Skip to content

Commit

Permalink
Merge pull request #9 from bcgov/feature-web-ci
Browse files Browse the repository at this point in the history 
Web CI and CD Workflow Pipelines
  • Loading branch information
@WadeBarnes
WadeBarnes authored Aug 27, 2024
2 parents 0ab6a02 + 94ef6a9 commit cc5e407
Show file tree
Hide file tree
Showing 8 changed files with 298 additions and 31 deletions.
38 changes: 38 additions & 0 deletions .github/workflows/actions/build-web/action.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,38 @@
name: Build Web
description: Builds the Web codebase

inputs:
working_directory:
description: The working directory where the code will be built.
required: true
node_version:
description: The node version that will be used.
required: true

runs:
using: composite

steps:
- name: Use Node.js ${{ inputs.node_version }}
uses: actions/setup-node@v1
with:
node-version: ${{ inputs.node_version }}

- run: npm ci
shell: bash
working-directory: ${{ inputs.working_directory }}

# Lint errors exists from SCC and will be worked on separately.
- run: npm run lint
shell: bash
working-directory: ${{ inputs.working_directory }}
continue-on-error: true

- run: npm run build
shell: bash
working-directory: ${{ inputs.working_directory }}

# Unit test is not configured in SCC and will be worked on separately.
- run: npm run test --if-present
shell: bash
working-directory: ${{ inputs.working_directory }}
64 changes: 64 additions & 0 deletions .github/workflows/actions/deploy-to-aws/action.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,64 @@
name: Deploy to AWS
description: Deploy image to AWS Instance

inputs:
environment:
description: The environment to which the image will be deployed.
required: true
aws_account:
description: The AWS Account ID.
required: true
region:
description: The AWS Region of the AWS Account.
required: true
app_name:
description: The application name.
required: true
aws_role_arn:
description: The AWS Role ARN to assume.
required: true

# Image parameters
ghcr_token:
description: The token to use to login to the GHCR.
required: true
github_image_repo:
description: The GCHR repo where images are stored.
required: true
image_name:
description: The name of the image to be deployed.
required: true
image_digest:
description: The digest of the image to be deployed. Identifies the unique image tag in the GHCR.
required: true

runs:
using: composite
steps:
- name: Log in to the GHCR
uses: docker/login-action@v2
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ inputs.ghcr_token }}

- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v4
with:
role-skip-session-tagging: true
aws-region: ${{ inputs.region }}
role-to-assume: ${{ inputs.aws_role_arn }}
role-duration-seconds: 1800
role-session-name: ci-deployment

- name: Login to AWS CLI
shell: bash
run: |
aws ecr get-login-password --region ${{ inputs.region }} | docker login --username AWS --password-stdin ${{ inputs.aws_account }}.dkr.ecr.${{ inputs.region }}.amazonaws.com/${{ inputs.app_name }}-ecr-repo-${{ inputs.environment }}
- name: Tag the image in the GHCR as ${{ inputs.environment }}
shell: bash
run: |
docker pull ${{ inputs.github_image_repo }}${{ inputs.image_name }}@${{ inputs.image_digest }}
docker tag ${{ inputs.github_image_repo }}${{ inputs.image_name }}@${{ inputs.image_digest }} ${{ inputs.aws_account }}.dkr.ecr.${{ inputs.region }}.amazonaws.com/${{ inputs.app_name }}-ecr-repo-${{ inputs.environment }}:${{ inputs.image_name }}
docker push ${{ inputs.aws_account }}.dkr.ecr.${{ inputs.region }}.amazonaws.com/${{ inputs.app_name }}-ecr-repo-${{ inputs.environment }}:${{ inputs.image_name }}
30 changes: 0 additions & 30 deletions .github/workflows/app-vue.yml
View file

This file was deleted.

30 changes: 30 additions & 0 deletions .github/workflows/build-and-test-web.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,30 @@
name: Build and Test Web

on:
pull_request:
branches:
- master
paths:
- "web/**"

workflow_dispatch:

env:
WORKING_DIRECTORY: ./web

jobs:
build-and-test:
runs-on: ubuntu-latest

strategy:
matrix:
node-version: [12.x]
steps:
- name: Checkout repository
uses: actions/checkout@v4

- name: Building Web codebase
uses: ./.github/workflows/actions/build-web
with:
working_directory: ${{ env.WORKING_DIRECTORY }}
node_version: ${{ matrix.node-version }}
153 changes: 153 additions & 0 deletions .github/workflows/publish-web.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,153 @@
name: Deploy Web

on:
push:
branches:
- master
paths:
- "web/**"

workflow_dispatch:

env:
WORKING_DIRECTORY: ./web
IMAGE_NAME: web
GITHUB_IMAGE_REPO: ghcr.io/bcgov/jasper/
WEB_BASE_HREF: /

jobs:
build:
name: Build, Create and Push Image
runs-on: ubuntu-latest
outputs:
image_digest: ${{ steps.docker_push.outputs.digest }}

strategy:
matrix:
node-major-version: [12]
node-minor-version: [x]

steps:
- name: Checkout repository
uses: actions/checkout@v4

- name: Building Web codebase
uses: ./.github/workflows/actions/build-web
with:
working_directory: ${{ env.WORKING_DIRECTORY }}
node_version: ${{ matrix.node-major-version }}.${{ matrix.node-minor-version }}

- name: Log in to the GHCR
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}

- name: Get short SHA
id: short_sha
run: |
echo "::set-output name=SHORT_SHA::$(git rev-parse --short HEAD)"
echo "Short SHA: $SHORT_SHA"
- name: Build Docker Image
working-directory: ${{env.WORKING_DIRECTORY}}/../
run: |
docker build --tag web-runtime -f docker/nginx-runtime/Dockerfile ./docker/nginx-runtime/
docker build --tag web-artifacts --build-arg node_version=${{ matrix.node-major-version }} --build-arg WEB_BASE_HREF=${{ env.WEB_BASE_HREF }} -f docker/web/Dockerfile .
docker build --tag ${{ env.IMAGE_NAME }} -f docker/vue-on-nginx/Dockerfile ./docker/vue-on-nginx/
docker tag ${{ env.IMAGE_NAME }} ${{ env.GITHUB_IMAGE_REPO }}${{ env.IMAGE_NAME }}:${{ steps.short_sha.outputs.SHORT_SHA }}
- name: Push Image to GCHR
id: docker_push
run: |
output=$(docker push ${{ env.GITHUB_IMAGE_REPO }}${{ env.IMAGE_NAME }}:${{ steps.short_sha.outputs.SHORT_SHA }})
echo $output
digest=$(echo "$output" | grep "digest: sha256" | awk '{ print $3 }')
echo "digest=$digest" >> $GITHUB_OUTPUT
deploy2dev:
name: Deploy to DEV
needs: build
env:
ENVIRONMENT: dev
permissions:
id-token: write
packages: write
runs-on: ubuntu-latest
environment: dev

steps:
- name: Checkout
uses: actions/checkout@v4

- name: Deploy to ${{ env.ENVIRONMENT }}
uses: ./.github/workflows/actions/deploy-to-aws
with:
environment: ${{ env.ENVIRONMENT }}
aws_account: ${{ vars.AWS_ACCOUNT }}
region: ${{ vars.AWS_REGION }}
app_name: ${{ vars.APP_NAME }}
aws_role_arn: ${{ vars.AWS_ROLE_ARN }}
ghcr_token: ${{ secrets.GITHUB_TOKEN }}
github_image_repo: ${{ env.GITHUB_IMAGE_REPO }}
image_name: ${{ env.IMAGE_NAME }}
image_digest: ${{ needs.build.outputs.image_digest }}

deploy2test:
name: Deploy to TEST
needs: [build, deploy2dev]
env:
ENVIRONMENT: test
permissions:
id-token: write
packages: write
runs-on: ubuntu-latest
environment: test

steps:
- name: Checkout
uses: actions/checkout@v4

# Uncomment when infra in AWS in TEST environment has been configured
# - name: Deploy to ${{ env.ENVIRONMENT }}
# uses: ./.github/workflows/actions/deploy-to-aws
# with:
# environment: ${{ env.ENVIRONMENT }}
# aws_account: ${{ vars.AWS_ACCOUNT }}
# region: ${{ vars.AWS_REGION }}
# app_name: ${{ vars.APP_NAME }}
# aws_role_arn: ${{ vars.AWS_ROLE_ARN }}
# ghcr_token: ${{ secrets.GITHUB_TOKEN }}
# github_image_repo: ${{ env.GITHUB_IMAGE_REPO }}
# image_name: ${{ env.IMAGE_NAME }}
# image_digest: ${{ needs.build.outputs.image_digest }}

deploy2prod:
name: Deploy to PROD
needs: [build, deploy2dev, deploy2test]
env:
ENVIRONMENT: prod
permissions:
id-token: write
packages: write
runs-on: ubuntu-latest
environment: prod

steps:
- name: Checkout
uses: actions/checkout@v4

# Uncomment when infra in AWS in PROD environment has been configured
# - name: Deploy to ${{ env.ENVIRONMENT }}
# uses: ./.github/workflows/actions/deploy-to-aws
# with:
# environment: ${{ env.ENVIRONMENT }}
# aws_account: ${{ vars.AWS_ACCOUNT }}
# region: ${{ vars.AWS_REGION }}
# app_name: ${{ vars.APP_NAME }}
# aws_role_arn: ${{ vars.AWS_ROLE_ARN }}
# ghcr_token: ${{ secrets.GITHUB_TOKEN }}
# github_image_repo: ${{ env.GITHUB_IMAGE_REPO }}
# image_name: ${{ env.IMAGE_NAME }}
# image_digest: ${{ needs.build.outputs.image_digest }}
1 change: 1 addition & 0 deletions docker/vue-on-nginx/Dockerfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,7 @@ COPY ./s2i/bin/fix-base-url /usr/libexec/s2i/fix-base-url
# Fix permissions.
USER root
RUN chmod 674 /usr/libexec/s2i/fix-base-url
RUN chmod -R 674 /tmp/app/dist/

# From nginx-runtime.
USER 104
Expand Down
12 changes: 12 additions & 0 deletions docker/web/Dockerfile
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
ARG node_version=10
ARG WEB_BASE_HREF=/
FROM centos/nodejs-${node_version}-centos7:${node_version}
ENV WEB_BASE_HREF=${WEB_BASE_HREF}
ENV WEB1_BASE_HREF=${WEB_BASE_HREF}
WORKDIR /opt/app-root/src
COPY ../../web .
RUN echo "$WEB1_BASE_HREF"
RUN echo "$WEB_BASE_HREF"
USER root
RUN npm install
RUN npm run build
1 change: 0 additions & 1 deletion web/package.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,6 @@
"version": "0.1.0",
"private": true,
"scripts": {
"preinstall": "npx npm-force-resolutions",
"serve": "cross-env WEB_BASE_HREF='/' vue-cli-service serve",
"build": "vue-cli-service build",
"clean": "",
Expand Down

0 comments on commit cc5e407

Please sign in to comment.