diff --git a/.github/workflows/docker-publish.yaml b/.github/workflows/docker-publish.yaml new file mode 100644 index 0000000..e5abed3 --- /dev/null +++ b/.github/workflows/docker-publish.yaml @@ -0,0 +1,134 @@ +on: + workflow_run: + workflows: + - "Check Code Quality" + branches: + - main + types: + - completed + +name: Build and Push to ECR + +jobs: + build-and-push: + if: ${{ github.event.workflow_run.conclusion == 'success' }} + name: Build and Push + environment: ${{ startsWith(github.ref, 'refs/tags/') && 'prod' || 'dev' }} + runs-on: ubuntu-latest + outputs: + version: ${{ steps.get-version.outputs.version }} + commit: ${{ steps.get-commit-id.outputs.commit }} + environment: ${{ steps.set-environment.outputs.environment }} + steps: + - name: Checkout + uses: actions/checkout@v4 + + - name: Configure AWS credentials + uses: aws-actions/configure-aws-credentials@v4 + with: + aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} + aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + aws-region: ${{ vars.AWS_REGION }} + + - name: Configure Node + uses: actions/setup-node@v4 + with: + node-version: 16.13 + registry-url: 'https://npm.pkg.github.com' + scope: '@zeplin' + cache: 'npm' + + - id: get-commit-id + name: Get commit id + run: echo "commit=${GITHUB_SHA::7}" >> $GITHUB_OUTPUT + + - name: Create revision file + run: echo $(date +%s)-${{ steps.get-commit-id.outputs.commit }} >./revision.txt + + - id: get-version + name: Get version + run: echo "version=${{ startsWith(github.ref, 'refs/tags/') && github.ref_name || '' }}" >> $GITHUB_OUTPUT + + - name: Set package version + if: ${{ steps.get-version.outputs.version }} # ${GITHUB_REF} does not have a tag if this is not set above + run: npm version ${GITHUB_REF#refs/tags/v} --no-git-tag-version --allow-same-version + + - id: set-environment + name: Set environment + run: echo "environment=${{ startsWith(github.ref, 'refs/tags/') && 'prod' || 'dev' }}" >> $GITHUB_OUTPUT + + - name: Install all dependencies + run: npm ci --ignore-scripts + env: + NODE_AUTH_TOKEN: ${{ secrets.GH_PERSONAL_ACCESS_TOKEN }} + + - name: Run post install scripts of dependencies + run: npm rebuild && npm run prepare --if-present + + - name: Build + run: npm run build + + - name: Install dependencies without devDependencies + run: npm ci --omit=dev --ignore-scripts + env: + NODE_AUTH_TOKEN: ${{ secrets.GH_PERSONAL_ACCESS_TOKEN }} + + - name: Run post install scripts of dependencies + run: npm rebuild && npm run prepare --if-present + + - name: Build and push Docker image to AWS ECR + run: | + REPO="${{ vars.AWS_ACCOUNT_ID || '915497967985' }}.dkr.ecr.${{ vars.AWS_REGION }}.amazonaws.com" + IMAGE="$REPO/microsoft-teams-app:${{ startsWith(github.ref, 'refs/tags/') && github.ref_name || steps.get-commit-id.outputs.commit }}" + IMAGE_WITH_ENV_TAG="$REPO/microsoft-teams-app:${{ steps.set-environment.outputs.environment }}" + docker build -t $IMAGE . + docker tag $IMAGE $IMAGE_WITH_ENV_TAG + aws ecr get-login-password --region ${{ vars.AWS_REGION }} | docker login --username AWS --password-stdin $REPO + docker push $IMAGE + docker push $IMAGE_WITH_ENV_TAG + + - name: Trigger infra workflow to deploy new image version + run: | + JSON_DATA=$( + jq -n -c \ + --arg b "${{ github.ref_name }}" \ + --arg t "${{ github.ref_name }}" \ + --arg v "${{ steps.get-version.outputs.version }}" \ + --arg c "${{ steps.get-commit-id.outputs.commit }}" \ + --arg e "${{ steps.set-environment.outputs.environment }}" \ + '{"app-name": "microsoft-teams-app", "branch": $b, "version": $v, "tag": $t, "commit-id": $c, "environment": $e }' + ) + echo $JSON_DATA | gh workflow run deploy-app.yaml --repo zeplin/infra --json + echo "Workflow is triggered: https://github.com/zeplin/infra/actions/workflows/deploy-app.yaml" + env: + GH_TOKEN: ${{ secrets.GH_PERSONAL_ACCESS_TOKEN }} + + post-deploy: + needs: build-and-push + name: Post Deploy Actions + environment: ${{ needs.build-and-push.outputs.environment }} + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@v4 + with: + fetch-depth: 0 + + - name: Create New Relic deployment marker + uses: newrelic/deployment-marker-action@v2.5.0 + with: + apiKey: ${{ secrets.NEWRELIC_API_KEY }} + guid: ${{ vars.NEWRELIC_APPLICATION_GUID }} + version: ${{ needs.build-and-push.outputs.version || needs.build-and-push.outputs.commit }} + commit: ${{ needs.build-and-push.outputs.commit }} + groupId: ${{ startsWith(github.ref, 'refs/tags/') && 'prod' || github.ref_name }} + + - name: Create Sentry release + uses: getsentry/action-release@v1 + env: + SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }} + SENTRY_ORG: zeplin + SENTRY_PROJECT: microsoft-teams-app + with: + environment: ${{ needs.build-and-push.outputs.environment }} + version: ${{ needs.build-and-push.outputs.version }}