chore: Release 2024-11-06 #8520
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Test, Build & Deploy | |
on: | |
push: | |
branches: [staging, main] | |
tags: | |
- v* | |
pull_request: | |
branches: [staging, main] | |
jobs: | |
test_build_deploy: | |
runs-on: ubuntu-latest | |
strategy: | |
matrix: | |
DISTRIBUTION: ['DISTRIBUTION_0'] | |
env: | |
TEST_COVERAGE_FAIL_THRESHOLD: 10 | |
TEST_COVERAGE_WARNING_THRESHOLD: 50 | |
DEPLOYMENT_RECOVERY_TIMEOUT_SECONDS: 150 | |
AWS_APPLICATION_NAME: Account | |
AWS_BUILD_ZIP_PATH: 'wire-account.zip' | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v3 | |
- name: Set environment variables | |
env: | |
# DISTRIBUTIONS are saved in the format `distribution-{name}` | |
DISTRIBUTION: ${{secrets[matrix.DISTRIBUTION]}} | |
run: | | |
echo "BRANCH_NAME=$(git branch --show-current)" >> $GITHUB_ENV | |
echo "TAG=$(git tag --points-at ${{github.sha}})" >> $GITHUB_ENV | |
echo "COMMIT_MESSAGE=$(git log --format=%B -n 1 ${{github.event.after}} | head -n 1)" >> $GITHUB_ENV | |
echo "DISTRIBUTION=${DISTRIBUTION/distribution-/}" >> $GITHUB_ENV | |
- name: Set TITLE | |
env: | |
PR_TITLE: ${{github.event.pull_request.title || env.COMMIT_MESSAGE}} | |
run: echo "TITLE=$PR_TITLE" >> $GITHUB_ENV | |
- name: Print environment variables | |
env: | |
GITHUB_CONTEXT: ${{toJson(github)}} | |
run: | | |
echo -e "BRANCH_NAME = ${BRANCH_NAME}" | |
echo -e "TAG = ${TAG}" | |
echo -e "TITLE = ${TITLE}" | |
echo -e "COMMIT_MESSAGE = ${COMMIT_MESSAGE}" | |
echo -e "GITHUB_CONTEXT = ${GITHUB_CONTEXT}" | |
- name: Skip CI | |
if: contains(env.TITLE || env.COMMIT_MESSAGE, '[skip ci]') || contains(env.TITLE || env.COMMIT_MESSAGE, '[ci skip]') | |
uses: andymckay/[email protected] | |
- name: Cancel Previous Runs | |
uses: styfle/[email protected] | |
with: | |
access_token: ${{github.token}} | |
- name: Yarn cache | |
uses: c-hive/[email protected] | |
- name: Authenticate git clone | |
env: | |
GH_TOKEN: ${{secrets.OTTO_THE_BOT_GH_TOKEN}} | |
run: echo -e "machine github.com\n login ${GH_TOKEN}" > ~/.netrc | |
- name: Install JS dependencies | |
run: yarn --immutable | |
- name: Test | |
run: yarn test | |
- name: Monitor coverage | |
if: github.event_name == 'pull_request' && ! contains(github.event.pull_request.user.login, 'dependabot[bot]') | |
uses: slavcodev/[email protected] | |
with: | |
github_token: ${{github.token}} | |
coverage_path: 'coverage/clover.xml' | |
threshold_alert: ${{env.TEST_COVERAGE_FAIL_THRESHOLD}} | |
threshold_warning: ${{env.TEST_COVERAGE_WARNING_THRESHOLD}} | |
- name: Create commit file | |
run: | | |
mkdir -p ./dist | |
echo -e "$GITHUB_SHA" > "./dist/commit" | |
- name: Build staging | |
if: ${{env.BRANCH_NAME == 'staging'}} | |
run: yarn bundle:staging | |
- name: Build production | |
if: env.TAG != '' | |
run: yarn bundle:prod | |
- name: Assembling release information | |
if: env.TAG != '' && matrix.DISTRIBUTION == 'DISTRIBUTION_0' | |
# NOTE: always using 'main' config, since release version is only consumed at | |
# 'production' stage for now | |
# NOTE: 'containerImageTag' value must follow bin/push_docker.js:L49 | |
shell: bash | |
env: | |
RELEASE_NAME: ${{env.TAG}} | |
run: | | |
configVersion=$(cat ./app-config/package.json | jq -r '.dependencies["wire-web-config-default-main"]' | awk -F '#' '{ print $2 }') | |
packageVersion=$(cat ./package.json | jq -r '.version') | |
containerImageTag="${packageVersion}-${configVersion}-${GITHUB_SHA::7}" | |
echo "{\"imageTag\": \"${containerImageTag}\", \"releaseName\": \"${RELEASE_NAME}\"}" > ./release-info.json | |
- name: Storing release information | |
if: env.TAG != '' && matrix.DISTRIBUTION == 'DISTRIBUTION_0' | |
uses: actions/upload-artifact@v3 | |
with: | |
name: release-info.json | |
path: ./release-info.json | |
- name: Deploy staging build to Elastic Beanstalk | |
if: env.BRANCH_NAME == 'staging' && matrix.DISTRIBUTION == 'DISTRIBUTION_0' | |
uses: einaregilsson/beanstalk-deploy@v20 | |
with: | |
aws_access_key: ${{secrets.WEBTEAM_AWS_ACCESS_KEY_ID}} | |
aws_secret_key: ${{secrets.WEBTEAM_AWS_SECRET_ACCESS_KEY}} | |
application_name: ${{env.AWS_APPLICATION_NAME}} | |
environment_name: wire-account-staging-al2 | |
region: eu-central-1 | |
deployment_package: ${{env.AWS_BUILD_ZIP_PATH}} | |
wait_for_deployment: false | |
wait_for_environment_recovery: ${{env.DEPLOYMENT_RECOVERY_TIMEOUT_SECONDS}} | |
version_label: ${{github.run_id}} | |
version_description: ${{github.sha}} | |
- name: Deploy production build to Elastic Beanstalk | |
if: env.TAG != '' && matrix.DISTRIBUTION == 'DISTRIBUTION_0' | |
uses: einaregilsson/beanstalk-deploy@v20 | |
with: | |
aws_access_key: ${{secrets.WEBTEAM_AWS_ACCESS_KEY_ID}} | |
aws_secret_key: ${{secrets.WEBTEAM_AWS_SECRET_ACCESS_KEY}} | |
application_name: ${{env.AWS_APPLICATION_NAME}} | |
environment_name: wire-account-prod-al2 | |
region: eu-central-1 | |
deployment_package: ${{env.AWS_BUILD_ZIP_PATH}} | |
wait_for_deployment: false | |
wait_for_environment_recovery: ${{env.DEPLOYMENT_RECOVERY_TIMEOUT_SECONDS}} | |
version_label: ${{env.TAG}}-${{github.run_id}} | |
version_description: ${{github.sha}} | |
- name: Push staging Docker image | |
if: env.BRANCH_NAME == 'staging' | |
env: | |
DOCKER_PASSWORD: ${{secrets.WEBTEAM_QUAY_PASSWORD}} | |
DOCKER_USERNAME: ${{secrets.WEBTEAM_QUAY_USERNAME}} | |
run: | | |
if [ "$DISTRIBUTION" == "wire" ]; then | |
yarn docker '' staging | |
else | |
yarn docker "$DISTRIBUTION" staging | |
fi | |
- name: Push production Docker image | |
if: env.TAG != '' | |
env: | |
DOCKER_PASSWORD: ${{secrets.WEBTEAM_QUAY_PASSWORD}} | |
DOCKER_USERNAME: ${{secrets.WEBTEAM_QUAY_USERNAME}} | |
run: | | |
if [ "$DISTRIBUTION" == "wire" ]; then | |
yarn docker '' production | |
else | |
yarn docker "$DISTRIBUTION" production | |
fi | |
- name: Create GitHub release | |
id: create_release | |
if: env.TAG != '' && matrix.DISTRIBUTION == 'DISTRIBUTION_0' | |
uses: actions/create-release@v1 | |
env: | |
GITHUB_TOKEN: ${{github.token}} | |
with: | |
tag_name: ${{env.TAG}} | |
release_name: ${{env.TAG}} | |
body_path: ./CHANGELOG.md | |
draft: false | |
prerelease: false | |
update_helm_chart: | |
name: Update Helm chart | |
runs-on: ubuntu-latest | |
needs: test_build_deploy | |
steps: | |
# INFO: https://github.com/wireapp/wire-webapp/blob/062ae4e1c23fa0b33dafae9cc0acf9a94fa8ad1a/.github/workflows/test_build_deploy.yml#L351-L356 | |
- name: Obtaining release information artifact | |
id: release-info-artifact | |
uses: actions/download-artifact@v4 | |
continue-on-error: true | |
with: | |
name: release-info.json | |
- name: Indicating whether release info exist | |
id: release-info-file | |
env: | |
ARTIFACT_LOCAL_PATH: '${{ steps.release-info-artifact.outputs.download-path }}/release-info.json' | |
shell: bash | |
run: | | |
test -s "${ARTIFACT_LOCAL_PATH}" && echo '::set-output name=exists::true' | |
echo "::set-output name=releaseInfo::$(cat ${ARTIFACT_LOCAL_PATH})" | |
- name: Checking out 'wire-server' | |
uses: actions/checkout@v3 | |
if: ${{ steps.release-info-file.outputs.exists == 'true' }} | |
with: | |
repository: 'wireapp/wire-server' | |
fetch-depth: 1 | |
- name: Changing Helm value of the account-pages chart | |
id: change-helm-value | |
if: ${{ steps.release-info-file.outputs.exists == 'true' }} | |
shell: bash | |
run: | | |
sed --in-place --expression="s/ tag: .*/ tag: \"${{ fromJSON(steps.release-info-file.outputs.releaseInfo).imageTag }}\"/" ./charts/account-pages/values.yaml | |
git add ./charts/account-pages/values.yaml | |
echo "Upgrade account-pages version to ${{ fromJSON(steps.release-info-file.outputs.releaseInfo).imageTag }}" > ./changelog.d/0-release-notes/account-pages-upgrade | |
git add ./changelog.d/0-release-notes/account-pages-upgrade | |
echo "::set-output name=releaseUrl::${GITHUB_SERVER_URL}/${GITHUB_REPOSITORY}/releases/tag/${{ fromJSON(steps.release-info-file.outputs.releaseInfo).releaseName }}" | |
- name: Creating Pull Request | |
id: create-pr | |
if: ${{ steps.release-info-file.outputs.exists == 'true' }} | |
uses: peter-evans/create-pull-request@v5 | |
with: | |
draft: false | |
token: ${{ secrets.ZEBOT_GH_TOKEN }} | |
author: 'Zebot <[email protected]>' | |
branch: charts-update-account-pages-image-tag-${{ github.run_number }} | |
commit-message: 'chore: [charts] Update account-pages version' | |
title: 'Update account-pages version in Helm chart [skip ci]' | |
body: | | |
Image tag: `${{ fromJSON(steps.release-info-file.outputs.releaseInfo).imageTag }}` | |
Release: [`${{ fromJSON(steps.release-info-file.outputs.releaseInfo).releaseName }}`](${{ steps.change-helm-value.outputs.releaseUrl }}) | |
- name: Printing Pull Request URL | |
if: ${{ steps.release-info-file.outputs.exists == 'true' }} | |
shell: bash | |
run: | | |
echo "PR: ${{ steps.create-pr.outputs.pull-request-url }}" | |
- name: Delete release artifact | |
uses: geekyeggo/delete-artifact@v2 | |
with: | |
failOnError: false | |
name: | | |
release-info.json |