Skip to content

Commit

Permalink
feat(pipelines): add ci/cd workflow (#13)
Browse files Browse the repository at this point in the history
* feat(pipelines): add ci/cd workflow

* fix(build): use correct permissions

* fix(build): move packages to corresponding location

* fix(deploy): use correct workflow permissions

* fix(deploy): do not use subnetworking

* fix(deploy): use correct host network

* fix(tests): use newest pnpm
  • Loading branch information
gustavovalverde authored Mar 8, 2024
1 parent 9b3570c commit aa051b8
Show file tree
Hide file tree
Showing 12 changed files with 682 additions and 78 deletions.
22 changes: 22 additions & 0 deletions .github/dependabot.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,22 @@
version: 2
updates:
- package-ecosystem: npm
directory: /
schedule:
interval: monthly
commit-message:
prefix: "bump(deps): "

- package-ecosystem: docker
directory: /
schedule:
interval: monthly
commit-message:
prefix: "bump(docker) "

- package-ecosystem: github-actions
directory: /.github/workflows
schedule:
interval: monthly
commit-message:
prefix: "bump(actions) "
52 changes: 52 additions & 0 deletions .github/workflows/cd-deploy-to-dev.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,52 @@
name: Deploy to dev

on:
pull_request:
types: [opened, synchronize, reopened, labeled]
paths:
- '**.js*'
- '**.ts*'
- Dockerfile
- package.json
- pnpm-lock.yaml
- .github/workflows/cd-deploy-to-dev.yml
- .github/workflows/sub-cloudrun-deploy.yml

concurrency:
# Ensures that only one workflow task will run at a time. Previous builds, if
# already in process, will get cancelled. Only the latest commit will be allowed
# to run, cancelling any workflows in between
group: ${{ github.workflow }}-${{ github.job }}-${{ github.head_ref || github.run_id }}
cancel-in-progress: true

jobs:
test:
uses: ./.github/workflows/sub-unit-tests.yml
with:
node_env: development

build:
uses: ./.github/workflows/sub-build-docker-image.yml
with:
environment: dev
dockerfile_path: ./docker/Dockerfile
dockerfile_target: runner
app_name: ${{ vars.APP_NAME }}
registry: ${{ vars.GAR_BASE }}
secrets: inherit

deploy:
needs: [build]
uses: ./.github/workflows/sub-cloudrun-deploy.yml
with:
environment: dev
project_id: ${{ vars.GCP_PROJECT }}
region: ${{ vars.GCP_REGION }}
app_name: ${{ vars.APP_NAME }}
registry: ${{ vars.GAR_BASE }}
image_digest: ${{ needs.build.outputs.image_digest }}
min_instances: '0'
max_instances: '30'
cpu: '1'
memory: 1Gi
secrets: inherit
46 changes: 46 additions & 0 deletions .github/workflows/cd-deploy-to-prod.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,46 @@
name: Deploy to prod

on:
release:
types:
- published

concurrency:
# Ensures that only one workflow task will run at a time. Previous builds, if
# already in process, will get cancelled. Only the latest commit will be allowed
# to run, cancelling any workflows in between
group: ${{ github.workflow }}-${{ github.job }}-${{ github.head_ref || github.run_id }}
cancel-in-progress: true

jobs:
test:
uses: ./.github/workflows/sub-unit-tests.yml
with:
node_env: production

build:
# needs: [test]
uses: ./.github/workflows/sub-build-docker-image.yml
with:
environment: prod
dockerfile_path: ./docker/Dockerfile
dockerfile_target: runner
app_name: ${{ vars.APP_NAME }}
registry: ${{ vars.GAR_BASE }}
secrets: inherit

deploy:
needs: [build]
uses: ./.github/workflows/sub-cloudrun-deploy.yml
with:
environment: prod
project_id: ${{ vars.GCP_PROJECT }}
region: ${{ vars.GCP_REGION }}
app_name: ${{ vars.APP_NAME }}
registry: ${{ vars.GAR_BASE }}
image_digest: ${{ needs.build.outputs.image_digest }}
min_instances: '1'
max_instances: '100'
cpu: '1'
memory: 1Gi
secrets: inherit
54 changes: 54 additions & 0 deletions .github/workflows/cd-deploy-to-test.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,54 @@
name: Deploy to test

on:
push:
branches:
- main
paths:
- '**.js*'
- '**.ts*'
- Dockerfile
- package.json
- pnpm-lock.yaml
- .github/workflows/cd-deploy-to-test.yml
- .github/workflows/sub-cloudrun-deploy.yml

concurrency:
# Ensures that only one workflow task will run at a time. Previous builds, if
# already in process, will get cancelled. Only the latest commit will be allowed
# to run, cancelling any workflows in between
group: ${{ github.workflow }}-${{ github.job }}-${{ github.head_ref || github.run_id }}
cancel-in-progress: true

jobs:
test:
uses: ./.github/workflows/sub-unit-tests.yml
with:
node_env: production

build:
needs: [test]
uses: ./.github/workflows/sub-build-docker-image.yml
with:
environment: test
dockerfile_path: ./docker/Dockerfile
dockerfile_target: runner
app_name: ${{ vars.APP_NAME }}
registry: ${{ vars.GAR_BASE }}
secrets: inherit

deploy:
needs: [build]
uses: ./.github/workflows/sub-cloudrun-deploy.yml
with:
environment: test
project_id: ${{ vars.GCP_PROJECT }}
region: ${{ vars.GCP_REGION }}
app_name: ${{ vars.APP_NAME }}
registry: ${{ vars.GAR_BASE }}
image_digest: ${{ needs.build.outputs.image_digest }}
min_instances: '0'
max_instances: '30'
cpu: '1'
memory: 1Gi
secrets: inherit
30 changes: 30 additions & 0 deletions .github/workflows/chore-clean-dev.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,30 @@
name: Clean dev instances

on:
delete:
pull_request:
branches:
- main
types:
- closed

jobs:
delete:
runs-on: ubuntu-latest
steps:
- name: Inject slug/short variables
uses: rlespinasse/github-slug-action@v4.4.1

- name: Authenticate to Google Cloud
id: auth
uses: google-github-actions/auth@v2.1.2
with:
workload_identity_provider: '${{ vars.GCP_WIF }}'
service_account: '${{ vars.GCP_DEPLOYMENTS_SA }}'

- name: Set up Cloud SDK
uses: google-github-actions/setup-gcloud@v1.1.1

- name: Removing CR service
run: |
gcloud run services delete ${{ vars.APP_NAME }}-${{ env.GITHUB_HEAD_REF_SLUG || env.GITHUB_REF_SLUG }} --region=${{ vars.GOOGLE_CLOUD_REGION }} --quiet
18 changes: 18 additions & 0 deletions .github/workflows/ci-lint-codebase.patch.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,18 @@
name: Lint Code Base

on:
pull_request:
branches: [main]
paths-ignore:
- '**.js*'
- '**.ts*'
- Dockerfile
- package.json
- pnpm-lock.yaml
- .github/workflows/ci-lint-codebase.yml

jobs:
linter:
runs-on: ubuntu-latest
steps:
- run: echo "Job not required"
57 changes: 57 additions & 0 deletions .github/workflows/ci-lint-codebase.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,57 @@
name: Lint Code Base

on:
pull_request:
branches: [main]
paths:
- '**.js*'
- '**.ts*'
- Dockerfile
- package.json
- pnpm-lock.yaml
- .github/workflows/ci-lint-codebase.yml

push:
branches: [main]
paths:
- '**.js*'
- '**.ts*'
- Dockerfile
- package.json
- pnpm-lock.yaml
- .github/workflows/ci-lint-codebase.yml

concurrency:
# Ensures that only one workflow task will run at a time. Previous builds, if
# already in process, will get cancelled. Only the latest commit will be allowed
# to run, cancelling any workflows in between
group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }}
cancel-in-progress: true

jobs:
linter:
runs-on: ubuntu-latest
steps:
- name: Checkout Code Repository
uses: actions/checkout@v4.1.1
with:
# Full git history is needed to get a proper
# list of changed files within `super-linter`
fetch-depth: 0

- name: Lint Code Base
uses: super-linter/super-linter/slim@v5.2.1
env:
LOG_LEVEL: ERROR
VALIDATE_ALL_CODEBASE: false
VALIDATE_SHELL_SHFMT: false
VALIDATE_JSCPD: false
VALIDATE_CSS: false
VALIDATE_EDITORCONFIG: false
VALIDATE_MARKDOWN: false
VALIDATE_DOCKERFILE_HADOLINT: false
LINTER_RULES_PATH: /
JAVASCRIPT_DEFAULT_STYLE: prettier
TYPESCRIPT_DEFAULT_STYLE: prettier
DEFAULT_BRANCH: ${{ github.event.repository.default_branch }}
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
Loading

0 comments on commit aa051b8

Please sign in to comment.