From 6b1212a646ebf37e2443e5a5df44ecdab91e6f6b Mon Sep 17 00:00:00 2001 From: stdavis Date: Fri, 24 Mar 2023 10:56:32 -0600 Subject: [PATCH] fix: implement standardized action workflows Closes #68 --- .github/workflows/ci.yml | 133 ----------------------------- .github/workflows/pull_request.yml | 51 +++++++++++ .github/workflows/push.yml | 82 ++++++++++++++++++ .vscode/settings.json | 3 + 4 files changed, 136 insertions(+), 133 deletions(-) delete mode 100644 .github/workflows/ci.yml create mode 100644 .github/workflows/pull_request.yml create mode 100644 .github/workflows/push.yml diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml deleted file mode 100644 index 0e1fbbf..0000000 --- a/.github/workflows/ci.yml +++ /dev/null @@ -1,133 +0,0 @@ -name: Test and Deploy -on: [push] - -concurrency: - group: '${{ github.head_ref || github.ref }}' - cancel-in-progress: true - -permissions: - contents: read - id-token: write - deployments: write - -jobs: - test: - runs-on: ubuntu-latest - steps: - - name: โฌ‡๏ธ Checkout code - uses: actions/checkout@v3 - - - name: โŽ” Setup Node.js - uses: actions/setup-node@v3 - with: - node-version-file: .node-version - cache: npm - - - name: ๐Ÿ“ฅ Download dependencies - run: | - npm ci - - - name: ๐Ÿงช Test - run: npm test - - deploy-dev: - runs-on: ubuntu-latest - needs: test - environment: - name: dev - url: https://electrofishing-query.dev.utah.gov - if: github.ref == 'refs/heads/dev' - - steps: - - name: โฌ‡๏ธ Checkout code - uses: actions/checkout@v3 - - - id: auth - name: ๐Ÿ—๏ธ Authenticate to Google Cloud - uses: google-github-actions/auth@v0 - with: - access_token_scopes: 'email, openid, https://www.googleapis.com/auth/cloud-platform, https://www.googleapis.com/auth/firebase' - workload_identity_provider: ${{ secrets.IDENTITY_PROVIDER }} - service_account: ${{ secrets.SERVICE_ACCOUNT_EMAIL }} - create_credentials_file: true - - - name: โŽ” Setup Node.js - uses: actions/setup-node@v3 - with: - node-version-file: .node-version - cache: npm - - - name: ๐Ÿ“ฅ Download dependencies - run: | - npm ci - - - name: ๐Ÿ— Run build script - run: npm run build:stage - - - name: ๐Ÿชฃ Cache firebase - uses: actions/cache@v3 - with: - path: ./.firebase - key: ${{ runner.OS }}-firebase-${{ hashFiles('**/*.cache') }} - restore-keys: | - ${{ runner.OS }}-firebase- - ${{ runner.OS }}- - - - name: ๐Ÿš€ Firebase deploy - run: > - npx firebase-tools deploy - --only hosting - --project ${{ secrets.PROJECT_ID }} - env: - FIREBASE_CLI_PREVIEWS: hostingchannels - - deploy-prod: - runs-on: ubuntu-latest - needs: test - environment: - name: prod - url: https://electrofishing-query.utah.gov - if: github.ref == 'refs/heads/main' - - steps: - - name: โฌ‡๏ธ Checkout code - uses: actions/checkout@v3 - - - id: auth - name: ๐Ÿ—๏ธ Authenticate to Google Cloud - uses: google-github-actions/auth@v0 - with: - access_token_scopes: 'email, openid, https://www.googleapis.com/auth/cloud-platform, https://www.googleapis.com/auth/firebase' - workload_identity_provider: ${{ secrets.IDENTITY_PROVIDER }} - service_account: ${{ secrets.SERVICE_ACCOUNT_EMAIL }} - create_credentials_file: true - - - name: โŽ” Setup Node.js - uses: actions/setup-node@v3 - with: - node-version-file: .node-version - cache: npm - - - name: ๐Ÿ“ฅ Download dependencies - run: | - npm ci - - - name: ๐Ÿ— Run build script - run: npm run build:prod - - - name: ๐Ÿชฃ Cache firebase - uses: actions/cache@v3 - with: - path: ./.firebase - key: ${{ runner.OS }}-firebase-${{ hashFiles('**/*.cache') }} - restore-keys: | - ${{ runner.OS }}-firebase- - ${{ runner.OS }}- - - - name: ๐Ÿš€ Firebase deploy - run: > - npx firebase-tools deploy - --only hosting - --project ${{ secrets.PROJECT_ID }} - env: - FIREBASE_CLI_PREVIEWS: hostingchannels diff --git a/.github/workflows/pull_request.yml b/.github/workflows/pull_request.yml new file mode 100644 index 0000000..e77313d --- /dev/null +++ b/.github/workflows/pull_request.yml @@ -0,0 +1,51 @@ +name: Pull Request Events + +on: + pull_request: + +permissions: + contents: write + id-token: write + pull-requests: write + +concurrency: + group: ${{ github.workflow }}-${{ github.head_ref || github.ref }} + cancel-in-progress: true + +jobs: + test: + runs-on: ubuntu-latest + steps: + - name: โฌ‡๏ธ Checkout code + uses: actions/checkout@v3 + + - name: โŽ” Setup Node.js + uses: actions/setup-node@v3 + with: + node-version-file: .node-version + cache: npm + + - name: ๐Ÿ“ฅ Download dependencies + run: npm ci + + - name: ๐Ÿงช Run tests + run: npm test + + deploy-preview: + name: Firebase preview + runs-on: ubuntu-latest + needs: test + if: ${{ github.event.sender.type == 'User' }} + environment: + name: dev + + steps: + - name: ๐Ÿš€ Deploy + uses: agrc/firebase-website-deploy-composite-action@v1 + with: + identity-provider: ${{ secrets.IDENTITY_PROVIDER }} + service-account-email: ${{ secrets.SERVICE_ACCOUNT_EMAIL }} + project-id: ${{ secrets.PROJECT_ID }} + preview: yes + build-command: npm run build:stage + repo-token: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/push.yml b/.github/workflows/push.yml new file mode 100644 index 0000000..3f66208 --- /dev/null +++ b/.github/workflows/push.yml @@ -0,0 +1,82 @@ +name: Push Events + +on: + push: + branches: + - dev + - main + +permissions: + contents: write + id-token: write + deployments: write + pull-requests: write + +concurrency: + group: ${{ github.workflow }}-${{ github.ref }} + cancel-in-progress: true + +jobs: + release: + name: Create release + runs-on: ubuntu-latest + outputs: + release_created: ${{ steps.release-please.outputs.release_created }} + released_version: ${{ steps.release-please.outputs.released_version }} + + steps: + - name: ๐Ÿš€ Create Release + id: release-please + uses: agrc/release-composite-action@v1 + with: + prerelease: ${{ github.ref_name == 'dev' }} + repo-token: ${{ secrets.GITHUB_TOKEN }} + github-app-id: ${{ secrets.UGRC_RELEASE_BOT_APP_ID }} + github-app-key: ${{ secrets.UGRC_RELEASE_BOT_APP_KEY }} + github-app-name: ${{ secrets.UGRC_RELEASE_BOT_NAME }} + github-app-email: ${{ secrets.UGRC_RELEASE_BOT_EMAIL }} + + deploy-dev: + name: Deploy to staging + runs-on: ubuntu-latest + needs: release + environment: + name: dev + url: https://electrofishing-query.dev.utah.gov + if: github.ref_name == 'dev' && needs.release.outputs.release_created + + steps: + - name: ๐Ÿš€ Deploy + uses: agrc/firebase-website-deploy-composite-action@v1 + with: + identity-provider: ${{ secrets.IDENTITY_PROVIDER }} + service-account-email: ${{ secrets.SERVICE_ACCOUNT_EMAIL }} + project-id: ${{ secrets.PROJECT_ID }} + prebuild-command: npx grunt bump --setversion=${{ needs.release.outputs.released_version }} + build-command: npm run build:stage + repo-token: ${{ secrets.GITHUB_TOKEN }} + + deploy-prod: + name: Deploy to production + runs-on: ubuntu-latest + needs: release + environment: + name: prod + url: https://electrofishing-query.ugrc.utah.gov + if: github.ref_name == 'main' && needs.release.outputs.release_created + + steps: + - name: ๐Ÿš€ Deploy + uses: agrc/firebase-website-deploy-composite-action@v1 + with: + identity-provider: ${{ secrets.IDENTITY_PROVIDER }} + service-account-email: ${{ secrets.SERVICE_ACCOUNT_EMAIL }} + prebuild-command: npx grunt bump --setversion=${{ needs.release.outputs.released_version }} + project-id: ${{ secrets.PROJECT_ID }} + build-command: npm run build:prod + service-now-instance: ${{ secrets.SN_INSTANCE }} + service-now-table: ${{ secrets.SN_TABLE }} + service-now-system-id: ${{ secrets.SN_SYS_ID }} + service-now-username: ${{ secrets.SN_USERNAME }} + service-now-password: ${{ secrets.SN_PASSWORD }} + repo-token: ${{ secrets.GITHUB_TOKEN }} diff --git a/.vscode/settings.json b/.vscode/settings.json index 7500613..b763fb3 100644 --- a/.vscode/settings.json +++ b/.vscode/settings.json @@ -5,9 +5,12 @@ "autoplay", "fishsample", "fullscreen", + "hostingchannels", "nonwritable", "nosniff", + "prebuild", "SAMEORIGIN", + "setversion", "UDWR", "udwrgis", "WILDADMIN",