-
Notifications
You must be signed in to change notification settings - Fork 0
146 lines (128 loc) · 4.07 KB
/
ci.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
# This workflow will deploy to Google Cloud Run
#
# To configure this workflow, set up the following secrets in your workspace
#
# * `GITHUB_APP_IDENTIFIER` - GitHub App identifier
# * `GITHUB_APP_PRIVATE_KEY` - GitHub App private key
# * `GOOGLE_SERVICE_ACCOUNT_EMAIL` - Google service account email
# * `GOOGLE_APPLICATION_CREDENTIALS` - Google service account private key
# * `GITHUB_WEBHOOK_SECRET` - GitHub webhook secret to confirm that webhooks come from GitHub
name: CI
on:
push:
branches:
- main
paths:
- '.github/workflows/ci.yml'
- 'Dockerfile'
- 'package.json'
- 'src/**/*.ts'
- 'tsconfig.json'
- 'yarn.lock'
- 'bin/deploy.sh'
pull_request:
branches:
- main
jobs:
test:
runs-on: ubuntu-latest
timeout-minutes: 10
services:
# Label used to access the service container
postgres:
# Docker Hub image
image: postgres:12
# Provide the password for postgres
env:
POSTGRES_PASSWORD: docker
ports:
- 5434:5432
# Set health checks to wait until postgres has started
options: >-
--health-cmd pg_isready
--health-interval 10s
--health-timeout 5s
--health-retries 5
steps:
- name: Checkout
uses: actions/checkout@v3
- name: Setup node
uses: actions/setup-node@v3
with:
node-version: '14'
- name: yarn install
run: yarn install --immutable
- name: tsc
run: yarn build
- name: test
run: yarn test:ci --coverage
- name: Codecov
uses: codecov/codecov-action@v3
with:
token: ${{ secrets.CODECOV_TOKEN }}
- name: eslint
run: yarn lint
docker:
runs-on: ubuntu-latest
timeout-minutes: 10
if: github.event_name == 'pull_request'
steps:
- uses: actions/checkout@v3
- name: Builds docker image
run: docker build -t ci-tooling .
build-deploy:
name: build and deploy
if: github.ref == 'refs/heads/main'
runs-on: ubuntu-latest
timeout-minutes: 10
needs: [test]
environment: 'production'
env:
VERSION: ${{ github.sha }}
SENTRY_ORG: ${{ secrets.SENTRY_ORG }}
SENTRY_PROJECT: ${{ secrets.SENTRY_PROJECT }}
SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }}
steps:
- name: Checkout
uses: actions/checkout@v3
with:
# for Sentry releases
fetch-depth: 0
- name: Setup node
uses: actions/setup-node@v3
with:
node-version: '14'
- name: yarn install
run: yarn install --immutable
- name: tsc
run: yarn build
# Setup gcloud CLI
- name: Setup gcloud CLI
uses: google-github-actions/[email protected]
with:
service_account_email: ${{ secrets.GOOGLE_SERVICE_ACCOUNT_EMAIL }}
service_account_key: ${{ secrets.GOOGLE_APPLICATION_CREDENTIALS }}
# Deploy to Google Cloud Functions
- name: Deploy
id: deploy
env:
SLACK_BOT_USER_ACCESS_TOKEN: ${{ secrets.SLACK_BOT_USER_ACCESS_TOKEN }}
SLACK_SIGNING_SECRET: ${{ secrets.SLACK_SIGNING_SECRET }}
SLACK_BOT_APP_ID: ${{ secrets.SLACK_BOT_APP_ID }}
GH_APP_PRIVATE_KEY_FOR_GETSENTRY: ${{ secrets.GH_APP_PRIVATE_KEY_FOR_GETSENTRY}}
GH_APP_IDENTIFIER: ${{ secrets.GH_APP_IDENTIFIER }}
GH_WEBHOOK_SECRET: ${{ secrets.GH_WEBHOOK_SECRET }}
SENTRY_WEBPACK_WEBHOOK_SECRET: ${{ secrets.SENTRY_WEBPACK_WEBHOOK_SECRET }}
DB_USER: ${{ secrets.DB_USER }}
DB_NAME: ${{ secrets.DB_NAME }}
DB_PASSWORD: ${{ secrets.DB_PASSWORD }}
DB_INSTANCE_CONNECTION_NAME: ${{ secrets.DB_INSTANCE_CONNECTION_NAME }}
GH_USER_TOKEN: ${{ secrets.GH_USER_TOKEN }}
run: |
echo "deploy-start=$(date +%s)" >> "$GITHUB_OUTPUT"
bin/deploy.sh
- name: Sentry Release
uses: getsentry/[email protected]
with:
environment: 'production'
sourcemaps: './lib'