diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 27fd95e..e6130ee 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -8,8 +8,14 @@ name: ๐Ÿ—๏ธ Build on: workflow_call: inputs: - images: - default: '["all"]' + context: + required: true + type: string + environment: + default: test + type: string + image: + required: true type: string version: type: string @@ -24,18 +30,7 @@ jobs: build: name: ๐Ÿณ Docker runs-on: ubuntu-latest - strategy: - fail-fast: false - # https://docs.github.com/en/actions/writing-workflows/choosing-what-your-workflow-does/running-variations-of-jobs-in-a-workflow#example-adding-configurations - matrix: - image: ${{ fromJSON(inputs.images) }} - exclude: - - image: all - include: - - image: urbantree - context: ./app - - image: api - context: ./api + environment: ${{ inputs.image }}-test steps: # https://github.com/actions/checkout/tree/11bd71901bbe5b1630ceea73d27597364c9af683 @@ -63,7 +58,7 @@ jobs: - uses: docker/metadata-action@b53be03109c4ef6f6cc7aa545b84b17a7fe51c1e id: meta with: - images: ${{ env.REGISTRY }}/${{ github.repository_owner }}/${{ matrix.image }} + images: ${{ env.REGISTRY }}/${{ github.repository_owner }}/${{ inputs.image }} tags: | type=ref,event=branch type=semver,pattern={{version}},value=${{ inputs.version }} @@ -98,7 +93,7 @@ jobs: id: build-test with: load: true - context: ${{ matrix.context }} + context: ${{ inputs.context }} target: test cache-from: type=gha cache-to: type=gha,mode=max @@ -106,15 +101,15 @@ jobs: APP_ENV: test - name: ๐Ÿงช Run tests - run: docker run --rm -v "$(pwd)/reports/${{ matrix.image }}:/reports" ${{ steps.build-test.outputs.imageid }} + run: docker run --rm -v "$(pwd)/reports/${{ inputs.image }}:/reports" ${{ steps.build-test.outputs.imageid }} # https://github.com/actions/upload-artifact/tree/b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 - name: ๐Ÿ“ค Upload coverage data uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 if: ${{ !cancelled() }} with: - name: ${{ matrix.image }}-coverage - path: reports/${{ matrix.image }} + name: ${{ inputs.image }}-coverage + path: reports/${{ inputs.image }} retention-days: 1 # https://github.com/docker/build-push-action/tree/48aba3b46d1b1fec4febb7c5d0c644b249a11355 @@ -124,7 +119,7 @@ jobs: with: build-args: | IMAGE_VERSION=${{ inputs.version }} - context: ${{ matrix.context }} + context: ${{ inputs.context }} push: ${{ !!inputs.version }} target: final tags: ${{ steps.meta.outputs.tags }} @@ -153,6 +148,45 @@ jobs: uses: actions/attest-build-provenance@7668571508540a607bdfd90a87a560489fe372eb if: inputs.version with: - subject-name: ${{ env.REGISTRY }}/${{ github.repository_owner }}/${{ matrix.image }} + subject-name: ${{ env.REGISTRY }}/${{ github.repository_owner }}/${{ inputs.image }} subject-digest: ${{ steps.build-and-push.outputs.digest }} push-to-registry: true + + report: + name: ๐Ÿ—‚๏ธ Upload reports + needs: build + runs-on: ubuntu-latest + if: ${{ !cancelled() }} + + steps: + # https://github.com/actions/checkout/tree/11bd71901bbe5b1630ceea73d27597364c9af683 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 + + # https://github.com/actions/download-artifact/tree/fa0a91b85d4f404e444e00e005971372dc801d16 + - name: ๐Ÿ“ฅ Download coverage data + uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 + with: + name: ${{ inputs.image }}-coverage + + # https://github.com/getsentry/action-release/tree/e769183448303de84c5a06aaaddf9da7be26d6c7 + - name: ๐Ÿ“Ÿ Release to Sentry + uses: ./.github/actions/release-sentry + with: + environment: ${{ inputs.environment }} + projects: ${{ inputs.image }} + version: ${{ inputs.version || github.sha }} + env: + SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }} + SENTRY_ORG: ${{ secrets.SENTRY_ORG }} + + # https://github.com/codecov/test-results-action/tree/9739113ad922ea0a9abb4b2c0f8bf6a4aa8ef820 + - name: ๐Ÿงฎ Upload test results to Codecov + uses: codecov/test-results-action@9739113ad922ea0a9abb4b2c0f8bf6a4aa8ef820 + env: + CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }} + + # https://github.com/codecov/codecov-action/tree/7f8b4b4bde536c465e797be725718b88c5d95e0e + - name: ๐Ÿ“ˆ Upload coverage to Codecov + uses: codecov/codecov-action@7f8b4b4bde536c465e797be725718b88c5d95e0e + env: + CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }} diff --git a/.github/workflows/cd.yml b/.github/workflows/cd.yml index 688f8f4..b70f41f 100644 --- a/.github/workflows/cd.yml +++ b/.github/workflows/cd.yml @@ -43,22 +43,25 @@ jobs: name: ๐Ÿ—๏ธ Build needs: foundation uses: ./.github/workflows/build.yml + strategy: + fail-fast: false + # https://docs.github.com/en/actions/writing-workflows/choosing-what-your-workflow-does/running-variations-of-jobs-in-a-workflow#example-adding-configurations + matrix: + include: + - image: urbantree + context: ./app + - image: api + context: ./api permissions: contents: read packages: write attestations: write id-token: write with: + context: ${{ matrix.context }} + environment: ${{ needs.foundation.outputs.version && 'production' }} + image: ${{ matrix.image }} version: ${{ needs.foundation.outputs.version }} - - report: - name: ๐Ÿ—ƒ๏ธ Report - needs: build - if: ${{ !cancelled() }} - uses: ./.github/workflows/report.yml - with: - environment: ${{ needs.build.outputs.version && 'production' }} - version: ${{ needs.build.outputs.version }} secrets: inherit release: diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 2798d8f..8ac5e90 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -21,7 +21,7 @@ jobs: permissions: pull-requests: read outputs: - images: ${{ github.event_name == 'push' && '["all"]' || steps.filter.outputs.changes }} + images: ${{ contains(steps.filter.outputs.changes, '[]') && '["all"]' || steps.filter.outputs.changes }} steps: # https://github.com/actions/checkout/tree/11bd71901bbe5b1630ceea73d27597364c9af683 - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 @@ -35,8 +35,20 @@ jobs: build: name: ๐Ÿ—๏ธ Build - needs: [foundation] + needs: foundation uses: ./.github/workflows/build.yml + strategy: + fail-fast: false + # https://docs.github.com/en/actions/writing-workflows/choosing-what-your-workflow-does/running-variations-of-jobs-in-a-workflow#example-adding-configurations + matrix: + image: ${{ fromJson(needs.foundation.outputs.images) }} + exclude: + - image: all + include: + - image: urbantree + context: ./app + - image: api + context: ./api permissions: contents: read packages: write @@ -45,13 +57,6 @@ jobs: # with sigstore/fulcio when running outside of PRs. id-token: write with: - images: ${{ needs.foundation.outputs.images }} - - report: - name: ๐Ÿ—ƒ๏ธ Report - needs: [build] - if: ${{ !cancelled() }} - uses: ./.github/workflows/report.yml - with: - version: ${{ github.sha }} + context: ${{ matrix.context }} + image: ${{ matrix.image }} secrets: inherit diff --git a/.github/workflows/report.yml b/.github/workflows/report.yml deleted file mode 100644 index fa5866f..0000000 --- a/.github/workflows/report.yml +++ /dev/null @@ -1,59 +0,0 @@ -# This workflow uses actions that are not certified by GitHub. -# They are provided by a third-party and are governed by -# separate terms of service, privacy policy, and support -# documentation. - -name: ๐Ÿ—ƒ๏ธ Report - -on: - workflow_call: - inputs: - environment: - default: test - type: string - version: - required: true - type: string - -jobs: - upload: - name: ๐Ÿ—‚๏ธ Upload reports - runs-on: ubuntu-latest - strategy: - fail-fast: false - # https://docs.github.com/en/actions/writing-workflows/choosing-what-your-workflow-does/running-variations-of-jobs-in-a-workflow#example-adding-configurations - matrix: - image: [urbantree, api] - - steps: - # https://github.com/actions/checkout/tree/11bd71901bbe5b1630ceea73d27597364c9af683 - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 - - # https://github.com/actions/download-artifact/tree/fa0a91b85d4f404e444e00e005971372dc801d16 - - name: ๐Ÿ“ฅ Download coverage data - uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 - with: - name: ${{ matrix.image }}-coverage - - # https://github.com/getsentry/action-release/tree/e769183448303de84c5a06aaaddf9da7be26d6c7 - - name: ๐Ÿ“Ÿ Release to Sentry - uses: ./.github/actions/release-sentry - with: - environment: ${{ inputs.environment }} - projects: ${{ matrix.image }} - version: ${{ inputs.version }} - env: - SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }} - SENTRY_ORG: ${{ secrets.SENTRY_ORG }} - - # https://github.com/codecov/test-results-action/tree/9739113ad922ea0a9abb4b2c0f8bf6a4aa8ef820 - - name: ๐Ÿงฎ Upload test results to Codecov - uses: codecov/test-results-action@9739113ad922ea0a9abb4b2c0f8bf6a4aa8ef820 - env: - CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }} - - # https://github.com/codecov/codecov-action/tree/7f8b4b4bde536c465e797be725718b88c5d95e0e - - name: ๐Ÿ“ˆ Upload coverage to Codecov - uses: codecov/codecov-action@7f8b4b4bde536c465e797be725718b88c5d95e0e - env: - CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}