Docker static ips (#1515) #169
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# release a version into the wild | |
name: release | |
on: | |
push: | |
branches: [main, staging] | |
workflow_dispatch: | |
concurrency: | |
group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }} | |
cancel-in-progress: true | |
env: | |
GITHUB_TOKEN: ${{ secrets.PROSOPONATOR_PAT }} | |
GH_TOKEN: ${{ secrets.PROSOPONATOR_PAT }} | |
CARGO_TERM_COLOR: always | |
NODE_OPTIONS: "--max-old-space-size=4096" | |
jobs: | |
deploy: | |
runs-on: ubuntu-latest | |
steps: | |
- name: Print contexts | |
env: | |
GITHUB_CONTEXT: ${{ toJson(github) }} | |
ENV_CONTEXT: ${{ toJson(env) }} | |
VARS_CONTEXT: ${{ toJson(vars) }} | |
JOB_CONTEXT: ${{ toJson(job) }} | |
STEPS_CONTEXT: ${{ toJson(steps) }} | |
RUNNER_CONTEXT: ${{ toJson(runner) }} | |
SECRETS_CONTEXT: ${{ toJson(secrets) }} | |
STRATEGY_CONTEXT: ${{ toJson(strategy) }} | |
MATRIX_CONTEXT: ${{ toJson(matrix) }} | |
NEEDS_CONTEXT: ${{ toJson(needs) }} | |
INPUTS_CONTEXT: ${{ toJson(inputs) }} | |
run: | | |
echo "******************************" | |
echo "github:" "$GITHUB_CONTEXT" | |
echo "******************************" | |
echo "env:" "$ENV_CONTEXT" | |
echo "******************************" | |
echo "vars:" "$VARS_CONTEXT" | |
echo "******************************" | |
echo "job:" "$JOB_CONTEXT" | |
echo "******************************" | |
echo "steps:" "$STEPS_CONTEXT" | |
echo "******************************" | |
echo "runner:" "$RUNNER_CONTEXT" | |
echo "******************************" | |
echo "secrets:" "$SECRETS_CONTEXT" | |
echo "******************************" | |
echo "strategy:" "$STRATEGY_CONTEXT" | |
echo "******************************" | |
echo "matrix:" "$MATRIX_CONTEXT" | |
echo "******************************" | |
echo "needs:" "$NEEDS_CONTEXT" | |
echo "******************************" | |
echo "inputs:" "$INPUTS_CONTEXT" | |
echo "******************************" | |
- run: mkdir -p ~/.npm | |
- run: mkdir -p ~/.cache/Cypress | |
- name: Restore npm cache | |
if: ${{ runner.environment != 'self-hosted' }} # don't restore cache on self-hosted runners, network speed not good enough | |
uses: actions/cache/restore@v4 | |
with: | |
# must restore all cache dirs, and they must exist ahead of this! | |
path: | | |
~/.npm | |
~/.cache/Cypress | |
# note that restoring a cache in github is a pain. The trailing '-' matches any string after the '-', therefore 'abc-' would match a cache named 'abc-1234' or 'abc-5678', etc. | |
# the problem is 'abc-' will not match a cache named 'abc'! So if you're using wildcard cache name selectors like this, you need a field that changes as the suffix to become the wildcard | |
# here we're setting the key to an unused cache key so it falls back to the wildcard selector in `restore-keys` | |
key: some-unused-cache-key | |
restore-keys: | | |
npm-${{ runner.os }}-${{ runner.arch }}- | |
- uses: actions/checkout@v4 | |
with: | |
submodules: "recursive" | |
- name: Detect env | |
id: env | |
run: | | |
set -euxo pipefail # stop on errors, print commands, fail on pipe fails | |
VERSION=$(jq -r '.version' < package.json) | |
# if version not detected, error | |
if [[ -z "$VERSION" ]]; then | |
echo "Failed to get version" | |
exit 1 | |
fi | |
# or if version null | |
if [[ "$VERSION" == "null" ]]; then | |
echo "Failed to get version" | |
exit 1 | |
fi | |
echo "version=$VERSION" | |
# export the next version numbers | |
# shellcheck disable=SC2086 | |
echo "version=$VERSION" >> $GITHUB_OUTPUT | |
# if branch is main, then prod, else staging | |
if [[ "${{ github.ref }}" == "refs/heads/main" ]]; then | |
echo "production" | |
# shellcheck disable=SC2086 | |
{ | |
echo "env=production"; | |
echo "production=true"; | |
echo "docker_latest_tag=latest"; | |
echo "docker_version_tag=$VERSION"; | |
echo "gh_release_tag=v$VERSION" | |
} >> $GITHUB_OUTPUT | |
elif [[ "${{ github.ref }}" == "refs/heads/staging" ]]; then | |
echo "staging" | |
# shellcheck disable=SC2086 | |
{ | |
echo "env=staging"; | |
echo "staging=true"; | |
echo "docker_latest_tag=staging"; | |
echo "docker_version_tag=staging"; | |
echo "gh_release_tag=staging-release" | |
echo "gh_prerelease=true" | |
} >> $GITHUB_OUTPUT | |
else | |
echo "cannot deploy from branch ${{ github.ref }}" | |
exit 1 | |
fi | |
- uses: actions/setup-node@v4 | |
with: | |
node-version-file: 'package.json' | |
- run: npm i -g "npm@$(jq -r .engines.npm < package.json)" | |
- run: npm ci | |
# check everything builds | |
- run: npm run build:all | |
- run: npm run build:all:cjs | |
- run: npm run bundle:all | |
- name: Purge gh prerelease | |
if: ${{ steps.env.outputs.gh_prerelease }} | |
continue-on-error: true # don't fail the workflow if the release doesn't exist | |
run: | | |
gh release delete "${{ steps.env.outputs.gh_release_tag }}" --yes --cleanup-tag | |
- name: Github release | |
continue-on-error: true # don't fail the workflow if the release already exists | |
run: | | |
gh release create --generate-notes "${{ steps.env.outputs.gh_release_tag }}" | |
- name: Mark Github release as prerelease | |
if: ${{ steps.env.outputs.gh_prerelease }} | |
continue-on-error: true # don't fail the workflow if the release can't be resolved | |
run: | | |
gh release edit "${{ steps.env.outputs.gh_release_tag }}" --prerelease | |
- name: Release fail notification | |
if: failure() | |
run: | | |
curl -X POST -H 'Content-type: application/json' --data "{\"text\":\":check-failed: Release <${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}|${{ steps.env.outputs.env }} ${{ steps.env.outputs.gh_release_tag }}> failed.\"}" ${{ secrets.SLACKBOT_DEVOPS }} | |
- name: Release success notification | |
if: success() | |
run: | | |
curl -X POST -H 'Content-type: application/json' --data "{\"text\":\":check-passed: Release <${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}|${{ steps.env.outputs.env }} ${{ steps.env.outputs.gh_release_tag }}> succeeded.\"}" ${{ secrets.SLACKBOT_DEVOPS }} | |