev/null; then
+            echo '::set-output name=tag::${{ github.event.inputs.tag }}'
+          elif git rev-parse '${{ github.event.inputs.tag }}' &> /dev/null; then
+            echo "::set-output name=tag::`git rev-parse '${{ github.event.inputs.tag }}'`"
+          else
+            echo "Couldn't figure out tag from input: ${{ github.event.inputs.tag }}"
+            echo "Aborting deployment."
+            false
+          fi
+      # Checkout tag from repo
+      - name: Checkout correct repository
+        if: ${{ github.event_name == 'workflow_dispatch'  && github.event.inputs.tag != '' }}
+        uses: actions/checkout@v2
+        with:
+          ref: ${{ github.event.inputs.tag }}
+      # Install NodeJS
+      - name: Use Node.js 18.x
+        uses: actions/setup-node@v1
+        with:
+          node-version: 18.x
+      # Run npm install and build on our code
+      - run: npm install
+        working-directory: ./11ty
+      - run: npm run build
+        working-directory: ./11ty
+       Deploy to Netlify using our production secrets
+      - name: Deploy to netlify
+        working-directory: ./11ty
+        run: npx netlify-cli deploy --dir=public --prod
+        env:
+          NETLIFY_AUTH_TOKEN: ${{ secrets.NETLIFY_AUTH_TOKEN }}
+          NETLIFY_SITE_ID: ${{ secrets.NETLIFY_SITE_ID }}
+      # Notify Slack if build fails
+      #      - name: Report Status
+      #        if: always()
+      #        uses: ravsamhq/notify-slack-action@v1
+      #        with:
+      #          status: ${{ job.status }}
+      #          notify_when: 'failure'
+      #        env:
+      #          SLACK_WEBHOOK_URL: ${{ secrets.ACTION_MONITORING_SLACK }}

11ty/.env-example

@@ -0,0 +1,3 @@
+DRUPAL_AUTH=admin:actual-password
+DRUPAL_URL=https://design-system-cms.kubernetes.lib.umich.edu
+DEBUG=false

11ty/Dockerfile

@@ -0,0 +1,16 @@
+FROM node:18.7
+ARG UNAME=app
+ARG UID=1000
+ARG GID=1000
+
+LABEL maintainer="mrio@umich.edu"
+
+RUN npm install -g npm@8.18.0
+RUN apt-get update -yqq && apt-get install -yqq --no-install-recommends \
+  vim-tiny
+
+RUN groupadd -g ${GID} -o ${UNAME}
+RUN useradd -m -d /app -u ${UID} -g ${GID} -o -s /bin/bash ${UNAME}
+USER $UNAME
+
+WORKDIR /app

11ty/README.md

@@ -1,27 +1,32 @@
 ## Development Quick Start
 
-Install 11ty and dependencies
-
+Build Docker the docker image for web
 ```
-npm install
+docker-compose build web
 ```
 
-Start development server and watch Sass (.scss) files (in parallel).
+Copy the `.env-example` to `.env`
+
+Update `.env` to have real values. 
+
+**Important:** The DRUPAL_AUTH is currently required to fetch some of the Drupal JSON. (October 2022). Enter the correct password for `$password`.
+
+Install 11ty and dependencies
 
 ```
-npm start
+docker-compose run --rm web npm install
 ```
 
-**Important:** The DRUPAL_AUTH is currently required to fetch some of the Drupal JSON. (October 2022). Enter the correct password for `$password`.
+Start development server and watch Sass (.scss) files (in parallel).
 
 ```
-DRUPAL_AUTH=admin:$password npm start
+docker-compose run --rm web npm start
 ```
 
 View in browser
 
 ```
-http://localhost:8080
+http://localhost:8888
 ```
 
 ## Dev Scripts