Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

chore(INFRA-1282): add release action #193

Open
wants to merge 6 commits into
base: master
Choose a base branch
from
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
72 changes: 72 additions & 0 deletions .github/workflows/build-test.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,72 @@
name: Build, Lint, and Test

on:
workflow_call:

jobs:
prepare:
name: Prepare
runs-on: ubuntu-latest
steps:
# v4.1.1
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11
- name: Use Node.js
# v4.0.0
uses: actions/setup-node@8f152de45cc393bb48ce5d89d36b731f54556e65
with:
node-version-file: '.nvmrc'
cache: 'yarn'
- name: Install Yarn dependencies
run: yarn

build:
name: Build
runs-on: ubuntu-latest
needs:
- prepare
steps:
- uses: actions/checkout@v3
- name: Use Node.js
uses: actions/setup-node@v3
with:
node-version-file: '.nvmrc'
cache: 'yarn'
- run: yarn --immutable
- run: yarn build
- name: Store build artifact
uses: actions/upload-artifact@v3
with:
name: build
path: ./build/
- name: Require clean working directory
shell: bash
run: |
if ! git diff --exit-code; then
echo "Working tree dirty at end of job"
exit 1
fi

test:
name: Test
runs-on: ubuntu-latest
needs:
- prepare
steps:
# v4.1.1
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11
- name: Use Node.js
# v4.0.0
uses: actions/setup-node@8f152de45cc393bb48ce5d89d36b731f54556e65
with:
node-version-file: '.nvmrc'
cache: 'yarn'
- run: yarn --immutable
- run: yarn test
- name: Require clean working directory
shell: bash
run: |
if ! git diff --exit-code; then
echo "Working tree dirty at end of job"
exit 1
fi

47 changes: 47 additions & 0 deletions .github/workflows/master.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,47 @@
name: Main

on:
pull_request:
push:
branches: [master]

jobs:
check-workflows:
name: Check workflows
runs-on: ubuntu-latest
steps:
# v4.1.1
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11
- name: Download actionlint
id: download-actionlint
run: bash <(curl https://raw.githubusercontent.com/rhysd/actionlint/7fdc9630cc360ea1a469eed64ac6d78caeda1234/scripts/download-actionlint.bash) 1.6.23
shell: bash
- name: Check workflow files
run: ${{ steps.download-actionlint.outputs.executable }} -color
shell: bash

build-test:
name: Build and test
uses: ./.github/workflows/build-test.yml

release-uat:
name: UAT Release
uses: ./.github/workflows/release.yml
needs: [ build-test ]
if: github.ref == 'refs/heads/master'
permissions:
contents: read
id-token: write
with:
environment: uat

release-prd:
name: PRD Release
uses: ./.github/workflows/release.yml
needs: [ build-test, release-uat ]
if: github.ref == 'refs/heads/master'
permissions:
contents: read
id-token: write
with:
environment: prd
30 changes: 30 additions & 0 deletions .github/workflows/release.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,30 @@
on:
workflow_call:
inputs:
environment:
required: true
description: Environment name
type: string
jobs:
deploy:
name: Deploy
runs-on: ubuntu-latest
environment:
name: ${{ inputs.environment }}
steps:
- name: configure AWS credentials
# v4.0.1
uses: aws-actions/configure-aws-credentials@010d0da01d0b5a38af31e9c3470dbfdabdecca3a
with:
role-to-assume: ${{ vars.AWS_ROLE_ARN }}
role-session-name: ghactionssession
aws-region: ${{ vars.AWS_REGION }}
- name: download build artifact
uses: actions/download-artifact@v3
with:
name: build
path: ./build/
- name: Deploy website
run: |
aws s3 cp ./build/ s3://${{ vars.AWS_BUCKET_NAME }}/ --recursive --acl private
aws cloudfront create-invalidation --distribution-id ${{ vars.AWS_CF_DISTRIBUTION_ID }} --paths "/"
43 changes: 38 additions & 5 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -71,12 +71,45 @@ The project follows the same release process as the other projects in the MetaMa

### Deployments

- Make sure you have the netlify client configured with your credentials and you have access to the project.
#### Repository Release Process Documentation

#### Staging
This section provides a detailed explanation of the release process for this repository, which is managed through a GitHub Action workflow.

- `npm run deploy`
##### Workflow Overview

#### Production
The GitHub Action workflow is named `master` and it is triggered on every pull request and push to the `master` branch. The workflow consists of four jobs:

1. `check-workflows`
2. `build-test`
3. `release-uat`
4. `release-prd`

###### 1. Check Workflows

This job performs the following steps:

- Checks out the repository using the `actions/checkout` action.
- Downloads `actionlint`, a tool for linting GitHub Actions workflow files.
- Checks the workflow files using `actionlint`.

###### 2. Build and Test

This job uses the workflow defined in `./.github/workflows/build-test.yml`. It is responsible for building the project and running tests to ensure the code is working as expected.

###### 3. UAT Release

This job uses the workflow defined in `./.github/workflows/release.yml`. It is dependent on the `build-test` job and only runs if the `build-test` job is successful and the current branch is `master`. This job is responsible for releasing the project to the User Acceptance Testing (UAT) environment.

###### 4. PRD Release

This job is similar to the `release-uat` job but it releases the project to the Production (PRD) environment. It also depends on the `build-test` job and only runs if the `build-test` job is successful and the current branch is `master`.

##### Release Process

The release process is initiated when a pull request is merged into the `master` branch or when a direct push is made to the `master` branch. Here are the steps that are followed:

1. The `check-workflows` job is run to ensure the workflow files are valid.
2. If the workflow files are valid, the `build-test` job is run to build the project and run tests.
3. If the `build-test` job is successful, the `release-uat` job is run to release the project to the UAT environment.
4. If the `release-uat` job is successful, the `release-prd` job is run to release the project to the PRD environment, ideally `prd` GitHub environment has configured environment deployment policy (approvals).

- `npm run deploy:prod`