deploy

Author: epompeii

.github/workflows/ci.yml

@@ -8,6 +8,10 @@ on:
   pull_request:
     branches: [main, cloud, devel]
 
+env:
+  GITHUB_REGISTRY: ghcr.io
+  DEV_CONTAINER_DOCKER_IMAGE: bencher-dev-container
+
 # Cancel in-progress runs for the same branch
 concurrency:
   group: ${{ github.workflow }}-${{ github.ref }}
@@ -96,11 +100,26 @@ jobs:
       build-docker: ${{ needs.changes.outputs.docker == 'true' || github.ref == 'refs/heads/devel' || github.ref == 'refs/heads/cloud' || startsWith(github.ref, 'refs/tags/') }}
       build-cli: ${{ needs.changes.outputs.cli == 'true' || startsWith(github.ref, 'refs/tags/') }}
 
+  deploy:
+    name: Deploy
+    needs: [lint, cli, test, build]
+    if: ${{ github.ref == 'refs/heads/devel' || github.ref == 'refs/heads/cloud' || (github.event_name == 'pull_request' && contains(github.event.pull_request.labels.*.name, 'deploy')) }}
+    uses: ./.github/workflows/deploy.yml
+    with:
+      deploy-dev: ${{ github.ref == 'refs/heads/devel' || (github.event_name == 'pull_request' && contains(github.event.pull_request.labels.*.name, 'deploy'))  }}
+      deploy-test: ${{ github.ref == 'refs/heads/devel'  ||  github.ref == 'refs/heads/cloud' }}
+      deploy-prod: ${{ github.ref == 'refs/heads/cloud' }}
+    secrets:
+      FLY_API_TOKEN: ${{ secrets.FLY_API_TOKEN }}
+      SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }}
+      NETLIFY_AUTH_TOKEN: ${{ secrets.NETLIFY_AUTH_TOKEN }}
+      NETLIFY_SITE_ID: ${{ secrets.NETLIFY_SITE_ID }}
+
   # Summary job for required status checks
   ci-success:
     name: CI Success
     runs-on: ubuntu-22.04
-    needs: [lint, cli, test, build]
+    needs: [lint, cli, test, build, deploy]
     if: always()
     steps:
       - name: Check all jobs passed
@@ -109,6 +128,10 @@ jobs:
             echo "Lint failed"
             exit 1
           fi
+          if [[ "${{ needs.cli.result }}" != "success" ]]; then
+            echo "CLI failed"
+            exit 1
+          fi
           if [[ "${{ needs.test.result }}" != "success" && "${{ needs.test.result }}" != "skipped" ]]; then
             echo "Test failed"
             exit 1
@@ -117,12 +140,31 @@ jobs:
             echo "Build failed"
             exit 1
           fi
+          if [[ "${{ needs.deploy.result }}" != "success" && "${{ needs.deploy.result }}" != "skipped" ]]; then
+            echo "Deploy failed"
+            exit 1
+          fi
           echo "All required jobs passed!"
 
-  # Trigger Deploy Devel for PRs with the deploy label
-  deploy_devel:
-    name: Deploy Devel
-    needs: [ci-success]
-    if: ${{ github.event_name == 'pull_request' && contains(github.event.pull_request.labels.*.name, 'deploy') }}
-    uses: ./.github/workflows/deploy-devel.yml
-    secrets: inherit
+  build_dev_container:
+    name: Build dev container
+    if: ${{ github.ref == 'refs/heads/devel' }}
+    runs-on: ubuntu-22.04
+    steps:
+      - uses: actions/checkout@v6
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v3
+      - name: Setup Docker buildx
+        uses: docker/setup-buildx-action@v3
+      - name: Log in to the Container registry
+        uses: docker/login-action@v3
+        with:
+          registry: ${{ env.GITHUB_REGISTRY }}
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+      - name: Pre-build dev container image
+        uses: devcontainers/ci@v0.3
+        with:
+          imageName: ${{ env.GITHUB_REGISTRY }}/${{ github.repository_owner }}/${{ env.DEV_CONTAINER_DOCKER_IMAGE }}
+          cacheFrom: ${{ env.GITHUB_REGISTRY }}/${{ github.repository_owner }}/${{ env.DEV_CONTAINER_DOCKER_IMAGE }}
+          push: always

.github/workflows/deploy-devel.yml .github/workflows/deploy.yml.github/workflows/deploy-devel.yml renamed to .github/workflows/deploy.yml

@@ -1,14 +1,31 @@
 name: Deploy Devel
 
 on:
-  workflow_run:
-    workflows: ["CI"]
-    branches: [devel]
-    types: [completed]
   workflow_call:
+    inputs:
+      deploy-dev:
+        type: boolean
+        default: false
+      deploy-test:
+        type: boolean
+        default: false
+      deploy-prod:
+        type: boolean
+        default: false
+    secrets:
+      FLY_API_TOKEN:
+        required: false
+      SENTRY_AUTH_TOKEN:
+        required: false
+      NETLIFY_AUTH_TOKEN:
+        required: false
+      NETLIFY_SITE_ID:
+        required: false
+      GITHUB_TOKEN:
+        required: false
 
 concurrency:
-  group: deploy-devel
+  group: deploy
   cancel-in-progress: true
 
 env:
@@ -17,14 +34,12 @@ env:
   FLY_REGISTRY: registry.fly.io
   WASM_BENCHER_VALID: bencher-valid-pkg
   NETLIFY_CLI_VERSION: "18.0.4"
-  GITHUB_REGISTRY: ghcr.io
-  DEV_CONTAINER_DOCKER_IMAGE: bencher-dev-container
 
 jobs:
   deploy_api_fly_dev:
     name: Deploy API to Fly.io Dev
     runs-on: ubuntu-22.04
-    if: ${{ github.event.workflow_run.conclusion == 'success' || github.event_name == 'workflow_call' }}
+    if: ${{ inputs.deploy-dev }}
     env:
       FLY_API_TOKEN: ${{ secrets.FLY_API_TOKEN }}
     steps:
@@ -52,10 +67,52 @@ jobs:
           RUST_BACKTRACE: full
         run: cargo test-api smoke dev
 
+  deploy_console_netlify_dev:
+    name: Deploy Console UI to Netlify Dev
+    if: ${{ inputs.deploy-dev }}
+    runs-on: ubuntu-22.04
+    needs: deploy_api_fly_dev
+    steps:
+      - uses: actions/checkout@v6
+      - name: Download `bencher_valid` Artifact
+        uses: actions/download-artifact@v4
+        with:
+          name: ${{ env.WASM_BENCHER_VALID }}
+          run-id: ${{ github.event.workflow_run.id }}
+          github-token: ${{ github.event.workflow_run.id && secrets.GITHUB_TOKEN || '' }}
+          path: ./lib/bencher_valid/pkg
+      - name: Build Console UI
+        working-directory: ./services/console
+        env:
+          SENTRY_UPLOAD: true
+          SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }}
+        run: npm run netlify
+      - name: Install Netlify CLI
+        run: npm install --save-dev netlify-cli@${{ env.NETLIFY_CLI_VERSION }}
+      - name: Deploy Console UI to Netlify Dev
+        env:
+          NETLIFY_SITE_ID: ${{ secrets.NETLIFY_SITE_ID }}
+          NETLIFY_AUTH_TOKEN: ${{ secrets.NETLIFY_AUTH_TOKEN }}
+          DEPLOY_MESSAGE: "Deploy from devel"
+        run: |
+          npx netlify-cli \
+          deploy \
+          --alias devel \
+          --message "$DEPLOY_MESSAGE" \
+          --json \
+          | tee netlify.json
+      - uses: rui314/setup-mold@v1
+        with:
+          mold-version: ${{ env.MOLD_VERSION }}
+      - name: Run Netlify Dev Test
+        env:
+          RUST_BACKTRACE: full
+        run: cargo test-netlify dev devel
+
   deploy_api_fly_test:
     name: Deploy API to Fly.io Test
+    if: ${{ inputs.deploy-test }}
     runs-on: ubuntu-22.04
-    if: ${{ github.event.workflow_run.conclusion == 'success' || github.event_name == 'workflow_call' }}
     env:
       FLY_API_TOKEN: ${{ secrets.FLY_API_TOKEN }}
     steps:
@@ -82,18 +139,57 @@ jobs:
           RUST_BACKTRACE: full
         run: cargo test-api smoke test
 
-  deploy_console_netlify_dev:
-    name: Deploy Console UI to Netlify Dev
+  deploy_api_fly_prod:
+    name: Deploy API to Fly.io Prod
+    if: ${{ inputs.deploy-prod }}
     runs-on: ubuntu-22.04
-    needs: deploy_api_fly_dev
+    needs: deploy_api_fly_test
+    env:
+      FLY_API_TOKEN: ${{ secrets.FLY_API_TOKEN }}
+    steps:
+      - uses: actions/checkout@v6
+        with:
+          fetch-depth: 0
+      - name: Download API Docker Artifact
+        uses: actions/download-artifact@v4
+        with:
+          name: ${{ env.API_DOCKER_IMAGE }}.tar.gz
+          run-id: ${{ github.event.workflow_run.id }}
+          github-token: ${{ secrets.GITHUB_TOKEN }}
+      - name: Load & Tag Litestream Image
+        run: |
+          docker load < ${{ env.API_DOCKER_IMAGE }}.tar.gz
+          docker tag ${{ env.API_DOCKER_IMAGE }} ${{ env.FLY_REGISTRY }}/bencher-api
+      - uses: superfly/flyctl-actions/setup-flyctl@master
+      - name: Deploy API to Fly.io Prod
+        working-directory: ./services/api
+        run: flyctl deploy --local-only --config fly/fly.toml --wait-timeout 300
+      - name: Rebase main on cloud
+        run: |
+          git config --global user.name "Bencher"
+          git config --global user.email "git@bencher.dev"
+          git fetch origin cloud
+          git checkout cloud
+          git pull
+          git fetch origin main
+          git checkout main
+          git pull
+          git rebase origin/cloud
+          git push
+
+  deploy_console_netlify_prod:
+    name: Deploy Console UI to Netlify Prod
+    if: ${{ inputs.deploy-prod }}
+    runs-on: ubuntu-22.04
+    needs: deploy_api_fly_prod
     steps:
       - uses: actions/checkout@v6
       - name: Download `bencher_valid` Artifact
         uses: actions/download-artifact@v4
         with:
           name: ${{ env.WASM_BENCHER_VALID }}
           run-id: ${{ github.event.workflow_run.id }}
-          github-token: ${{ github.event.workflow_run.id && secrets.GITHUB_TOKEN || '' }}
+          github-token: ${{ secrets.GITHUB_TOKEN }}
           path: ./lib/bencher_valid/pkg
       - name: Build Console UI
         working-directory: ./services/console
@@ -103,45 +199,22 @@ jobs:
         run: npm run netlify
       - name: Install Netlify CLI
         run: npm install --save-dev netlify-cli@${{ env.NETLIFY_CLI_VERSION }}
-      - name: Deploy Console UI to Netlify Dev
+      - name: Deploy Console UI to Netlify
         env:
           NETLIFY_SITE_ID: ${{ secrets.NETLIFY_SITE_ID }}
           NETLIFY_AUTH_TOKEN: ${{ secrets.NETLIFY_AUTH_TOKEN }}
-          DEPLOY_MESSAGE: "Deploy from devel"
+          DEPLOY_MESSAGE: "Deploy from cloud"
         run: |
           npx netlify-cli \
           deploy \
-          --alias devel \
+          --prod \
           --message "$DEPLOY_MESSAGE" \
           --json \
           | tee netlify.json
       - uses: rui314/setup-mold@v1
         with:
           mold-version: ${{ env.MOLD_VERSION }}
-      - name: Run Netlify Dev Test
+      - name: Run Netlify Test
         env:
           RUST_BACKTRACE: full
-        run: cargo test-netlify dev devel
-
-  build_dev_container:
-    name: Build dev container
-    runs-on: ubuntu-22.04
-    if: ${{ github.event.workflow_run.conclusion == 'success' }}
-    steps:
-      - uses: actions/checkout@v6
-      - name: Set up QEMU
-        uses: docker/setup-qemu-action@v3
-      - name: Setup Docker buildx
-        uses: docker/setup-buildx-action@v3
-      - name: Log in to the Container registry
-        uses: docker/login-action@v3
-        with:
-          registry: ${{ env.GITHUB_REGISTRY }}
-          username: ${{ github.actor }}
-          password: ${{ secrets.GITHUB_TOKEN }}
-      - name: Pre-build dev container image
-        uses: devcontainers/ci@v0.3
-        with:
-          imageName: ${{ env.GITHUB_REGISTRY }}/${{ github.repository_owner }}/${{ env.DEV_CONTAINER_DOCKER_IMAGE }}
-          cacheFrom: ${{ env.GITHUB_REGISTRY }}/${{ github.repository_owner }}/${{ env.DEV_CONTAINER_DOCKER_IMAGE }}
-          push: always
+        run: cargo test-netlify prod --user-agent "${{ secrets.LYCHEE_USER_AGENT }}" cloud