From e646a09a0f80bb0ebe2c6909b98aafce0a887056 Mon Sep 17 00:00:00 2001 From: jluque Date: Tue, 21 Nov 2023 11:03:11 +0100 Subject: [PATCH 1/6] chore(INFRA-1282): add release action --- .github/workflows/build-test.yml | 71 ++++++++++++++++++++++++++++++++ .github/workflows/main.yml | 46 +++++++++++++++++++++ .github/workflows/release.yml | 38 +++++++++++++++++ 3 files changed, 155 insertions(+) create mode 100644 .github/workflows/build-test.yml create mode 100644 .github/workflows/main.yml create mode 100644 .github/workflows/release.yml diff --git a/.github/workflows/build-test.yml b/.github/workflows/build-test.yml new file mode 100644 index 00000000..50afd431 --- /dev/null +++ b/.github/workflows/build-test.yml @@ -0,0 +1,71 @@ +name: Build, Lint, and Test + +on: + workflow_call: + +jobs: + prepare: + name: Prepare + runs-on: ubuntu-latest + steps: + # v4.1.1 + - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 + - name: Use Node.js + # v4.0.0 + uses: actions/setup-node@8f152de45cc393bb48ce5d89d36b731f54556e65 + with: + node-version-file: '.nvmrc' + cache: 'yarn' + - name: Install Yarn dependencies + run: yarn --immutable + + build: + name: Build + runs-on: ubuntu-latest + needs: + - prepare + steps: + - uses: actions/checkout@v3 + - name: Use Node.js + uses: actions/setup-node@v3 + with: + node-version-file: '.nvmrc' + cache: 'yarn' + - run: yarn --immutable --immutable-cache + - run: yarn build + - name: Store build artifact + uses: actions/upload-artifact@v3 + with: + name: build + path: ./build/ + - name: Require clean working directory + shell: bash + run: | + if ! git diff --exit-code; then + echo "Working tree dirty at end of job" + exit 1 + fi + + test: + name: Test + runs-on: ubuntu-latest + needs: + - prepare + steps: + # v4.1.1 + - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 + - name: Use Node.js + # v4.0.0 + uses: actions/setup-node@8f152de45cc393bb48ce5d89d36b731f54556e65 + with: + node-version-file: '.nvmrc' + cache: 'yarn' + - run: yarn --immutable --immutable-cache + - run: yarn test + - name: Require clean working directory + shell: bash + run: | + if ! git diff --exit-code; then + echo "Working tree dirty at end of job" + exit 1 + fi \ No newline at end of file diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml new file mode 100644 index 00000000..9677d3fb --- /dev/null +++ b/.github/workflows/main.yml @@ -0,0 +1,46 @@ +name: Main + +on: + pull_request: + +jobs: + check-workflows: + name: Check workflows + runs-on: ubuntu-latest + steps: + # v4.1.1 + - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 + - name: Download actionlint + id: download-actionlint + run: bash <(curl https://raw.githubusercontent.com/rhysd/actionlint/7fdc9630cc360ea1a469eed64ac6d78caeda1234/scripts/download-actionlint.bash) 1.6.23 + shell: bash + - name: Check workflow files + run: ${{ steps.download-actionlint.outputs.executable }} -color + shell: bash + + build-test: + name: Build and test + uses: ./.github/workflows/build-test.yml + + release-uat: + name: UAT Release + uses: ./.github/workflows/release.yml + needs: [ build-test ] + #if: github.ref == 'refs/heads/main' + if: always() + permissions: + contents: read + id-token: write + with: + environment: uat + + release-prd: + name: PRD Release + uses: ./.github/workflows/release.yml + needs: [ build-test ] + #if: github.ref == 'refs/heads/main' + permissions: + contents: read + id-token: write + with: + environment: prd \ No newline at end of file diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml new file mode 100644 index 00000000..fc953da4 --- /dev/null +++ b/.github/workflows/release.yml @@ -0,0 +1,38 @@ +on: + workflow_call: + inputs: + environment: + required: true + description: Environment name + type: string +jobs: + deploy: + name: Deploy + runs-on: ubuntu-latest + environment: + name: ${{ inputs.environment }} + steps: + # v4.1.1 + - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 + - name: Use Node.js + # v4.0.0 + uses: actions/setup-node@8f152de45cc393bb48ce5d89d36b731f54556e65 + with: + node-version-file: '.nvmrc' + cache: 'yarn' + - name: configure AWS credentials + # v4.0.1 + uses: aws-actions/configure-aws-credentials@010d0da01d0b5a38af31e9c3470dbfdabdecca3a + with: + role-to-assume: ${{ vars.AWS_ROLE_ARN }} + role-session-name: ghactionssession + aws-region: ${{ vars.AWS_REGION }} + - name: download build artifact + uses: actions/download-artifact@v3 + with: + name: build + path: ./build/ + - name: Deploy website + run: | + aws s3 cp ./build/ s3://${{ vars.AWS_BUCKET_NAME }}/ --recursive --acl private + aws cloudfront create-invalidation --distribution-id ${{ vars.AWS_CF_DISTRIBUTION_ID }} --paths "/" From 8c823c054bb882e066e7cf0d9572fcd707d98dbf Mon Sep 17 00:00:00 2001 From: jluque Date: Tue, 21 Nov 2023 11:54:37 +0100 Subject: [PATCH 2/6] chore(INFRA-1282): Update readme, rename to master --- .github/workflows/{main.yml => master.yml} | 9 +++-- README.md | 43 +++++++++++++++++++--- 2 files changed, 43 insertions(+), 9 deletions(-) rename .github/workflows/{main.yml => master.yml} (87%) diff --git a/.github/workflows/main.yml b/.github/workflows/master.yml similarity index 87% rename from .github/workflows/main.yml rename to .github/workflows/master.yml index 9677d3fb..44c6315d 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/master.yml @@ -2,6 +2,8 @@ name: Main on: pull_request: + push: + branches: [master] jobs: check-workflows: @@ -26,8 +28,7 @@ jobs: name: UAT Release uses: ./.github/workflows/release.yml needs: [ build-test ] - #if: github.ref == 'refs/heads/main' - if: always() + if: github.ref == 'refs/heads/master' permissions: contents: read id-token: write @@ -37,8 +38,8 @@ jobs: release-prd: name: PRD Release uses: ./.github/workflows/release.yml - needs: [ build-test ] - #if: github.ref == 'refs/heads/main' + needs: [ build-test, release-uat ] + if: github.ref == 'refs/heads/master' permissions: contents: read id-token: write diff --git a/README.md b/README.md index bc8c2681..9db5a197 100644 --- a/README.md +++ b/README.md @@ -71,12 +71,45 @@ The project follows the same release process as the other projects in the MetaMa ### Deployments -- Make sure you have the netlify client configured with your credentials and you have access to the project. +#### Repository Release Process Documentation -#### Staging +This section provides a detailed explanation of the release process for this repository, which is managed through a GitHub Action workflow. -- `npm run deploy` +##### Workflow Overview -#### Production +The GitHub Action workflow is named `master` and it is triggered on every pull request and push to the `master` branch. The workflow consists of four jobs: + +1. `check-workflows` +2. `build-test` +3. `release-uat` +4. `release-prd` + +###### 1. Check Workflows + +This job performs the following steps: + +- Checks out the repository using the `actions/checkout` action. +- Downloads `actionlint`, a tool for linting GitHub Actions workflow files. +- Checks the workflow files using `actionlint`. + +###### 2. Build and Test + +This job uses the workflow defined in `./.github/workflows/build-test.yml`. It is responsible for building the project and running tests to ensure the code is working as expected. + +###### 3. UAT Release + +This job uses the workflow defined in `./.github/workflows/release.yml`. It is dependent on the `build-test` job and only runs if the `build-test` job is successful and the current branch is `master`. This job is responsible for releasing the project to the User Acceptance Testing (UAT) environment. + +###### 4. PRD Release + +This job is similar to the `release-uat` job but it releases the project to the Production (PRD) environment. It also depends on the `build-test` job and only runs if the `build-test` job is successful and the current branch is `master`. + +##### Release Process + +The release process is initiated when a pull request is merged into the `master` branch or when a direct push is made to the `master` branch. Here are the steps that are followed: + +1. The `check-workflows` job is run to ensure the workflow files are valid. +2. If the workflow files are valid, the `build-test` job is run to build the project and run tests. +3. If the `build-test` job is successful, the `release-uat` job is run to release the project to the UAT environment. +4. If the `release-uat` job is successful, the `release-prd` job is run to release the project to the PRD environment, ideally `prd` GitHub environment has configured environment deployment policy (approvals). -- `npm run deploy:prod` From 4bc054d5ee7aca7de5689c742bfa8f0c87fda8e3 Mon Sep 17 00:00:00 2001 From: jluque Date: Wed, 6 Dec 2023 12:55:21 +0100 Subject: [PATCH 3/6] chore(INFRA-1282): remove inmutable and unrequired step --- .github/workflows/build-test.yml | 4 ++-- .github/workflows/release.yml | 8 -------- 2 files changed, 2 insertions(+), 10 deletions(-) diff --git a/.github/workflows/build-test.yml b/.github/workflows/build-test.yml index 50afd431..eccb3319 100644 --- a/.github/workflows/build-test.yml +++ b/.github/workflows/build-test.yml @@ -17,7 +17,7 @@ jobs: node-version-file: '.nvmrc' cache: 'yarn' - name: Install Yarn dependencies - run: yarn --immutable + run: yarn build: name: Build @@ -31,7 +31,7 @@ jobs: with: node-version-file: '.nvmrc' cache: 'yarn' - - run: yarn --immutable --immutable-cache + - run: yarn - run: yarn build - name: Store build artifact uses: actions/upload-artifact@v3 diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index fc953da4..9556dc53 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -12,14 +12,6 @@ jobs: environment: name: ${{ inputs.environment }} steps: - # v4.1.1 - - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 - - name: Use Node.js - # v4.0.0 - uses: actions/setup-node@8f152de45cc393bb48ce5d89d36b731f54556e65 - with: - node-version-file: '.nvmrc' - cache: 'yarn' - name: configure AWS credentials # v4.0.1 uses: aws-actions/configure-aws-credentials@010d0da01d0b5a38af31e9c3470dbfdabdecca3a From 19290bd370d410e792f2e6b4e26686b5adc66ace Mon Sep 17 00:00:00 2001 From: Jose Luque Date: Thu, 14 Dec 2023 11:41:54 +0100 Subject: [PATCH 4/6] chore(INFRA-1282): update yarn settings --- .github/workflows/build-test.yml | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/.github/workflows/build-test.yml b/.github/workflows/build-test.yml index eccb3319..7f2f1e90 100644 --- a/.github/workflows/build-test.yml +++ b/.github/workflows/build-test.yml @@ -17,7 +17,7 @@ jobs: node-version-file: '.nvmrc' cache: 'yarn' - name: Install Yarn dependencies - run: yarn + run: yarn --immutable build: name: Build @@ -60,7 +60,7 @@ jobs: with: node-version-file: '.nvmrc' cache: 'yarn' - - run: yarn --immutable --immutable-cache + - run: yarn - run: yarn test - name: Require clean working directory shell: bash @@ -68,4 +68,5 @@ jobs: if ! git diff --exit-code; then echo "Working tree dirty at end of job" exit 1 - fi \ No newline at end of file + fi + From 619b9ddf180819f3991464ca5cd857cea2bfb4b1 Mon Sep 17 00:00:00 2001 From: Jose Luque Date: Thu, 14 Dec 2023 11:43:43 +0100 Subject: [PATCH 5/6] chore(INFRA-1282): fix --- .github/workflows/build-test.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/build-test.yml b/.github/workflows/build-test.yml index 7f2f1e90..7bef8686 100644 --- a/.github/workflows/build-test.yml +++ b/.github/workflows/build-test.yml @@ -17,7 +17,7 @@ jobs: node-version-file: '.nvmrc' cache: 'yarn' - name: Install Yarn dependencies - run: yarn --immutable + run: yarn build: name: Build @@ -31,7 +31,7 @@ jobs: with: node-version-file: '.nvmrc' cache: 'yarn' - - run: yarn + - run: yarn --immutable - run: yarn build - name: Store build artifact uses: actions/upload-artifact@v3 From 83b4c615c02316b92f0ca904030eddb93773cf61 Mon Sep 17 00:00:00 2001 From: Jose Luque Date: Fri, 15 Dec 2023 19:10:00 +0100 Subject: [PATCH 6/6] chore(INFRA-1282): add only immutable --- .github/workflows/build-test.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build-test.yml b/.github/workflows/build-test.yml index 7bef8686..b69c5095 100644 --- a/.github/workflows/build-test.yml +++ b/.github/workflows/build-test.yml @@ -60,7 +60,7 @@ jobs: with: node-version-file: '.nvmrc' cache: 'yarn' - - run: yarn + - run: yarn --immutable - run: yarn test - name: Require clean working directory shell: bash