From 1c2ed24d1e6decb82dbb15a02a25efd2717d707f Mon Sep 17 00:00:00 2001 From: George MacLean Date: Tue, 31 Jan 2023 15:17:46 -0700 Subject: [PATCH] parent 633d0cbc7f14cf397b175b252a5d578d9de7c9e4 author George MacLean 1675203466 -0700 committer Shane Smith 1706293936 -0600 parent 633d0cbc7f14cf397b175b252a5d578d9de7c9e4 author George MacLean 1675203466 -0700 committer Shane Smith 1706293885 -0600 PRODENG-1577: Push containers to ECR Amending the correct build/deploy file might not need this guy updating root URLs for testing kube deployment updating dockerfile, and fixing typo in application.rb might be easier nope adding tag release image job Updating root URLs for new DNS zone nope Rebased, added development specific release-deploy job Adding Production URLS to application.rb Renaming development job, and removing prod/development tags from primary release GH action One more push to all environments please --- .github/workflows/deploy-development.yml | 123 ++++++++++++++++++++++ .github/workflows/tag-release-image.yml | 126 +++++++++++++++++++++++ docs/Dockerfile | 2 +- docs/config/application.rb | 5 +- packages/sage-react/Dockerfile | 3 +- 5 files changed, 255 insertions(+), 4 deletions(-) create mode 100644 .github/workflows/deploy-development.yml create mode 100644 .github/workflows/tag-release-image.yml diff --git a/.github/workflows/deploy-development.yml b/.github/workflows/deploy-development.yml new file mode 100644 index 0000000000..bcea871527 --- /dev/null +++ b/.github/workflows/deploy-development.yml @@ -0,0 +1,123 @@ +name: Deploy-Development +on: + # !!Emergency override!! uncomment below and access the actions tab in GitHub to run a release/deploy + # workflow_dispatch: + push: + branches: + - develop +jobs: + release_deploy: + name: Release and Deploy + runs-on: ubuntu-latest + # container: + # image: ruby:2.5.9-alpine3.13 + + steps: + + # # Setup Auth token to push to github packages + - name: Set NPM Config + run: npm config set '//npm.pkg.github.com/:_authToken' '${{ secrets.ACCESS_TOKEN }}' + + # - name: Unsafe Perm set + # run: npm config set unsafe-perm true + + - name: Add safe directory + run: git config --global --add safe.directory /__w/sage-lib/sage-lib + + - name: Clone Sage-Lib Repo + uses: actions/checkout@v2 + with: + # pulls all commits (needed for lerna / semantic release to correctly version) + fetch-depth: "0" + + # Setup Git Credentials to come from the Bot + - name: Set Bot Email + run: git config user.email "dev+github-bot@kajabi.com" + + - name: Set Bot Name + run: git config user.name "Kajabi Automation Bot" + + - name: Determine git sha to checkout + uses: haya14busa/action-cond@v1 + id: gitsha + with: + cond: ${{ github.event_name == 'pull_request' }} + if_true: ${{ github.event.pull_request.head.sha }} + if_false: ${{ github.sha }} + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v1 + with: + version: v0.9.1 + + - name: Configure AWS credentials + uses: aws-actions/configure-aws-credentials@v1 + with: + aws-access-key-id: ${{ secrets.SAGE_ECR_AWS_ACCESS_KEY_ID }} + aws-secret-access-key: ${{ secrets.SAGE_ECR_AWS_SECRET_ACCESS_KEY }} + aws-region: us-east-1 + role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }} + role-duration-seconds: 1200 + role-session-name: SageECRPushSession + + - name: Login to Amazon ECR + id: login-ecr + uses: aws-actions/amazon-ecr-login@v1 + + - name: Set branch name if not PR + if: github.event_name != 'pull_request' + run: echo "BRANCH_NAME=$(echo ${GITHUB_REF#refs/heads/})" >> $GITHUB_ENV + + - name: Set branch name if PR + if: github.event_name == 'pull_request' + run: echo "BRANCH_NAME=$(echo ${GITHUB_HEAD_REF})" >> $GITHUB_ENV + + - name: Set valid docker tag branch name + run: echo "DOCKER_BRANCH_NAME=$(echo $BRANCH_NAME | sed "s/[^[:alnum:]\-\.\_]/-/g")-$GITHUB_RUN_NUMBER" >> $GITHUB_ENV + - name: Checkout + uses: actions/checkout@v2 + + - name: Build and push docs site + uses: docker/build-push-action@v2 + env: + ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }} + ECR_REPOSITORY: ${{ secrets.ECR_REPOSITORY_SAGE_DOCS }} + IMAGE_SHA_TAG: ${{ steps.gitsha.outputs.value }} + with: + file: ./docs/Dockerfile + build-args: | + GITHUB_TOKEN=${{ secrets.ACCESS_TOKEN }} + context: ./docs + push: true + tags: | + ${{ steps.login-ecr.outputs.registry }}/${{ secrets.ECR_REPOSITORY_SAGE_DOCS }}:${{ steps.gitsha.outputs.value }}-release-development + + - name: Build and push storybook + uses: docker/build-push-action@v2 + env: + ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }} + ECR_REPOSITORY: ${{ secrets.ECR_REPOSITORY_SAGE_STORYBOOK }} + IMAGE_SHA_TAG: ${{ steps.gitsha.outputs.value }} + with: + file: ./packages/sage-react/Dockerfile + build-args: | + GITHUB_TOKEN=${{ secrets.ACCESS_TOKEN }} + context: ./packages/sage-react/ + push: true + tags: | + ${{ steps.login-ecr.outputs.registry }}/${{ secrets.ECR_REPOSITORY_SAGE_STORYBOOK }}:${{ steps.gitsha.outputs.value }}-release-development + + - name: Build and push sassdocs + uses: docker/build-push-action@v2 + env: + ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }} + ECR_REPOSITORY: ${{ secrets.ECR_REPOSITORY_SAGE_SASSDOCS }} + IMAGE_SHA_TAG: ${{ steps.gitsha.outputs.value }} + with: + file: ./packages/sage-assets/Dockerfile + build-args: | + GITHUB_TOKEN=${{ secrets.ACCESS_TOKEN }} + context: ./packages/sage-assets/ + push: true + tags: | + ${{ steps.login-ecr.outputs.registry }}/${{ secrets.ECR_REPOSITORY_SAGE_SASSDOCS }}:${{ steps.gitsha.outputs.value }}-release-development \ No newline at end of file diff --git a/.github/workflows/tag-release-image.yml b/.github/workflows/tag-release-image.yml new file mode 100644 index 0000000000..e95e141157 --- /dev/null +++ b/.github/workflows/tag-release-image.yml @@ -0,0 +1,126 @@ +name: Tag Release Image +on: + workflow_dispatch: + inputs: + image_tag: + description: SHA of commit to deploy + required: true + environment: + description: Optional environment to specify release for + required: false + default: development +jobs: + tag_release_image: + name: Tag and push Sage images for release + runs-on: ubuntu-latest + steps: + - name: Determine release tag suffix + uses: haya14busa/action-cond@v1 + id: release_tag_suffix + with: + cond: ${{ github.event.inputs.environment == 'production' }} + if_true: 'release' + if_false: 'release-${{ github.event.inputs.environment }}' + + - name: Configure AWS credentials + uses: aws-actions/configure-aws-credentials@v1 + with: + aws-access-key-id: ${{ secrets.SAGE_ECR_AWS_ACCESS_KEY_ID }} + aws-secret-access-key: ${{ secrets.SAGE_ECR_AWS_SECRET_ACCESS_KEY }} + aws-region: us-east-1 + role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }} + role-duration-seconds: 1200 + role-session-name: SageECRPushSession + + - name: Set up Docker Buildx + id: buildx + uses: docker/setup-buildx-action@v1 + with: + version: v0.9.1 + + - name: Login to Amazon ECR + id: login-ecr + uses: aws-actions/amazon-ecr-login@v1 + + - name: Retag Documentation image on ECR + uses: akhilerm/tag-push-action@v2.0.0 + env: + ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }} + ECR_REPOSITORY: ${{ secrets.ECR_REPOSITORY_SAGE_DOCS }} + IMAGE_TAG: ${{ github.event.inputs.image_tag }} + RELEASE_TAG: ${{ github.event.inputs.image_tag }}-${{ steps.release_tag_suffix.outputs.value }} + with: + src: ${{ env.ECR_REGISTRY }}/${{ env.ECR_REPOSITORY_SAGE_DOCS }}:${{ env.IMAGE_TAG }} + dst: | + ${{ env.ECR_REGISTRY }}/${{ env.ECR_REPOSITORY_SAGE_DOCS }}:${{ env.RELEASE_TAG }} + ${{ env.ECR_REGISTRY }}/${{ env.ECR_REPOSITORY_SAGE_DOCS }}:${{ steps.release_tag_suffix.outputs.value }} + + - name: Retag Sassdocs image on ECR + uses: akhilerm/tag-push-action@v2.0.0 + env: + ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }} + ECR_REPOSITORY: ${{ secrets.ECR_REPOSITORY_SAGE_SASSDOCS }} + IMAGE_TAG: ${{ github.event.inputs.image_tag }} + RELEASE_TAG: ${{ github.event.inputs.image_tag }}-${{ steps.release_tag_suffix.outputs.value }} + with: + src: ${{ env.ECR_REGISTRY }}/${{ env.ECR_REPOSITORY_SAGE_SASSDOCS }}:${{ env.IMAGE_TAG }} + dst: | + ${{ env.ECR_REGISTRY }}/${{ env.ECR_REPOSITORY_SAGE_SASSDOCS }}:${{ env.RELEASE_TAG }} + ${{ env.ECR_REGISTRY }}/${{ env.ECR_REPOSITORY_SAGE_SASSDOCS }}:${{ steps.release_tag_suffix.outputs.value }} + + - name: Retag Storybook image on ECR + uses: akhilerm/tag-push-action@v2.0.0 + env: + ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }} + ECR_REPOSITORY: ${{ secrets.ECR_REPOSITORY_SAGE_STORYBOOK }} + IMAGE_TAG: ${{ github.event.inputs.image_tag }} + RELEASE_TAG: ${{ github.event.inputs.image_tag }}-${{ steps.release_tag_suffix.outputs.value }} + with: + src: ${{ env.ECR_REGISTRY }}/${{ env.ECR_REPOSITORY_SAGE_STORYBOOK }}:${{ env.IMAGE_TAG }} + dst: | + ${{ env.ECR_REGISTRY }}/${{ env.ECR_REPOSITORY_SAGE_STORYBOOK }}:${{ env.RELEASE_TAG }} + ${{ env.ECR_REGISTRY }}/${{ env.ECR_REPOSITORY_SAGE_STORYBOOK }}:${{ steps.release_tag_suffix.outputs.value }} + # - name: Success Datadog event + # if: success() + # uses: masci/datadog@v1 + # env: + # ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }} + # ECR_REPOSITORY: ${{ secrets.ECR_REPOSITORY }} + # RELEASE_TAG: ${{ github.event.inputs.image_tag }}-${{ steps.release_tag_suffix.outputs.value }} + # RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} + # with: + # api-key: ${{ secrets.DATADOG_API_KEY }} + # events: | + # - title: "deployment.github_action.tag-release-image" + # text: "%%%\n[GitHub Action Run](${{ env.RUN_URL }})\n%%%" + # alert_type: "success" + # host: "${{ github.runner.name }}" + # tags: + # - "env:${{ github.event.inputs.environment }}" + # - "repository:${{ github.repository }}" + # - "git.commit.sha:${{ github.event.inputs.image_tag }}" + # - "image_name:${{ env.ECR_REGISTRY }}/${{ env.ECR_REPOSITORY }}" + # - "image_tag:${{ env.ECR_REGISTRY }}/${{ env.ECR_REPOSITORY }}:${{ env.RELEASE_TAG }}" + # - "short_image:${{ env.ECR_REPOSITORY }}" + # - name: Failure Datadog event + # if: failure() + # uses: masci/datadog@v1 + # env: + # ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }} + # ECR_REPOSITORY: ${{ secrets.ECR_REPOSITORY }} + # RELEASE_TAG: ${{ github.event.inputs.image_tag }}-${{ steps.release_tag_suffix.outputs.value }} + # RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} + # with: + # api-key: ${{ secrets.DATADOG_API_KEY }} + # events: | + # - title: "deployment.github_action.tag-release-image" + # text: "%%%\n[GitHub Action Run](${{ env.RUN_URL }})\n%%%" + # alert_type: "error" + # host: "${{ github.runner.name }}" + # tags: + # - "env:${{ github.event.inputs.environment }}" + # - "repository:${{ github.repository }}" + # - "git.commit.sha:${{ github.event.inputs.image_tag }}" + # - "image_name:${{ env.ECR_REGISTRY }}/${{ env.ECR_REPOSITORY }}" + # - "image_tag:${{ env.ECR_REGISTRY }}/${{ env.ECR_REPOSITORY }}:${{ env.RELEASE_TAG }}" + # - "short_image:${{ env.ECR_REPOSITORY }}" \ No newline at end of file diff --git a/docs/Dockerfile b/docs/Dockerfile index 1d981253fb..feb5ce72e3 100644 --- a/docs/Dockerfile +++ b/docs/Dockerfile @@ -35,7 +35,7 @@ ENV BUNDLE_PATH="/app/vendor/gems" ENV BUNDLE_APP_CONFIG="/app/.bundle" -RUN gem update --system +#RUN gem update --system RUN gem install bundler:$BUNDLER_VERSION COPY Gemfile Gemfile.lock ./ diff --git a/docs/config/application.rb b/docs/config/application.rb index 53d531cea5..043dd00f2a 100644 --- a/docs/config/application.rb +++ b/docs/config/application.rb @@ -33,9 +33,10 @@ class Application < Rails::Application # config.active_record.raise_in_transactional_callbacks = true # Storybook deploy url to differentiate in different environments - config.storybook_root_url = "https://sage-lib-storybook.herokuapp.com/?path=/docs/" + config.storybook_root_url = "https://sage-lib-storybook.production.kajabi.farm/?path=/docs/" # Sassdocs deploy url to differentiate in different environments - config.sassdocs_root_url = "https://sage-lib-sassdocs.herokuapp.com/" + config.sassdocs_root_url = "https://sage-lib-sassdocs.production.kajabi.farm/" end end + diff --git a/packages/sage-react/Dockerfile b/packages/sage-react/Dockerfile index 3ec4b59a6a..0d05865ed4 100644 --- a/packages/sage-react/Dockerfile +++ b/packages/sage-react/Dockerfile @@ -38,11 +38,12 @@ RUN npm config set @kajabi:registry https://npm.pkg.github.com RUN npm config set '//npm.pkg.github.com/:_authToken' '${GITHUB_TOKEN}' COPY --chown={$NONROOT_UID}:${NONROOT_GID} package.json /app/package.json -RUN yarn +RUN yarn install --check-files COPY --chown={$NONROOT_UID}:${NONROOT_GID} .babelrc /app/.babelrc COPY --chown={$NONROOT_UID}:${NONROOT_GID} lib /app/lib COPY --chown={$NONROOT_UID}:${NONROOT_GID} .storybook /app/.storybook +COPY --chown={$NONROOT_UID}:${NONROOT_GID} public /app/public EXPOSE $PORT