mxfactorial/.github/workflows/dev-client-deploy.yaml at develop · systemaccounting/mxfactorial · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
name: dev-client-deploy
# deploys client to dev cloud before develop merge
on:
  push:
    paths:
    - 'client/**'
    branches-ignore:
    - 'master'
    - 'develop'

concurrency:
  group: ${{ github.workflow }}-${{ github.ref }}
  cancel-in-progress: true

jobs:
  cache_images:
    name: cache base images
    runs-on: ubuntu-latest
    permissions:
      packages: read
    steps:
      - name: login to ghcr
        uses: docker/login-action@v4
        with:
          registry: ghcr.io
          username: ${{ github.actor }}
          password: ${{ secrets.GITHUB_TOKEN }}
      - name: restore image cache
        id: cache
        uses: actions/cache@v5
        with:
          path: ~/image-cache
          key: base-images-v1
      - name: pull and retag images
        if: steps.cache.outputs.cache-hit != 'true'
        run: |
          mkdir -p ~/image-cache
          docker pull ghcr.io/systemaccounting/rust:latest
          docker tag ghcr.io/systemaccounting/rust:latest public.ecr.aws/docker/library/rust:latest
          docker pull ghcr.io/systemaccounting/lambda-provided:al2023
          docker tag ghcr.io/systemaccounting/lambda-provided:al2023 public.ecr.aws/lambda/provided:al2023
          docker pull ghcr.io/systemaccounting/postgresql:15
          docker tag ghcr.io/systemaccounting/postgresql:15 public.ecr.aws/bitnami/postgresql:15
          docker pull ghcr.io/systemaccounting/redis:latest
          docker tag ghcr.io/systemaccounting/redis:latest public.ecr.aws/bitnami/redis:latest
          docker pull ghcr.io/systemaccounting/alpine:latest
          docker tag ghcr.io/systemaccounting/alpine:latest public.ecr.aws/docker/library/alpine:latest
          docker pull ghcr.io/systemaccounting/node:lts-alpine
          docker tag ghcr.io/systemaccounting/node:lts-alpine public.ecr.aws/docker/library/node:lts-alpine
          docker save -o ~/image-cache/images.tar \
            public.ecr.aws/docker/library/rust:latest \
            public.ecr.aws/lambda/provided:al2023 \
            public.ecr.aws/bitnami/postgresql:15 \
            public.ecr.aws/bitnami/redis:latest \
            public.ecr.aws/docker/library/alpine:latest \
            public.ecr.aws/docker/library/node:lts-alpine
  compile:
    name: compile ${{ matrix.service }}
    runs-on: ubuntu-latest
    strategy:
      matrix:
        service:
          - graphql
          - request-create
          - request-approve
          - rule
          - request-by-id
          - requests-by-account
          - transaction-by-id
          - transactions-by-account
          - balance-by-account
    steps:
      - uses: actions/checkout@v4
      - uses: dtolnay/rust-toolchain@master
        with:
          toolchain: stable
      - uses: Swatinem/rust-cache@v2
        with:
          shared-key: ${{ matrix.service }}
      - name: compile
        run: cargo build -p ${{ matrix.service }}
      - name: upload binary
        uses: actions/upload-artifact@v4
        with:
          name: ${{ matrix.service }}
          path: target/debug/${{ matrix.service }}
          retention-days: 1
  test:
    name: test client
    needs: [cache_images, compile]
    runs-on: ubuntu-latest
    env:
      SKIP_CARGO_WATCH: true
    steps:
      - uses: actions/checkout@v4
      - name: restore image cache
        uses: actions/cache@v5
        with:
          path: ~/image-cache
          key: base-images-v1
      - name: load cached images
        run: docker load -i ~/image-cache/images.tar
      - name: download all binaries
        uses: actions/download-artifact@v4
        with:
          path: target/debug/
          merge-multiple: true
      - name: set permissions
        run: chmod +x target/debug/*
      - name: start services
        run: make start
      # todo: unit tests
      - name: e2e test client
        run: make -C ./client test-ci
      - name: clean up
        run: make stop
  push_image:
    name: push image to dev ecr
    runs-on: ubuntu-latest
    env:
      AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
      AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
      AWS_DEFAULT_REGION: us-east-1
      APP_DIR: client
    needs: test
    steps:
      - uses: actions/checkout@v4
      - name: mask values
        run: echo "::add-mask::${{ secrets.AWS_ACCOUNT_ID }}"
      - name: build image
        run: make -C $APP_DIR build-image
      - name: tag image
        run: ENV_ID=${{ secrets.DEV_ENV_ID }} make -C $APP_DIR tag-dev-image
      - name: push image
        run: ENV_ID=${{ secrets.DEV_ENV_ID }} make -C $APP_DIR push-dev-image
  deploy:
    name: deploy client
    needs: push_image
    runs-on: ubuntu-latest
    env:
      AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
      AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
      AWS_DEFAULT_REGION: us-east-1
      APP_DIR: client
    steps:
      - uses: actions/checkout@v4
      - name: deploy to dev cloud environment
          # deploy newly tagged image to dev cloud
        run: bash scripts/deploy-last-image.sh --app-name $APP_DIR --env dev --env-id ${{ secrets.DEV_ENV_ID }}