From 9392f2d28513c2df50e0acbc40e1e480eb590144 Mon Sep 17 00:00:00 2001 From: yolch-yolchyan Date: Fri, 23 Dec 2022 11:56:58 +0100 Subject: [PATCH 01/11] ONEUP-6218: composite for nodejs ECS projects --- README.md | 30 ++++++++++++------------------ 1 file changed, 12 insertions(+), 18 deletions(-) diff --git a/README.md b/README.md index f7ce93d..842e12c 100644 --- a/README.md +++ b/README.md @@ -1,18 +1,12 @@ -# 1up-github-actions -Composite GitHub Actions used as shared builds by 1up-team - -## Actions -> ℹ️ Each action is created on a separate branch, referenced using -> `@` sign - -> ⚠️ Composite action branches should be prefixed with `build-` in order to apply -> the branch protection rules - -### AWS ECS Gradle Build Steps -[spring-media/1up-github-actions@build-ecs-gradle](https://github.com/spring-media/1up-github-actions/tree/build-ecs-gradle) - -### Nodejs AWS SAM Build Steps -[spring-media/1up-github-actions@build-nodejs-lambda](https://github.com/spring-media/1up-github-actions/tree/build-nodejs-lambda) - -### AWS Terraform Deploy Steps -[spring-media/1up-github-actions@build-ecs-gradle](https://github.com/spring-media/1up-github-actions/tree/deploy-infrastructure) +spring-media/1up-github-actions@build-ecs-nodejs + +Composite GitHub Action used as a shared build by 1up-team for Nodejs projects deployed to AWS ECS +### Steps Summary +- setup +- docker build and push +- STG Deploy +- on master + - deploy Docker image + - AWS ECS release + - terraform changes are applied (if any) + - status report From f396041f6b8468aaf5c2189f8c5073c0f38d0ac1 Mon Sep 17 00:00:00 2001 From: Artur Yolchyan Date: Tue, 27 Dec 2022 13:49:20 +0100 Subject: [PATCH 02/11] ONEUP-6218: github composite nodejs ECS (#15) --- README.md | 3 +- action.yml | 154 +++++++++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 156 insertions(+), 1 deletion(-) create mode 100644 action.yml diff --git a/README.md b/README.md index 842e12c..62268f5 100644 --- a/README.md +++ b/README.md @@ -1,6 +1,7 @@ spring-media/1up-github-actions@build-ecs-nodejs -Composite GitHub Action used as a shared build by 1up-team for Nodejs projects deployed to AWS ECS +```Composite GitHub Action used as a shared build by 1up-team for Nodejs projects deployed to AWS ECS``` + ### Steps Summary - setup - docker build and push diff --git a/action.yml b/action.yml new file mode 100644 index 0000000..1047bfe --- /dev/null +++ b/action.yml @@ -0,0 +1,154 @@ +name: 'build-ecs-nodejs' +author: '1up-team' +description: 'Action to build and release Nodejs & ECS repositories' + +inputs: + pkg-token: + description: 'User token used to integrate with the spring-media GitHub packages for internal libs' + required: true + + docker-image-tag: + description: 'Docker image build tag used when pushing to the 1up AWS ECR' + required: false + default: 'b${{ github.run_number }}-${{ github.sha }}' + docker-registry: + description: 'Docker registry URL used when pushing to the 1up AWS ECR' + required: false + default: '933782373565.dkr.ecr.eu-west-1.amazonaws.com' + + github-token: + description: Github token, current token from secrets + required: true + + staging: + description: 'Release to staging environment' + required: false + default: 'false' + + up-slack-webhook-url: + description: 'Slack channel webhook URL used when reporting master build status' + required: true + + up-aws-access-key-id: + description: 'AWS access key id secret used to integrate with aws-cli or docker repository' + required: true + up-aws-secret-access-key: + description: 'AWS access secret key secret used to integrate with aws-cli or docker repository' + required: true + +runs: + using: composite + steps: + - uses: actions/checkout@v3 + + - name: Setup - Validate Inputs + shell: bash + run: | + [[ "${{ inputs.pkg-token }}" ]] || { echo "input 'pkg-token' cannot be blank"; exit 1; } + [[ "${{ inputs.github-token }}" ]] || { echo "input 'github-token' cannot be blank"; exit 1; } + + - name: Setup service name + run: | + SERVICE_NAME=${GITHUB_REPOSITORY##*/1up-} + echo "Service name: $SERVICE_NAME" + echo "SERVICE_NAME=$SERVICE_NAME" >> $GITHUB_ENV + shell: bash + + - name: ︎Setup - AWS Credentials + uses: aws-actions/configure-aws-credentials@v1-node16 + with: + aws-access-key-id: ${{ inputs.up-aws-access-key-id }} + aws-secret-access-key: ${{ inputs.up-aws-secret-access-key }} + aws-region: eu-west-1 + - name: ECR setup + uses: aws-actions/amazon-ecr-login@v1 + - name: Build - Docker + run: | + DOCKER_IMAGE="${{ inputs.docker-registry }}/${{ env.SERVICE_NAME }}:${{ inputs.docker-image-tag }}" + docker build -t $DOCKER_IMAGE . + echo "DOCKER_IMAGE=$DOCKER_IMAGE" >> $GITHUB_ENV + shell: bash + - name: Release - push Docker image [on master] + run: docker push ${{ env.DOCKER_IMAGE }} + shell: bash + + - uses: dorny/paths-filter@v2 + id: infrastructure-changes + with: + filters: | + terraform: + - 'terraform/**' + + - name: deploy infrastructure + if: steps.infrastructure-changes.outputs.terraform == 'true' + uses: spring-media/1up-github-actions@deploy-infrastructure + with: + service-name: ${{ env.SERVICE_NAME }} + pkg-token: ${{ inputs.pkg-token }} + docker-image-tag: ${{ inputs.docker-image-tag }} + github-token: ${{ inputs.github-token }} + staging: ${{ inputs.staging }} + + - name: Release - on staging + if: ${{ inputs.staging == 'true' && steps.infrastructure-changes.outputs.terraform == 'false' }} + uses: silinternational/ecs-deploy@master + with: + aws_access_key_cmd: --aws-access-key + aws_access_key: ${{ inputs.up-aws-access-key-id }} + aws_secret_key_cmd: --aws-secret-key + aws_secret_key: ${{ inputs.up-aws-secret-access-key }} + cluster_cmd: --cluster + cluster: up-cluster-staging + image_cmd: --image + image: ${{ env.DOCKER_IMAGE }} + region_cmd: --region + region: eu-west-1 + service_name_cmd: --service-name + service_name: ${{ env.SERVICE_NAME }} + timeout_cmd: --timeout + timeout: 600 + + - name: Release - [on master] + if: github.ref == 'refs/heads/master' && steps.infrastructure-changes.outputs.terraform == 'false' + uses: silinternational/ecs-deploy@master + with: + aws_access_key_cmd: '--aws-access-key' + aws_access_key: ${{ inputs.up-aws-access-key-id }} + aws_secret_key_cmd: '--aws-secret-key' + aws_secret_key: ${{ inputs.up-aws-secret-access-key }} + cluster_cmd: '--cluster' + cluster: 'up-cluster-production' + image_cmd: '--image' + image: ${{ env.DOCKER_IMAGE }} + region_cmd: '--region' + region: 'eu-west-1' + service_name_cmd: '--service-name' + service_name: ${{ env.SERVICE_NAME }} + timeout_cmd: '--timeout' + timeout: '600' + + - name: Report - setup [on master] + if: always() && github.ref == 'refs/heads/master' + run: | + GIT_COMMIT_MSG=$(git log -1 --pretty=format:'%s') + GIT_COMMIT_MSG_NO_SUFFIX="${GIT_COMMIT_MSG#*\(#}" + GIT_PR="${GIT_COMMIT_MSG_NO_SUFFIX%\)*}" + GIT_REPO_URL="https://github.com/${{ github.repository }}" + GIT_PR_URL="$GIT_REPO_URL/pull/$GIT_PR" + GIT_REPO_NAME="${{ github.repository }}" + echo "GIT_ACTIONS_URL=<$GIT_REPO_URL/actions/runs/${{ github.run_id }}|${GIT_REPO_NAME#*/}>" >> $GITHUB_ENV + [[ "$GIT_PR" =~ ^[0-9]+$ ]] && GIT_PR_MSG="<$GIT_PR_URL|$GIT_COMMIT_MSG>" || GIT_PR_MSG="$GIT_COMMIT_MSG" + echo "GIT_PR_MSG=$GIT_PR_MSG" >> $GITHUB_ENV + shell: bash + - name: Report - success [on master] + uses: Ilshidur/action-slack@2.1.0 + if: success() && github.ref == 'refs/heads/master' + env: + SLACK_WEBHOOK: ${{ inputs.up-slack-webhook-url }} + SLACK_CUSTOM_PAYLOAD: '{"channel": "1up-releases", "attachments":[{"color": "#2eb886", "blocks":[{"type":"section","text":{"type":"mrkdwn","text": "{{ GIT_ACTIONS_URL }} released\n{{ GIT_PR_MSG }}"}}]}]}' + - name: Report - failure [on master] + uses: Ilshidur/action-slack@2.1.0 + if: failure() && github.ref == 'refs/heads/master' + env: + SLACK_WEBHOOK: ${{ inputs.up-slack-webhook-url }} + SLACK_CUSTOM_PAYLOAD: '{"channel": "1up-releases", "attachments":[{"color": "#ed2f00", "blocks":[{"type":"section","text":{"type":"mrkdwn","text": ":boom: {{ GIT_ACTIONS_URL }} failed!\n{{ GIT_PR_MSG }}"}}]}]}' From 0d40b9510770c3532ddfad3ea2edcda7532869c2 Mon Sep 17 00:00:00 2001 From: Stefan Wilke <45512151+querwurzel@users.noreply.github.com> Date: Fri, 13 Jan 2023 14:23:09 +0100 Subject: [PATCH 03/11] ONEUP-6261: update slack github action (#17) --- action.yml | 56 ++++++++++++++++++++++++++++++++++++++++++++++-------- 1 file changed, 48 insertions(+), 8 deletions(-) diff --git a/action.yml b/action.yml index 1047bfe..e4789ac 100644 --- a/action.yml +++ b/action.yml @@ -127,8 +127,9 @@ runs: timeout_cmd: '--timeout' timeout: '600' - - name: Report - setup [on master] + - name: Report - Setup [on master] if: always() && github.ref == 'refs/heads/master' + shell: bash run: | GIT_COMMIT_MSG=$(git log -1 --pretty=format:'%s') GIT_COMMIT_MSG_NO_SUFFIX="${GIT_COMMIT_MSG#*\(#}" @@ -139,16 +140,55 @@ runs: echo "GIT_ACTIONS_URL=<$GIT_REPO_URL/actions/runs/${{ github.run_id }}|${GIT_REPO_NAME#*/}>" >> $GITHUB_ENV [[ "$GIT_PR" =~ ^[0-9]+$ ]] && GIT_PR_MSG="<$GIT_PR_URL|$GIT_COMMIT_MSG>" || GIT_PR_MSG="$GIT_COMMIT_MSG" echo "GIT_PR_MSG=$GIT_PR_MSG" >> $GITHUB_ENV - shell: bash + - name: Report - success [on master] - uses: Ilshidur/action-slack@2.1.0 if: success() && github.ref == 'refs/heads/master' + uses: slackapi/slack-github-action@v1 env: - SLACK_WEBHOOK: ${{ inputs.up-slack-webhook-url }} - SLACK_CUSTOM_PAYLOAD: '{"channel": "1up-releases", "attachments":[{"color": "#2eb886", "blocks":[{"type":"section","text":{"type":"mrkdwn","text": "{{ GIT_ACTIONS_URL }} released\n{{ GIT_PR_MSG }}"}}]}]}' + SLACK_WEBHOOK_TYPE: INCOMING_WEBHOOK + SLACK_WEBHOOK_URL: ${{ inputs.up-slack-webhook-url }} + with: + channel-id: "1up-releases" + payload: | + { + "attachments": [ + { + "color": "#2eb886", + "blocks": [ + { + "type": "section", + "text": { + "type": "mrkdwn", + "text": "${{ env.GIT_ACTIONS_URL }} deployed successfully!\n${{ env.GIT_PR_MSG }}" + } + } + ] + } + ] + } + - name: Report - failure [on master] - uses: Ilshidur/action-slack@2.1.0 if: failure() && github.ref == 'refs/heads/master' + uses: slackapi/slack-github-action@v1 env: - SLACK_WEBHOOK: ${{ inputs.up-slack-webhook-url }} - SLACK_CUSTOM_PAYLOAD: '{"channel": "1up-releases", "attachments":[{"color": "#ed2f00", "blocks":[{"type":"section","text":{"type":"mrkdwn","text": ":boom: {{ GIT_ACTIONS_URL }} failed!\n{{ GIT_PR_MSG }}"}}]}]}' + SLACK_WEBHOOK_TYPE: INCOMING_WEBHOOK + SLACK_WEBHOOK_URL: ${{ inputs.up-slack-webhook-url }} + with: + channel-id: "1up-releases" + payload: | + { + "attachments": [ + { + "color": "#ed2f00", + "blocks": [ + { + "type": "section", + "text": { + "type": "mrkdwn", + "text": ":boom: ${{ env.GIT_ACTIONS_URL }} failed!\n${{ env.GIT_PR_MSG }}" + } + } + ] + } + ] + } From 367f9eb6cb81235085e6636aeca940b71317ad0b Mon Sep 17 00:00:00 2001 From: Stefan Wilke Date: Wed, 1 Feb 2023 10:35:41 +0100 Subject: [PATCH 04/11] formatting --- action.yml | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/action.yml b/action.yml index e4789ac..a10dca1 100644 --- a/action.yml +++ b/action.yml @@ -60,17 +60,21 @@ runs: aws-access-key-id: ${{ inputs.up-aws-access-key-id }} aws-secret-access-key: ${{ inputs.up-aws-secret-access-key }} aws-region: eu-west-1 + - name: ECR setup uses: aws-actions/amazon-ecr-login@v1 - - name: Build - Docker + + - name: Docker - build image + shell: bash run: | DOCKER_IMAGE="${{ inputs.docker-registry }}/${{ env.SERVICE_NAME }}:${{ inputs.docker-image-tag }}" docker build -t $DOCKER_IMAGE . echo "DOCKER_IMAGE=$DOCKER_IMAGE" >> $GITHUB_ENV + + - name: Docker - push image shell: bash - - name: Release - push Docker image [on master] - run: docker push ${{ env.DOCKER_IMAGE }} - shell: bash + run: | + docker push ${{ env.DOCKER_IMAGE }} - uses: dorny/paths-filter@v2 id: infrastructure-changes From e027b4525447be6dd8588b9c91882da364ed0f0f Mon Sep 17 00:00:00 2001 From: Stefan Wilke <45512151+querwurzel@users.noreply.github.com> Date: Mon, 6 Feb 2023 23:04:22 +0100 Subject: [PATCH 05/11] Update action.yml --- action.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/action.yml b/action.yml index a10dca1..ab069ed 100644 --- a/action.yml +++ b/action.yml @@ -90,7 +90,6 @@ runs: service-name: ${{ env.SERVICE_NAME }} pkg-token: ${{ inputs.pkg-token }} docker-image-tag: ${{ inputs.docker-image-tag }} - github-token: ${{ inputs.github-token }} staging: ${{ inputs.staging }} - name: Release - on staging From 1b0c4d7927edd18b03a28d34bd497d5383e99bb1 Mon Sep 17 00:00:00 2001 From: Stefan Wilke Date: Mon, 6 Feb 2023 23:06:49 +0100 Subject: [PATCH 06/11] rm redundant github-token --- action.yml | 5 ----- 1 file changed, 5 deletions(-) diff --git a/action.yml b/action.yml index ab069ed..93b4337 100644 --- a/action.yml +++ b/action.yml @@ -16,10 +16,6 @@ inputs: required: false default: '933782373565.dkr.ecr.eu-west-1.amazonaws.com' - github-token: - description: Github token, current token from secrets - required: true - staging: description: 'Release to staging environment' required: false @@ -45,7 +41,6 @@ runs: shell: bash run: | [[ "${{ inputs.pkg-token }}" ]] || { echo "input 'pkg-token' cannot be blank"; exit 1; } - [[ "${{ inputs.github-token }}" ]] || { echo "input 'github-token' cannot be blank"; exit 1; } - name: Setup service name run: | From 1580a27f57255cdc3ca33c465b176385d8833e58 Mon Sep 17 00:00:00 2001 From: Stefan Wilke <45512151+querwurzel@users.noreply.github.com> Date: Thu, 1 Jun 2023 15:29:03 +0200 Subject: [PATCH 07/11] Oneup 6419 integrate to nodejs pipeline (#23) --- action.yml | 68 ++++-------------------------------------------------- 1 file changed, 4 insertions(+), 64 deletions(-) diff --git a/action.yml b/action.yml index 93b4337..42f72c6 100644 --- a/action.yml +++ b/action.yml @@ -125,68 +125,8 @@ runs: timeout_cmd: '--timeout' timeout: '600' - - name: Report - Setup [on master] - if: always() && github.ref == 'refs/heads/master' - shell: bash - run: | - GIT_COMMIT_MSG=$(git log -1 --pretty=format:'%s') - GIT_COMMIT_MSG_NO_SUFFIX="${GIT_COMMIT_MSG#*\(#}" - GIT_PR="${GIT_COMMIT_MSG_NO_SUFFIX%\)*}" - GIT_REPO_URL="https://github.com/${{ github.repository }}" - GIT_PR_URL="$GIT_REPO_URL/pull/$GIT_PR" - GIT_REPO_NAME="${{ github.repository }}" - echo "GIT_ACTIONS_URL=<$GIT_REPO_URL/actions/runs/${{ github.run_id }}|${GIT_REPO_NAME#*/}>" >> $GITHUB_ENV - [[ "$GIT_PR" =~ ^[0-9]+$ ]] && GIT_PR_MSG="<$GIT_PR_URL|$GIT_COMMIT_MSG>" || GIT_PR_MSG="$GIT_COMMIT_MSG" - echo "GIT_PR_MSG=$GIT_PR_MSG" >> $GITHUB_ENV - - - name: Report - success [on master] - if: success() && github.ref == 'refs/heads/master' - uses: slackapi/slack-github-action@v1 - env: - SLACK_WEBHOOK_TYPE: INCOMING_WEBHOOK - SLACK_WEBHOOK_URL: ${{ inputs.up-slack-webhook-url }} - with: - channel-id: "1up-releases" - payload: | - { - "attachments": [ - { - "color": "#2eb886", - "blocks": [ - { - "type": "section", - "text": { - "type": "mrkdwn", - "text": "${{ env.GIT_ACTIONS_URL }} deployed successfully!\n${{ env.GIT_PR_MSG }}" - } - } - ] - } - ] - } - - - name: Report - failure [on master] - if: failure() && github.ref == 'refs/heads/master' - uses: slackapi/slack-github-action@v1 - env: - SLACK_WEBHOOK_TYPE: INCOMING_WEBHOOK - SLACK_WEBHOOK_URL: ${{ inputs.up-slack-webhook-url }} + - name: Report - [on master] + if: always() + uses: spring-media/1up-github-actions@send-notifications with: - channel-id: "1up-releases" - payload: | - { - "attachments": [ - { - "color": "#ed2f00", - "blocks": [ - { - "type": "section", - "text": { - "type": "mrkdwn", - "text": ":boom: ${{ env.GIT_ACTIONS_URL }} failed!\n${{ env.GIT_PR_MSG }}" - } - } - ] - } - ] - } + slack-webhook-url: ${{ inputs.up-slack-webhook-url }} From 5b9562b47de99f8f5309dc2aec0ce221c2e19bb0 Mon Sep 17 00:00:00 2001 From: Stefan Wilke <45512151+querwurzel@users.noreply.github.com> Date: Wed, 2 Aug 2023 09:18:53 +0200 Subject: [PATCH 08/11] Update github actions --- action.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/action.yml b/action.yml index 42f72c6..c28c7e0 100644 --- a/action.yml +++ b/action.yml @@ -50,7 +50,7 @@ runs: shell: bash - name: ︎Setup - AWS Credentials - uses: aws-actions/configure-aws-credentials@v1-node16 + uses: aws-actions/configure-aws-credentials@v2 with: aws-access-key-id: ${{ inputs.up-aws-access-key-id }} aws-secret-access-key: ${{ inputs.up-aws-secret-access-key }} From d03d57f0b82958bfca1c3c569734d78ff4ecb5d6 Mon Sep 17 00:00:00 2001 From: Stefan Wilke <45512151+querwurzel@users.noreply.github.com> Date: Tue, 22 Aug 2023 13:45:48 +0000 Subject: [PATCH 09/11] ONEUP-6759 app and terraform dirs param (#25) Preparation for oembed/oembetter marriage .. (and maybe bff)? --- action.yml | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/action.yml b/action.yml index c28c7e0..0a335b9 100644 --- a/action.yml +++ b/action.yml @@ -32,6 +32,15 @@ inputs: description: 'AWS access secret key secret used to integrate with aws-cli or docker repository' required: true + app-path: + description: 'Path to the deployable app directory' + required: false + default: '.' + terraform-module-path: + description: 'Path to the corresponding app terraform directory' + required: false + default: 'terraform' + runs: using: composite steps: @@ -61,6 +70,7 @@ runs: - name: Docker - build image shell: bash + working-directory: ${{ inputs.app-path }} run: | DOCKER_IMAGE="${{ inputs.docker-registry }}/${{ env.SERVICE_NAME }}:${{ inputs.docker-image-tag }}" docker build -t $DOCKER_IMAGE . @@ -86,6 +96,7 @@ runs: pkg-token: ${{ inputs.pkg-token }} docker-image-tag: ${{ inputs.docker-image-tag }} staging: ${{ inputs.staging }} + module-path: ${{ inputs.terraform-module-path }} - name: Release - on staging if: ${{ inputs.staging == 'true' && steps.infrastructure-changes.outputs.terraform == 'false' }} From 0754cf01bf6bd41d9a12d0145a773d96cb408df1 Mon Sep 17 00:00:00 2001 From: Artur Yolchyan Date: Tue, 10 Oct 2023 16:48:39 +0200 Subject: [PATCH 10/11] ONEUP-7674: fix nodejs status repor (#28) --- action.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/action.yml b/action.yml index 0a335b9..ef4722f 100644 --- a/action.yml +++ b/action.yml @@ -141,3 +141,4 @@ runs: uses: spring-media/1up-github-actions@send-notifications with: slack-webhook-url: ${{ inputs.up-slack-webhook-url }} + parent-job-status: ${{ job.status }} From 77b5120ab19a614eccb2377aba3a2db6d81bf637 Mon Sep 17 00:00:00 2001 From: yolch-yolchyan Date: Thu, 12 Oct 2023 12:05:05 +0200 Subject: [PATCH 11/11] test --- action.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/action.yml b/action.yml index ef4722f..1a1b079 100644 --- a/action.yml +++ b/action.yml @@ -138,7 +138,7 @@ runs: - name: Report - [on master] if: always() - uses: spring-media/1up-github-actions@send-notifications + uses: spring-media/1up-github-actions@send-notifications-test with: slack-webhook-url: ${{ inputs.up-slack-webhook-url }} parent-job-status: ${{ job.status }}