Create tag workflow and abstract to actions

OpenShock · Mar 4, 2024 · 895ec71 · 895ec71
1 parent fc309ba
commit 895ec71
Show file tree

Hide file tree

Showing 4 changed files with 177 additions and 85 deletions.
diff --git a/.github/actions/build/action.yml b/.github/actions/build/action.yml
@@ -0,0 +1,55 @@
+name: build
+description: Tests and builds the frontend
+inputs:
+  node-version:
+    required: true
+    description: Node.js version to use
+  artifact-name:
+    required: true
+    description: Name of the artifact to upload
+  skip-checkout:
+    description: If true, skips checkout
+    required: false
+    default: false
+
+runs:
+  using: composite
+  steps:
+    - uses: actions/checkout@v4
+      if: ${{ !inputs.skip-checkout }}
+
+    - uses: actions/setup-node@v4
+      with:
+        node-version: ${{ env.NODE_VERSION }}
+        cache: npm
+
+    - name: Install dependencies
+      shell: bash
+      run: npm ci
+
+    - name: Check
+      shell: bash
+      run: npm run check
+
+    - name: Install playwright
+      run: npx playwright install
+
+    - name: Test
+      shell: bash
+      run: npm test
+
+    - name: Build
+      shell: bash
+      run: npm run build
+
+    - name: Upload artifacts
+      uses: actions/upload-artifact@v4
+      with:
+        name: ${{ inputs.artifact-name }}
+        path: |
+          package.json
+          package-lock.json
+          build/
+          patches/
+        retention-days: 1
+        if-no-files-found: error
diff --git a/.github/actions/containerize/action.yml b/.github/actions/containerize/action.yml
@@ -0,0 +1,65 @@
+name: containerize
+description: Builds and pushes the frontend Docker image
+inputs:
+  registry:
+    required: true
+    description: Container registry to push the image to
+  registry-username:
+    required: true
+    description: Username to log in to the container registry
+  registry-password:
+    required: true
+    description: Password to log in to the container registry
+  artifact-name:
+    required: true
+    description: Name of the artifact to upload
+  push-image:
+    required: true
+    description: If true, pushes the image to the registry
+
+runs:
+  using: composite
+  steps:
+    - uses: actions/checkout@v4
+      with:
+        sparse-checkout-cone-mode: false
+        sparse-checkout: |
+          Dockerfile
+
+    - name: Download internal artifacts
+      uses: actions/download-artifact@v4
+      with:
+        name: frontend
+
+    - name: Set up Docker Buildx
+      uses: docker/setup-buildx-action@v3
+
+    - name: Log in to Container Registry
+      uses: docker/login-action@v3
+      with:
+        registry: ${{ inputs.registry }}
+        username: ${{ inputs.registry-username }}
+        password: ${{ inputs.registry-password }}
+
+    - name: Extract metadata (tags, labels) for Docker
+      id: meta
+      uses: docker/metadata-action@v5
+      with:
+        images: ${{ inputs.registry }}/${{ github.repository_owner }}/frontend
+        flavor: |
+          latest=false
+        tags: |
+          type=raw,value={{branch}},enable=${{ github.ref_type == 'branch' && github.event_name != 'pull_request' }}
+          type=ref,event=branch
+          type=ref,event=pr
+          type=semver,pattern={{major}},enable=${{ !startsWith(github.ref, 'refs/tags/v0') && !startsWith(github.ref, 'refs/tags/0') }}
+          type=semver,pattern={{major}}.{{minor}}
+          type=semver,pattern={{major}}.{{minor}}.{{patch}}
+
+    - name: Build and push Docker image
+      uses: docker/build-push-action@v5
+      with:
+        context: .
+        push: ${{ inputs.push-image }}
+        tags: ${{ steps.meta.outputs.tags }}
+        labels: ${{ steps.meta.outputs.labels }}
diff --git a/.github/workflows/ci-master.yml b/.github/workflows/ci-master.yml
@@ -12,106 +12,31 @@ name: ci-master
 
 env:
   NODE_VERSION: 20
-  REGISTRY: ghcr.io
-  ARTIFACT_NAME: openshock-frontend.zip
-  IMAGE_NAME: ${{ github.repository_owner }}/frontend
 
 jobs:
   build:
     runs-on: ubuntu-latest
 
     steps:
-      - uses: actions/checkout@v4
-
-      - uses: actions/setup-node@v4
+      - uses: ./.github/actions/build
         with:
           node-version: ${{ env.NODE_VERSION }}
-          cache: npm
-
-      - name: Install dependencies
-        shell: bash
-        run: npm ci
-
-      - name: Check
-        shell: bash
-        run: npm run check
-
-      - name: Install playwright
-        run: npx playwright install
-
-      - name: Test
-        shell: bash
-        run: npm test
-
-      - name: Build
-        shell: bash
-        run: npm run build
-
-      - name: Upload artifacts
-        uses: actions/upload-artifact@v4
-        with:
-          name: ${{ env.ARTIFACT_NAME }}
-          path: |
-            package.json
-            package-lock.json
-            build/
-            patches/
-          retention-days: 1
-          if-no-files-found: error
+          artifact-name: frontend
 
   containerize:
     runs-on: ubuntu-latest
     needs: build
 
     steps:
-      - uses: actions/checkout@v4
-        with:
-          sparse-checkout-cone-mode: false
-          sparse-checkout: |
-            Dockerfile
-      
-      - name: Download internal artifacts
-        uses: actions/download-artifact@v4
-        with:
-          name: ${{ env.ARTIFACT_NAME }}
-
-      - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v3
-
-      - name: Log in to Container Registry
-        uses: docker/login-action@v3
-        with:
-          registry: ${{ env.REGISTRY }}
-          username: ${{ github.actor }}
-          password: ${{ secrets.GITHUB_TOKEN }}
-
-      - name: Extract metadata (tags, labels) for Docker
-        id: meta
-        uses: docker/metadata-action@v5
-        with:
-          images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
-          flavor: |
-            latest=false
-          tags: |
-            type=raw,value={{branch}},enable=${{ github.ref_type == 'branch' && github.event_name != 'pull_request' }}
-            type=ref,event=branch
-            type=ref,event=pr
-            type=semver,pattern={{major}},enable=${{ !startsWith(github.ref, 'refs/tags/v0.') }}
-            type=semver,pattern={{major}}.{{minor}}
-            type=semver,pattern={{major}}.{{minor}}.{{patch}}
-            type=semver,pattern={{major}}.{{minor}}.{{patch}}+{{build}}
-            type=semver,pattern={{major}}.{{minor}}.{{patch}}-{{prerelease}}
-            type=semver,pattern={{major}}.{{minor}}.{{patch}}-{{prerelease}}+{{build}}
-
-      - name: Build image
-        uses: docker/build-push-action@v5
+      - uses: ./.github/actions/containerize
         with:
-          context: .
-          push: ${{ github.event_name != 'pull_request' }}
-          tags: ${{ steps.meta.outputs.tags }}
-          labels: ${{ steps.meta.outputs.labels }}
+          registry: ghcr.io
+          registry-username: ${{ github.actor }}
+          registry-password: ${{ secrets.GITHUB_TOKEN }}
+          artifact-name: frontend
+          push-image: ${{ github.ref_type == 'branch' && github.ref_protected && github.event_name != 'pull_request' }}
 
-  deploy:
+  trigger-deployment:
     runs-on: ubuntu-latest
     needs: containerize
     if: ${{ github.ref_type == 'branch' && github.ref_protected && github.event_name != 'pull_request' }}
@@ -123,4 +48,4 @@ jobs:
         env:
           WEBHOOK_URL: ${{ secrets.WEBHOOK_URL }}
         run: |
-          curl -X POST -d "" "$WEBHOOK_URL"
+          curl -X POST -d "" "$WEBHOOK_URL"
diff --git a/.github/workflows/ci-tag.yml b/.github/workflows/ci-tag.yml
@@ -0,0 +1,47 @@
+on:
+  push:
+    tags:
+      - '*.*'
+      - '*.*.*'
+  workflow_dispatch: # Manually invoked by user.
+
+name: ci-tag
+
+env:
+  NODE_VERSION: 20
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+
+    steps:
+      - uses: ./.github/actions/build
+        with:
+          node-version: ${{ env.NODE_VERSION }}
+          artifact-name: frontend
+
+  containerize:
+    runs-on: ubuntu-latest
+    needs: build
+
+    steps:
+      - uses: ./.github/actions/containerize
+        with:
+          registry: ghcr.io
+          registry-username: ${{ github.actor }}
+          registry-password: ${{ secrets.GITHUB_TOKEN }}
+          artifact-name: frontend
+          push-image: true
+
+  trigger-deployment:
+    runs-on: ubuntu-latest
+    needs: containerize
+    environment: production
+
+    steps:
+      - name: Call deployment webhook
+        shell: bash
+        env:
+          WEBHOOK_URL: ${{ secrets.WEBHOOK_URL }}
+        run: |
+          curl -X POST -d "" "$WEBHOOK_URL"