Deployment triggered by push / realkosty #1142
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: auto-deploy.yml | |
# Deploys to Google App Engine upon commit to master branch and on schedule at midnight UTC | |
run-name: Deployment triggered by ${{ github.event_name }} / ${{ github.actor }} | |
on: | |
push: | |
branches: | |
- "master" | |
schedule: | |
- cron: "40 3 * * *" # every day at 8:40pm PDT / 5:40am GMT+2 | |
# see https://docs.github.com/en/actions/using-workflows/events-that-trigger-workflows#schedule | |
workflow_dispatch: | |
# Only run 1 workflow at a time. If new one starts abort any that are already running. | |
concurrency: | |
group: ${{ github.workflow }} | |
cancel-in-progress: true | |
jobs: | |
default-job: | |
if: github.repository_owner == 'sentry-demos' # don't run in forks | |
permissions: | |
contents: "read" | |
id-token: "write" | |
runs-on: ubuntu-22.04 | |
steps: | |
- run: | | |
SENTRY_CRON='https://o87286.ingest.sentry.io/api/4505620224540672/cron/auto-deploy/21b95d7975af21218dd7c14f1e48e193/' | |
curl "$SENTRY_CRON?status=in_progress" | |
echo "SENTRY_CRON=$SENTRY_CRON" >> "$GITHUB_ENV" | |
- run: echo "Triggered by ${{ github.event_name }} event." | |
- run: echo "Branch is ${{ github.ref }}" | |
- name: Check out this repository code | |
uses: actions/checkout@v3 | |
with: | |
path: empower | |
fetch-depth: 0 | |
- name: Check out `empower-config` to get env-config | |
uses: actions/checkout@v3 | |
with: | |
repository: sentry-demos/empower-config | |
path: empower-config | |
token: ${{ secrets.KOSTY_PERSONAL_ACCESS_TOKEN_FOR_SYNC_DEPLOY_FORK }} | |
- name: Install Node | |
uses: actions/setup-node@v3 | |
with: | |
node-version: "18" | |
- name: Setup Sentry CLI | |
uses: mathieu-bour/[email protected] | |
with: | |
version: 2.17.4 | |
token: ${{ SECRETS.SENTRY_AUTH_TOKEN }} # from GitHub secrets | |
- name: Get commit SHA that was last successfully deployed | |
uses: nrwl/[email protected] | |
with: | |
main-branch-name: master | |
error-on-no-successful-workflow: false | |
working-directory: ./empower | |
# Test previous step worked | |
- run: | | |
echo "BASE: ${{ env.NX_BASE }}" | |
echo "HEAD: ${{ env.NX_HEAD }}" | |
- name: Run React tests | |
run: | | |
npm install | |
npm test -- --coverage --reporters=jest-junit | |
working-directory: ./empower/react | |
- uses: codecov/codecov-action@v3 | |
with: | |
token: ${{ secrets.CODECOV_TOKEN }} | |
flags: frontend | |
- name: Run Python Tests | |
run: | | |
pip install -U pytest | |
pip install pytest-codecov | |
pytest --cov=. --cov-report=xml --junitxml=junit.xml -o junit_family=legacy | |
working-directory: ./empower/flask/src | |
- name: Upload coverage results to Codecov | |
uses: codecov/codecov-action@v3 | |
with: | |
token: ${{ secrets.CODECOV_TOKEN }} | |
flags: api | |
- name: Upload test results to Codecov | |
if: ${{ !cancelled() }} | |
uses: codecov/test-results-action@v1 | |
with: | |
token: ${{ secrets.CODECOV_TOKEN }} | |
- name: Get GCP_ env variables from empower-config/.gcloudrc | |
run: | | |
source empower-config/.gcloudrc | |
echo "GCP_WORKLOAD_IDENTITY_PROVIDER=$GCP_WORKLOAD_IDENTITY_PROVIDER" >> $GITHUB_OUTPUT | |
echo "GCP_SERVICE_ACCOUNT=$GCP_SERVICE_ACCOUNT" >> $GITHUB_OUTPUT | |
id: gcloudrc | |
- id: "auth" | |
name: "Authenticate Google Cloud" | |
uses: "google-github-actions/auth@v0" | |
with: | |
workload_identity_provider: ${{ steps.gcloudrc.outputs.GCP_WORKLOAD_IDENTITY_PROVIDER }} | |
service_account: ${{ steps.gcloudrc.outputs.GCP_SERVICE_ACCOUNT }} | |
- name: "Set up Google Cloud SDK" | |
uses: "google-github-actions/setup-gcloud@v0" | |
- name: Get env-config/production.env from empower-config | |
run: cp empower-config/production.env empower/env-config/ | |
- name: Deploy to production | |
run: | | |
CHANGED_PROJECTS=$(./bin/projects_changed_bw_commits.sh "${{ env.NX_BASE }}" "${{ env.NX_HEAD }}") | |
if [[ ! -z "$CHANGED_PROJECTS" ]]; then | |
./deploy.sh $CHANGED_PROJECTS --env=production | |
elif [[ `./bin/release.sh` != `./bin/release.sh 1` ]]; then # different release than yesterday | |
# currently we create regular calendar releases only for React | |
./deploy.sh react --env=production | |
else | |
echo "No deployable projects have been changed since last successful deployment. New calendar release is not due either. Nothing to do." | |
fi | |
working-directory: ./empower | |
- run: echo "Job status is ${{ job.status }}." | |
- name: Report success to Cron monitor (demo/empower-github-workflows) | |
run: curl "${{ env.SENTRY_CRON }}?status=ok" | |
# 'if: always()' ensures step is run even if earlier step failed | |
- name: Report error to Cron monitor (demo/empower-github-workflows) | |
if: always() && job.status == 'failure' | |
run: curl "${{ env.SENTRY_CRON }}?status=error" |