update nx to remove warnings (#4015) #1468
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Master/Release Branch Build | |
| on: | |
| push: | |
| branches: | |
| - master | |
| secrets: | |
| GH_PAT: | |
| required: true | |
| AWS_ACCOUNT_ID_DEV: | |
| required: true | |
| AWS_ECR_ROLE_DEV: | |
| required: true | |
| AWS_REGION_DEV: | |
| required: true | |
| # Ensure that only the latest push to master is run, | |
| # and any previous builds on the branch are cancelled automatically | |
| # (to save money on Github Actions execution time, and ensure that | |
| # we don't have multiple deploys to Dev environment running at once) | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.ref }} | |
| cancel-in-progress: true | |
| # Request permissions to be able to access the Github OIDC JWT, | |
| # which is needed for AWS actions. | |
| permissions: | |
| id-token: write # This is required for requesting a JWT | |
| contents: read # This is required for actions/checkout | |
| jobs: | |
| build: | |
| env: | |
| FULL_SHA: ${{ github.sha }} | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 10 | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 1 | |
| - name: Setup node | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: 20.14.0 | |
| cache: "npm" | |
| - name: Setup Uesio CLI Symlink | |
| shell: bash | |
| run: | | |
| # Symlink for Uesio CLI, which is created in build and then used in subsequent builds and tests | |
| mkdir -p dist/cli | |
| sudo ln -s $PWD/dist/cli/uesio /usr/local/bin/uesio | |
| - name: Configure AWS credentials | |
| uses: aws-actions/configure-aws-credentials@v4 | |
| with: | |
| role-to-assume: ${{ secrets.AWS_ECR_ROLE_DEV }} | |
| role-session-name: ecrpush | |
| aws-region: ${{ secrets.AWS_REGION_DEV }} | |
| - name: Login to Amazon ECR | |
| id: login-ecr | |
| uses: aws-actions/amazon-ecr-login@v1.6.0 | |
| - name: Use Go | |
| uses: actions/setup-go@v5 | |
| with: | |
| go-version: 1.21.3 | |
| cache-dependency-path: apps/*/go.sum | |
| - name: Build, test, and docker push to ECR | |
| shell: bash | |
| env: | |
| REGISTRY_ID: ${{ secrets.AWS_ACCOUNT_ID_DEV }} | |
| IMAGE_TAG: ${{ steps.login-ecr.outputs.registry }}/uesio:${{ github.sha }} | |
| UESIO_DEV: "true" | |
| run: | | |
| # These exports need to run every time | |
| export GITSHA=$(echo ${FULL_SHA} | cut -c1-8) | |
| echo "GITSHA=`echo ${FULL_SHA} | cut -c1-8`" >> $GITHUB_ENV | |
| mkdir artifacts | |
| echo "$IMAGE_TAG" > ./artifacts/new_image.txt | |
| echo "$GITSHA" > ./artifacts/short_sha.txt | |
| # Skip build if image already exists | |
| image_exists=$(bash ./scripts/ecr-image-exists.sh $REGISTRY_ID uesio $FULL_SHA) | |
| npm ci | |
| if [[ "$image_exists" == "yes" ]]; then | |
| echo "Docker image already exists, skipping build and docker push" | |
| docker pull $IMAGE_TAG | |
| echo "APP_IMAGE=`echo ${IMAGE_TAG}`" >> $GITHUB_ENV | |
| # We need to build the CLI so that we can run integration tests | |
| npm run build-cli | |
| exit 0 | |
| else | |
| echo "Image does not exist, building and pushing" | |
| fi | |
| npm run prettier-check | |
| npm run affected:lint -- --base=origin/master --head=$GITHUB_SHA --parallel | |
| npm run build-all | |
| npm run affected:test -- --base=origin/master --head=$GITHUB_SHA --parallel | |
| docker build -t $IMAGE_TAG -t $GITSHA -f ./apps/platform/Dockerfile --build-arg GITSHA . | |
| echo "APP_IMAGE=`echo ${GITSHA}`" >> $GITHUB_ENV | |
| docker push $IMAGE_TAG | |
| - name: Upload image id | |
| uses: actions/upload-artifact@v3 | |
| with: | |
| name: image-artifacts | |
| path: | | |
| artifacts | |
| - name: Add subdomains to /etc/hosts | |
| run: bash ./scripts/seed-etc-hosts.sh | |
| - name: Run E2E and API Integration tests against app in Docker | |
| run: | | |
| # install hurl for debian. Using the NPM package has SSL issues with node-keytar... really frustrating | |
| # Make sure we're using the same Hurl version specified in package.json | |
| hurlversion=$(bash ./scripts/get-hurl-version.sh) | |
| echo "Installing hurl $hurlversion for Debian..." | |
| curl -LO https://github.com/Orange-OpenSource/hurl/releases/download/${hurlversion}/hurl_${hurlversion}_amd64.deb | |
| sudo apt update && sudo apt install ./hurl_${hurlversion}_amd64.deb | |
| # Start up the Uesio app, and dependencies, in Docker | |
| # then run all Integration and E2E tests against the app | |
| npm run tests-ci | |
| update-dev-branch: | |
| name: Update Dev environment to latest image | |
| if: github.ref_name == 'master' | |
| runs-on: ubuntu-latest | |
| needs: build | |
| timeout-minutes: 3 | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| repository: TheCloudMasters/uesio-infra | |
| token: ${{ secrets.GH_PAT }} # `GH_PAT` is a secret that contains your personal Github access token | |
| fetch-depth: 1 | |
| - name: Download image id artifact | |
| uses: actions/download-artifact@v3 | |
| with: | |
| name: image-artifacts | |
| - name: Load new image into env var | |
| run: | | |
| echo "NEW_IMAGE=$(cat ./new_image.txt)" >> $GITHUB_ENV | |
| echo "SHORT_SHA=$(cat ./short_sha.txt)" >> $GITHUB_ENV | |
| - name: Update Docker container image tag for dev | |
| env: | |
| appTaskDefPath: ./aws/dev/ecs/task_definitions/uesio_web.json | |
| workerTaskDefPath: ./aws/dev/ecs/task_definitions/uesio_worker.json | |
| run: | | |
| echo "Docker image SHA updated to $SHORT_SHA" | |
| jq --arg img "$NEW_IMAGE" '.containerDefinitions[0].image = $img' $appTaskDefPath > tmp1.json | |
| jq --arg img "$NEW_IMAGE" '.containerDefinitions[0].image = $img' $workerTaskDefPath > tmp2.json | |
| mv tmp1.json $appTaskDefPath | |
| mv tmp2.json $workerTaskDefPath | |
| git config user.name github-actions | |
| git config user.email github-actions@github.com | |
| git add $appTaskDefPath $workerTaskDefPath | |
| git commit -m "ci: Auto-update dev image to $SHORT_SHA" | |
| git push |