Skip to content

Commit

Permalink
fix(workflow): upgraded workflows to push to radix
Browse files Browse the repository at this point in the history
  • Loading branch information
Sinrefvol committed May 23, 2024
1 parent 703b177 commit c3b0d19
Show file tree
Hide file tree
Showing 9 changed files with 310 additions and 39 deletions.
68 changes: 68 additions & 0 deletions .github/workflows/build-and-publish.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,68 @@
name: Build and publish component

on:
workflow_call:
inputs:
Registry:
required: true
type: string
Tag:
required: true
type: string
ImageName:
required: true
type: string
Environment:
required: true
type: string
GitRef:
required: false
type: string

jobs:
build-and-push-container:
runs-on: ubuntu-latest
environment: ${{ inputs.Environment }}
permissions:
contents: read
packages: write

steps:
- name: Checkout repository
uses: actions/checkout@v4
with:
ref: ${{ inputs.GitRef }}

- name: Log in to the Github Container registry
uses: docker/login-action@v3
with:
registry: ${{ inputs.Registry }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}

- name: Extract metadata (tags, labels) for Docker
id: meta
uses: docker/metadata-action@v5
with:
images: ${{ inputs.Registry }}/${{ inputs.ImageName }}

- name: 'Create env file'
run: |
touch .env
echo REACT_APP_AAD_CLIENT_ID=${{ secrets.CLIENT_ID }} >> .env
echo REACT_APP_AAD_TENANT_ID=${{ secrets.TENANT_ID }} >> .env
echo REACT_APP_AAD_REDIRECT_URI=/ >> .env
echo REACT_APP_BACKEND_URL=${{ vars.BACKEND_URL }} >> .env
echo REACT_APP_BACKEND_API_SCOPE=${{ vars.BACKEND_API_SCOPE }} >> .env
cat .env
- name: Build and push Docker image
uses: docker/build-push-action@v5
with:
context: ./src
file: ./Dockerfile
target: release
push: true
tags: |
${{ inputs.Registry }}/${{ inputs.ImageName }}:${{ inputs.Tag }}
labels: ${{ steps.meta.outputs.labels }}
71 changes: 71 additions & 0 deletions .github/workflows/deploy-to-dev.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,71 @@
name: Deploy to Development

# Only one workflow in a concurrency group may run at a time
concurrency:
group: development-concurrency
cancel-in-progress: true

on:
release:
types: [created]
push:
branches:
- "main"
paths:
- "src/**"
- "package.json"
- "package-lock.json"
- "yarn.lock"

jobs:
trigger-github-deployment:
name: Trigger Github Deployment
runs-on: ubuntu-latest
environment: dev
steps:
- name: Notify
run: echo "Deployment started"

get-or-create-tag:
needs: trigger-github-deployment
name: Get or create tag
outputs:
tag: ${{ steps.get-tag.outputs.tag }}
runs-on: ubuntu-latest
steps:
- id: get-tag
run: |
if echo ${{ github.event_name }} | grep "release"
then
RELEASE_TAG=$(echo ${{ github.event.release.tag_name }})
echo "tag=$RELEASE_TAG" >> "$GITHUB_OUTPUT"
else
SHA_SHORT=$(echo ${{ github.sha }} | cut -c1-8)
echo "tag=$SHA_SHORT" >> "$GITHUB_OUTPUT"
fi
shell: bash

build-and-publish-component:
name: "Build and publish component"
needs: [get-or-create-tag, trigger-github-deployment]
uses: ./.github/workflows/build-and-publish.yml
with:
Registry: ghcr.io
ImageName: ${{ github.repository }}
Environment: dev
# Add dev. prefix for the tags used in dev environment,
# due to the commit hash can be interpreted as an integer if only numbers
# PS: Needs to match deploy.with.Tag
Tag: dev.${{ needs.get-or-create-tag.outputs.tag }}
secrets: inherit

deploy:
name: Update deployment in Develompent
needs: [build-and-publish-component, trigger-github-deployment, get-or-create-tag]
uses: ./.github/workflows/deploy-to-radix.yml
with:
Environment: dev
VersionTag: "dev.${{ needs.get-or-create-tag.outputs.tag }}"
secrets:
ClientId: ${{ secrets.CLIENT_ID }}
TenantId: ${{ secrets.TENANT_ID }}
71 changes: 71 additions & 0 deletions .github/workflows/deploy-to-production.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,71 @@
name: Promote to Production

# Only one workflow in a concurrency group may run at a time
concurrency:
group: production-concurrency
cancel-in-progress: true

on:
workflow_dispatch:

env:
REGISTRY: ghcr.io

jobs:
trigger-github-deployment:
name: Trigger GitHub Deployment
environment: prod
runs-on: ubuntu-latest
steps:
- name: Deploy production
run: echo "Deplying to production"

get-test-version:
name: Get version from test
needs: trigger-github-deployment
outputs:
versionTag: ${{ steps.get_version_tag.outputs.tags }}
runs-on: ubuntu-latest
environment: prod
steps:

- name: Checkout repository
uses: actions/checkout@v4

- name: Log in to the Github Container registry
uses: docker/login-action@v3
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}

- name: Extract metadata (tags, labels) for Docker
id: get_version_tag
uses: docker/metadata-action@v5
with:
images: ${{ env.REGISTRY }}/${{ github.repository }}/test:latest
tags: |
type=semver,pattern=v{{version}}
build-and-publish-prod:
name: Build and publish Production
needs: get-test-version
uses: ./.github/workflows/build-and-publish.yml
with:
Registry: ghcr.io
ImageName: ${{ github.repository }}
Tag: prod.${{ needs.get-test-version.outputs.versionTag }}
Environment: prod
GitRef: ${{ needs.get-test-version.outputs.versionTag }}
secrets: inherit

deploy:
name: Update deployment in Production
needs: [get-test-version, trigger-github-deployment]
uses: ./.github/workflows/deploy-to-radix.yml
with:
Environment: prod
VersionTag: prod.${{ needs.get-test-version.outputs.versionTag }}
secrets:
ClientId: ${{ secrets.CLIENT_ID }}
TenantId: ${{ secrets.TENANT_ID }}
54 changes: 54 additions & 0 deletions .github/workflows/deploy-to-radix.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,54 @@
name: Deploy to Radix

on:
workflow_call:
inputs:
Environment:
required: true
type: string
VersionTag:
required: true
type: string
secrets:
ClientId:
required: true
TenantId:
required: true


permissions:
id-token: write
contents: read

jobs:
deploy:
runs-on: ubuntu-latest
environment: ${{inputs.Environment}}
steps:
- uses: actions/checkout@v4

- name: 'Az CLI login'
uses: azure/login@v2
with:
client-id: ${{ secrets.ClientId}}
tenant-id: ${{ secrets.TenantId}}
allow-no-subscriptions: true

- name: RADIX Login
run: |
token=$(az account get-access-token --resource 6dae42f8-4368-4678-94ff-3960e28e3630 --query=accessToken -otsv | tr -d '[:space:]')
echo "::add-mask::$token"
echo "APP_SERVICE_ACCOUNT_TOKEN=$token" >> $GITHUB_ENV
- name: 'Deploy API on Radix'
uses: equinor/radix-github-actions@v1
with:
github-token: ${{ secrets.GITHUB_TOKEN }}
args: >
create pipeline-job
deploy
--application pepm
--component web
--environment ${{ inputs.Environment }}
--image-tag-name web=${{ inputs.VersionTag }}
--follow
41 changes: 41 additions & 0 deletions .github/workflows/deploy-to-test.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,41 @@
name: Deploy to Test

# Only one workflow in a concurrency group may run at a time
concurrency:
group: test-concurrency
cancel-in-progress: true

on:
release:
types: [created]

jobs:
trigger-github-deployment:
name: Trigger GitHub Deployment
environment: test
runs-on: ubuntu-latest
steps:
- name: Start deployment to test
run: echo "Deployment to test started"

build-and-publish-release-to-test:
name: Build and publish containers for test
uses: ./.github/workflows/build-and-publish.yml
needs: trigger-github-deployment
with:
Registry: ghcr.io
ImageName: ${{ github.repository }}
Tag: test.${{ github.event.release.tag_name }}
Environment: test
secrets: inherit

deploy:
name: Update deployment in Test
needs: [trigger-github-deployment, build-and-publish-release-to-test]
uses: ./.github/workflows/deploy-to-radix.yml
with:
Environment: test
VersionTag: ${{ github.event.release.tag_name }}
secrets:
ClientId: ${{ secrets.CLIENT_ID }}
TenantId: ${{ secrets.TENANT_ID }}
32 changes: 2 additions & 30 deletions Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -9,38 +9,10 @@ COPY . .
FROM base AS local
CMD ["yarn", "start"]

FROM base AS dev
FROM base AS release

RUN yarn global add serve
RUN yarn run build:dev
# Add non-root user
RUN deluser --remove-home node \
&& addgroup -S node -g 1001 \
&& adduser -S -G node -u 1001 node

USER 1001
EXPOSE 3000
CMD ["serve", "build", "--listen", "3000", "-s"]



FROM base AS test

RUN yarn global add serve
RUN yarn run build:test
# Add non-root user
RUN deluser --remove-home node \
&& addgroup -S node -g 1001 \
&& adduser -S -G node -u 1001 node

USER 1001
EXPOSE 3000
CMD ["serve", "build", "--listen", "3000", "-s"]

FROM base AS production

RUN yarn global add serve
RUN yarn run build:production
RUN yarn run build:release
# Add non-root user
RUN deluser --remove-home node \
&& addgroup -S node -g 1001 \
Expand Down
2 changes: 1 addition & 1 deletion docker-compose.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@ version: '3.9'
services:

pepm-ui:
image: ghcr.io/equinor/pepm-ui/pepm-ui:${ENVIRONMENT}.latest
image: ghcr.io/equinor/pepm-ui:${TAG}
build:
target: ${ENVIRONMENT}
context: .
Expand Down
4 changes: 1 addition & 3 deletions package.json
Original file line number Diff line number Diff line change
Expand Up @@ -38,9 +38,7 @@
},
"scripts": {
"start": "env-cmd -f .env.local react-scripts start",
"build:dev": "env-cmd -f .env.dev react-scripts build",
"build:test": "env-cmd -f .env.test react-scripts build",
"build:production": "env-cmd -f .env.production react-scripts build",
"build:release": "env-cmd -f .env react-scripts build",
"build": "react-scripts build",
"test": "react-scripts test --transformIgnorePatterns \"node_modules/(?!axios)/\"",
"test:ts": "tsc --noEmit",
Expand Down
6 changes: 1 addition & 5 deletions radixconfig.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -9,14 +9,10 @@ spec:
build:
from: main
- name: test
build:
from: main
- name: prod
build:
from: main
components:
- name: web
image: ghcr.io/equinor/pepm-ui/pepm-ui:{imageTagName}
image: ghcr.io/equinor/pepm-ui:{imageTagName}
publicPort: http
ports:
- name: http
Expand Down

0 comments on commit c3b0d19

Please sign in to comment.