Skip to content

Commit

Permalink
fix: Enforce emails artifact build before workers build / deploy is e…
Browse files Browse the repository at this point in the history
…xecuted to make sure emails/renderer/index.umd.js is present (#407)
  • Loading branch information
pziemkowski authored Sep 29, 2023
1 parent 417e2bc commit e5349be
Show file tree
Hide file tree
Showing 7 changed files with 35 additions and 32 deletions.
47 changes: 20 additions & 27 deletions packages/infra/infra-shared/src/stacks/ci/ciServerless.ts
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,7 @@ export class ServerlessCiConfig extends ServiceCiConfig {
super(scope, id, { envSettings: props.envSettings });

const buildArtifact = codepipeline.Artifact.artifact(
`${props.envSettings.projectEnvName}-workers`
`${props.envSettings.projectEnvName}-workers`,
);

const buildProject = this.createBuildProject(props);
Expand All @@ -35,8 +35,8 @@ export class ServerlessCiConfig extends ServiceCiConfig {
input: props.inputArtifact,
outputs: [buildArtifact],
},
props
)
props,
),
);

const deployProject = this.createDeployProject(props);
Expand All @@ -47,14 +47,14 @@ export class ServerlessCiConfig extends ServiceCiConfig {
input: buildArtifact,
runOrder: 2,
},
props
)
props,
),
);
}

private createBuildAction(
actionProps: Partial<codepipelineActions.CodeBuildActionProps>,
props: ServerlessCiConfigProps
props: ServerlessCiConfigProps,
) {
return new codepipelineActions.CodeBuildAction(<
codepipelineActions.CodeBuildActionProps
Expand All @@ -71,10 +71,7 @@ export class ServerlessCiConfig extends ServiceCiConfig {

const installCommands = this.getAssumeRoleCommands();
const preBuildCommands = [
...this.getWorkspaceSetupCommands(
PnpmWorkspaceFilters.WEBAPP_EMAILS,
PnpmWorkspaceFilters.WORKERS
),
...this.getWorkspaceSetupCommands(PnpmWorkspaceFilters.WORKERS),
this.getECRLoginCommand(),
];
const baseImage = `${GlobalECR.getECRPublicCacheUrl()}/${
Expand All @@ -93,11 +90,7 @@ export class ServerlessCiConfig extends ServiceCiConfig {
commands: preBuildCommands,
},
build: {
commands: [
`pnpm saas workers lint`,
'pnpm saas emails build',
`pnpm saas workers test`,
],
commands: [`pnpm saas workers lint`, `pnpm saas workers test`],
},
},
cache: {
Expand Down Expand Up @@ -133,19 +126,19 @@ export class ServerlessCiConfig extends ServiceCiConfig {
},
cache: codebuild.Cache.local(
codebuild.LocalCacheMode.CUSTOM,
codebuild.LocalCacheMode.DOCKER_LAYER
codebuild.LocalCacheMode.DOCKER_LAYER,
),
});

BootstrapStack.getIamPolicyStatementsForEnvParameters(
props.envSettings
props.envSettings,
).forEach((statement) => {
dockerAssumeRole.addToPolicy(statement);
project.addToRolePolicy(statement);
});

EnvMainStack.getIamPolicyStatementsForEnvParameters(
props.envSettings
props.envSettings,
).forEach((statement) => {
dockerAssumeRole.addToPolicy(statement);
project.addToRolePolicy(statement);
Expand All @@ -161,23 +154,23 @@ export class ServerlessCiConfig extends ServiceCiConfig {
effect: iam.Effect.ALLOW,
actions: ['secretsmanager:*'],
resources: ['*'],
})
}),
);

project.addToRolePolicy(
new iam.PolicyStatement({
effect: iam.Effect.ALLOW,
actions: ['sts:AssumeRole'],
resources: [dockerAssumeRole.roleArn],
})
}),
);

return project;
}

private createDeployAction(
actionProps: Partial<codepipelineActions.CodeBuildActionProps>,
props: ServerlessCiConfigProps
props: ServerlessCiConfigProps,
) {
return new codepipelineActions.CodeBuildAction(<
codepipelineActions.CodeBuildActionProps
Expand Down Expand Up @@ -246,14 +239,14 @@ export class ServerlessCiConfig extends ServiceCiConfig {
});

BootstrapStack.getIamPolicyStatementsForEnvParameters(
props.envSettings
props.envSettings,
).forEach((statement) => {
dockerAssumeRole.addToPolicy(statement);
project.addToRolePolicy(statement);
});

EnvMainStack.getIamPolicyStatementsForEnvParameters(
props.envSettings
props.envSettings,
).forEach((statement) => {
dockerAssumeRole.addToPolicy(statement);
project.addToRolePolicy(statement);
Expand All @@ -269,15 +262,15 @@ export class ServerlessCiConfig extends ServiceCiConfig {
effect: iam.Effect.ALLOW,
actions: ['secretsmanager:*'],
resources: ['*'],
})
}),
);

project.addToRolePolicy(
new iam.PolicyStatement({
effect: iam.Effect.ALLOW,
actions: ['sts:AssumeRole'],
resources: [dockerAssumeRole.roleArn],
})
}),
);

dockerAssumeRole.addToPolicy(
Expand All @@ -288,7 +281,7 @@ export class ServerlessCiConfig extends ServiceCiConfig {
`arn:aws:cloudformation:${stack.region}:${stack.account}:stack/CDKToolkit/*`,
`arn:aws:cloudformation:${stack.region}:${stack.account}:stack/${props.envSettings.projectEnvName}-workers/*`,
],
})
}),
);

dockerAssumeRole.addToPolicy(
Expand All @@ -310,7 +303,7 @@ export class ServerlessCiConfig extends ServiceCiConfig {
'states:*',
],
resources: ['*'],
})
}),
);

return project;
Expand Down
2 changes: 1 addition & 1 deletion packages/internal/cli/src/commands/emails/build.ts
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,7 @@ export default class EmailsBuild extends BaseCommand<typeof EmailsBuild> {
if (envStage !== ENV_STAGE_LOCAL) {
await assertChamberInstalled();
await loadChamberEnv(this, {
serviceName: `env-${projectEnvName}-webapp`,
serviceName: `env-${projectEnvName}-workers`,
});
}

Expand Down
2 changes: 1 addition & 1 deletion packages/internal/cli/src/commands/emails/secrets.ts
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@ export default class EmailsSecrets extends BaseCommand<typeof EmailsSecrets> {

async run(): Promise<void> {
this.error(
'Emails package do not have their own separate secrets service. Use `saas webapp secrets` instead.'
'Emails package do not have their own separate secrets service. Use `saas workers secrets` instead.'
);
}
}
2 changes: 1 addition & 1 deletion packages/internal/cli/src/commands/workers/deploy.ts
Original file line number Diff line number Diff line change
Expand Up @@ -28,7 +28,7 @@ export default class WorkersDeploy extends BaseCommand<typeof WorkersDeploy> {
);
await dockerHubLogin();

this.log(`Deploying backend:
this.log(`Deploying workers:
envStage: ${color.green(envStage)}
version: ${color.green(version)}
AWS account: ${color.green(awsAccountId)}
Expand Down
1 change: 1 addition & 0 deletions packages/workers/package.json
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,7 @@
"devDependencies": {
"@sb/core": "*",
"@sb/tools": "*",
"@sb/webapp-emails": "*",
"esbuild": "0.16.17",
"serverless": "^3.35.2",
"serverless-esbuild": "^1.48.0",
Expand Down
10 changes: 8 additions & 2 deletions packages/workers/project.json
Original file line number Diff line number Diff line change
Expand Up @@ -46,7 +46,10 @@
],
"parallel": false
},
"dependsOn": ["compose-build-image"]
"dependsOn": [
{ "projects": ["webapp-emails"], "target": "build" },
"compose-build-image"
]
},
"lint": {
"executor": "nx:run-commands",
Expand All @@ -70,7 +73,10 @@
"color": true,
"command": "docker-compose run --rm --entrypoint /bin/bash workers /app/packages/workers/scripts/runtime/run_build.sh"
},
"dependsOn": ["compose-build-image"]
"dependsOn": [
{ "projects": ["webapp-emails"], "target": "build" },
"compose-build-image"
]
}
},
"tags": ["service"]
Expand Down
3 changes: 3 additions & 0 deletions pnpm-lock.yaml

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

0 comments on commit e5349be

Please sign in to comment.