-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
e627402
commit c4166b2
Showing
1 changed file
with
184 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,184 @@ | ||
on: | ||
workflow_call: | ||
inputs: | ||
workspace_name: | ||
description: The name of the workspace to create the artifact for. | ||
type: string | ||
required: true | ||
target_name: | ||
description: "(Optional) The name of the target to create artifact for (default: main)" | ||
type: string | ||
required: false | ||
default: main | ||
environment: | ||
description: Environment where the artifact will be deployed. | ||
type: string | ||
required: true | ||
resource_group_name: | ||
description: Web App resource group name. | ||
type: string | ||
required: true | ||
web_app_name: | ||
description: Web App name. | ||
type: string | ||
required: true | ||
health_check_path: | ||
description: The health probe path exposed by the Web App. | ||
type: string | ||
required: true | ||
use_staging_slot: | ||
description: True if artifact should be deployed to staging slot | ||
type: boolean | ||
required: false | ||
default: true | ||
use_private_agent: | ||
description: Use a private agent to deploy the built artifact. | ||
type: boolean | ||
required: false | ||
default: true | ||
|
||
concurrency: | ||
group: ${{ github.workflow }}-cd | ||
cancel-in-progress: true | ||
|
||
env: | ||
BUNDLE_NAME: bundle | ||
|
||
jobs: | ||
build: | ||
name: Build Artifact | ||
runs-on: ubuntu-22-04 | ||
env: | ||
WORKSPACE: ${{ inputs.workspace_name }} | ||
|
||
steps: | ||
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 | ||
name: Checkout | ||
|
||
- name: Prune | ||
run: npx turbo@1.13.3 prune --scope ${{ env.WORKSPACE }} | ||
|
||
- name: Setup Node.js | ||
uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 # v4.0.2 | ||
with: | ||
node-version-file: ".node-version" | ||
cache: "yarn" | ||
cache-dependency-path: "./out/yarn.lock" | ||
|
||
- name: Install dependencies | ||
run: yarn install --immutable | ||
working-directory: ./out | ||
|
||
- name: Build | ||
run: yarn build | ||
working-directory: ./out | ||
|
||
- name: Build the artifact | ||
id: make-artifact | ||
env: | ||
YARN_NODE_LINKER: node-modules | ||
YARN_NM_HOISTING_LIMITS: workspaces | ||
run: | | ||
set -e | ||
ENTRY_POINT=$(jq -r ${{ inputs.target_name == 'main' && '.main' || format('.exports.{0}', inputs.target_name) }} package.json) | ||
if [ -z $ENTRY_POINT ]; then | ||
echo "::error::invalid target" | ||
exit 1 | ||
fi | ||
# generate node_modules folder excluding devDependencies | ||
yarn workspaces focus --production | ||
FORMAT=$(jq -r 'if .type == "module" then "esm" else "cjs" end' package.json) | ||
SHORT_SHA=$(git rev-parse --short ${{ github.sha }}) | ||
# bundle compiled code, excluding node_modules | ||
curl -fsSL https://esbuild.github.io/dl/v0.21.5 | sh | ||
./esbuild index=$ENTRY_POINT --bundle --format=$FORMAT --platform=node --target=node20 --packages=external --outdir=dist | ||
# create a new package.json file, with the updated entry point | ||
jq --arg sha "+$SHORT_SHA" '{"name": .name, "version": (.version + $sha), "main": "index.js", "type": (if has("type") then .type else "commonjs" end), "dependencies": .dependencies}' package.json > dist/package.json | ||
# create the artifact (zip) with node_modules, index.js and package.json | ||
zip -r $BUNDLE_NAME.zip node_modules | ||
zip -ju $BUNDLE_NAME.zip dist/index.js dist/package.json | ||
echo "artifact-path=$(realpath $BUNDLE_NAME.zip)" >> "$GITHUB_OUTPUT" | ||
working-directory: ./out/apps/${{ inputs.workspace_name }} | ||
|
||
- name: Upload Artifact | ||
uses: actions/upload-artifact@694cdabd8bdb0f10b2cea11669e1bf5453eed0a6 # v4.2.0 | ||
with: | ||
name: ${{ env.BUNDLE_NAME }} | ||
path: ${{ steps.make-artifact.outputs.artifact-path }} | ||
if-no-files-found: error | ||
retention-days: 7 | ||
|
||
deploy: | ||
name: Deploy | ||
if: ${{ !github.event.act }} | ||
needs: [build] | ||
runs-on: ${{ inputs.use_private_agent == true && 'self-hosted' || 'ubuntu-22-04' }} | ||
environment: ${{ inputs.environment }}-cd | ||
permissions: | ||
id-token: write | ||
contents: read | ||
env: | ||
ARM_CLIENT_ID: ${{ secrets.ARM_CLIENT_ID }} | ||
ARM_SUBSCRIPTION_ID: ${{ secrets.ARM_SUBSCRIPTION_ID }} | ||
ARM_TENANT_ID: ${{ secrets.ARM_TENANT_ID }} | ||
ARM_USE_OIDC: true | ||
RESOURCE_GROUP_NAME: ${{ inputs.resource_group_name }} | ||
WEB_APP_NAME: ${{ inputs.web_app_name}} | ||
HEALTH_CHECK_PATH: ${{ inputs.health_check_path }} | ||
USE_STAGING_SLOT: ${{ inputs.use_staging_slot }} | ||
|
||
steps: | ||
- name: Download Artifact | ||
uses: actions/download-artifact@6b208ae046db98c579e8a3aa621ab581ff575935 # v4.1.1 | ||
with: | ||
name: ${{ env.BUNDLE_NAME }} | ||
|
||
- name: Azure Login | ||
uses: azure/login@v2 # v2.0.0 | ||
with: | ||
client-id: ${{ env.ARM_CLIENT_ID }} | ||
tenant-id: ${{ env.ARM_TENANT_ID }} | ||
subscription-id: ${{ env.ARM_SUBSCRIPTION_ID }} | ||
|
||
- name: Deploy | ||
uses: azure/webapps-deploy@v2 | ||
if: ${{ env.USE_STAGING_SLOT == 'false' }} | ||
with: | ||
resource-group-name: ${{ env.RESOURCE_GROUP_NAME }} | ||
app-name: ${{ env.WEB_APP_NAME }} | ||
package: ${{ env.BUNDLE_NAME }}.zip | ||
|
||
- name: Deploy to Staging Slot | ||
uses: azure/webapps-deploy@v2 | ||
if: ${{ env.USE_STAGING_SLOT == 'true' }} | ||
with: | ||
resource-group-name: ${{ env.RESOURCE_GROUP_NAME }} | ||
app-name: ${{ env.WEB_APP_NAME }} | ||
slot-name: staging | ||
package: ${{ env.BUNDLE_NAME }}.zip | ||
|
||
- name: Ping Staging Health | ||
if: ${{ env.USE_STAGING_SLOT == 'true' }} | ||
run: | | ||
curl \ | ||
--retry 5 \ | ||
--retry-max-time 120 \ | ||
--retry-all-errors \ | ||
-f 'https://${{ env.WEB_APP_NAME }}-staging.azurewebsites.net${{ env.HEALTH_CHECK_PATH }}' | ||
- name: Swap Staging and Production Slots | ||
if: ${{ env.USE_STAGING_SLOT == 'true' }} | ||
run: | | ||
az webapp deployment slot swap \ | ||
-g ${{ env.RESOURCE_GROUP_NAME }} \ | ||
-n ${{ env.WEB_APP_NAME }} \ | ||
--slot staging \ | ||
--target-slot production |