From da772e7153dabaf9a9edc10a9b387f095d923993 Mon Sep 17 00:00:00 2001 From: "Joakim L. Engeset" Date: Tue, 20 Feb 2024 10:27:54 +0100 Subject: [PATCH 1/3] fix(ci): add .ldp.json --- .ldp.json | 9 +++++++++ 1 file changed, 9 insertions(+) create mode 100644 .ldp.json diff --git a/.ldp.json b/.ldp.json new file mode 100644 index 00000000..c91e0e59 --- /dev/null +++ b/.ldp.json @@ -0,0 +1,9 @@ +{ + "version": "0.1", + "accountId": "001112238813", + "roleName": "github-actions-role", + "limitedRoleName": "github-actions-limited-role", + "artifactBucket": "incub-common-build-artifacts-001112238813-eu-west-1", + "devPipelines": ["cdkappref-core-dev"], + "prodPipelines": ["cdkappref-core-prod"] +} From 7f3b39d140b5960864eac5ff0f2a418e778df7c8 Mon Sep 17 00:00:00 2001 From: "Joakim L. Engeset" Date: Tue, 20 Feb 2024 11:24:16 +0100 Subject: [PATCH 2/3] fix(ci): remove jenkinsfile --- Jenkinsfile | 141 ---------------------------------------------------- 1 file changed, 141 deletions(-) delete mode 100644 Jenkinsfile diff --git a/Jenkinsfile b/Jenkinsfile deleted file mode 100644 index e55bb4b0..00000000 --- a/Jenkinsfile +++ /dev/null @@ -1,141 +0,0 @@ -#!/usr/bin/env groovy - -// See https://github.com/capralifecycle/jenkins-pipeline-library -@Library("cals") _ - -def pipelines = new no.capraconsulting.buildtools.lifligcdkpipelines.LifligCdkPipelines() -def webapp = new no.capraconsulting.buildtools.cdk.Webapp() -def utils = new no.capraconsulting.buildtools.Utils() - -// TODO: Replace with bucket name and role arn for your project -def artifactsBucketName = "incub-common-build-artifacts-001112238813-eu-west-1" -def artifactsRoleArn = "arn:aws:iam::001112238813:role/incub-common-build-artifacts-liflig-jenkins" - -buildConfig( - jobProperties: [ - parameters([ - booleanParam( - defaultValue: false, - description: "Skip branch check - force deploy to DEV", - name: "devOverrideBranchCheck" - ), - ]) - ], - // TODO: Replace with Slack-channel for your project - slack: [channel: "#cals-dev-info"], -) { - dockerNode { - checkout scm - - def img = docker.image("mcr.microsoft.com/playwright:v1.41.2-jammy") - img.pull() - - img.inside("-e AWS_CONTAINER_CREDENTIALS_RELATIVE_URI -e HOME"){ - stage("Install dependencies") { - sh "npm ci --legacy-peer-deps" - } - - stage("Lint") { - sh "npm run lint" - } - - stage("Generate build") { - sh "npm run build:ci" - stash name: 'build', includes: 'build/**' - } - - stage("Test:Unit"){ - sh "npm run test" - } - stage("Test:Component") { - try { - sh "npm run test:component:ci" - } catch(Exception e) { - archiveArtifacts artifacts: "test-results/**", fingerprint: true - } - } - stage("Test:E2E") { - try { - sh "npm run test:e2e:ci" - } catch(Exception e) { - archiveArtifacts artifacts: "test-results/**", fingerprint: true - } - } - - } - - insideToolImage("node:18-browsers", [insideArgs: "-e HOME"]){ - def s3Key - stage("Upload to S3") { - s3Key = uploadArtifactDirAsZip( - artifactDir: "build", - artifactsBucketName: artifactsBucketName, - artifactsRoleArn: artifactsRoleArn, - ) - } - - // CDK App - see https://github.com/capralifecycle/liflig-cdk-app-reference - - def deployDev = params.devOverrideBranchCheck || env.BRANCH_NAME == "master" - if (deployDev) { - stage("Trigger dev pipeline") { - pipelines.configureVariablesAndTrigger( - artifactsRoleArn: artifactsRoleArn, - artifactsBucketName: artifactsBucketName, - pipelineName: "cdkappref-core-dev", - variables: [ - "devWebappArtifactS3Key": s3Key, - ], - variablesNamespace: "webapp", - variablesVersion: "v2", - region: "eu-west-1", - ) - } - } - - def deployProd = env.BRANCH_NAME == "master" - if (deployProd) { - stage("Trigger prod pipeline") { - pipelines.configureVariablesAndTrigger( - artifactsRoleArn: artifactsRoleArn, - artifactsBucketName: artifactsBucketName, - pipelineName: "cdkappref-core-prod", - variables: [ - "prodWebappArtifactS3Key": s3Key, - ], - variablesNamespace: "webapp", - variablesVersion: "v2", - region: "eu-west-1", - ) - } - } - } - } -} - -// TODO: Consider moving this to pipeline lib. -def archiveWebpackStatsAndReports() { - archiveArtifacts artifacts: 'stats.json.gz,size-report*,bundle-analyze-report.html', fingerprint: true - - plot([ - csvFileName: 'plot-size-report-bytes.csv', - csvSeries: [[ - file: 'size-report-bytes.csv', - ]], - group: 'build-size-report', - keepRecords: true, - title: 'Size by file extension in dist', - yaxis: 'bytes', - ]) - - plot([ - csvFileName: 'plot-size-report-filecount.csv', - csvSeries: [[ - file: 'size-report-filecount.csv', - ]], - group: 'build-size-report', - keepRecords: true, - title: 'Number of files by file extension in dist', - yaxis: '#', - ]) -} From da52734ab9fee851644eb456e6574ea17001d1ae Mon Sep 17 00:00:00 2001 From: "Joakim L. Engeset" Date: Tue, 20 Feb 2024 11:24:28 +0100 Subject: [PATCH 3/3] fix(ci): add gha workflow remove comment --- .github/workflows/ci.yml | 110 +++++++++++++++++++++++++++++++++++++++ 1 file changed, 110 insertions(+) create mode 100644 .github/workflows/ci.yml diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml new file mode 100644 index 00000000..fdb37f8b --- /dev/null +++ b/.github/workflows/ci.yml @@ -0,0 +1,110 @@ +name: ci +on: + push: + branches: + - "**" + workflow_dispatch: + inputs: + deploy-to-dev: + description: "Whether to deploy to dev" + type: boolean + required: true + default: false + +defaults: + run: + # NOTE: A bit stricter than the default bash options used by GitHub Actions + # (bash --noprofile --norc -e -o pipefail {0}) + shell: bash --noprofile --norc -euo pipefail {0} + +# NOTE: Set concurrency for the current workflow to 1 +concurrency: ci-${{ github.ref }}-${{ github.workflow }} + +jobs: + build-and-deploy: + timeout-minutes: 60 + runs-on: ubuntu-22.04 + permissions: + actions: read + contents: read + id-token: write + steps: + - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + + - uses: capralifecycle/actions-lib/check-runtime-dependencies@7eaefbf567a011164b4085366190807b4ddce7bc # v1.2.0 + + - uses: capralifecycle/actions-lib/parse-config@7eaefbf567a011164b4085366190807b4ddce7bc # v1.2.0 + id: config + with: + config-file: ".ldp.json" + + - uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 # v4.0.2 + with: + node-version: 20.9.0 + + - name: install dependencies + run: npm ci + + - name: lint + run: npm run lint + + - name: install playwright browsers + run: npx playwright install --with-deps + + - name: build + run: npm run build:ci + + - name: test + run: npm run test + + # - name: test - component + # run: npm run test:component:ci + + # - name: test - e2e + # run: npm run test:e2e:ci + + - uses: capralifecycle/actions-lib/configure-aws-credentials@7eaefbf567a011164b4085366190807b4ddce7bc # v1.2.0 + id: aws + with: + aws-account-id: ${{ steps.config.outputs.accountId }} + # NOTE: We use different roles on default and non-default branches + aws-iam-role-name: ${{ github.ref == format('refs/heads/{0}', github.event.repository.default_branch) && steps.config.outputs.roleName || steps.config.outputs.limitedRoleName }} + + - uses: capralifecycle/actions-lib/upload-s3-artifact@7eaefbf567a011164b4085366190807b4ddce7bc # v1.2.0 + if: ${{ github.ref == 'refs/heads/master' || inputs.deploy-to-dev }} + id: upload-s3-artifact + env: + AWS_ACCESS_KEY_ID: ${{ steps.aws.outputs.aws-access-key-id }} + AWS_SECRET_ACCESS_KEY: ${{ steps.aws.outputs.aws-secret-access-key }} + AWS_SESSION_TOKEN: ${{ steps.aws.outputs.aws-session-token }} + with: + aws-s3-bucket-name: ${{ steps.config.outputs.artifactBucket }} + target-path: "build" + + - name: trigger development deployment pipelines + uses: capralifecycle/actions-lib/trigger-deployment-pipeline@7eaefbf567a011164b4085366190807b4ddce7bc # v1.2.0 + if: ${{ github.ref == format('refs/heads/{0}', github.event.repository.default_branch) || inputs.deploy-to-dev }} + env: + AWS_ACCESS_KEY_ID: ${{ steps.aws.outputs.aws-access-key-id }} + AWS_SECRET_ACCESS_KEY: ${{ steps.aws.outputs.aws-secret-access-key }} + AWS_SESSION_TOKEN: ${{ steps.aws.outputs.aws-session-token }} + with: + pipelines: ${{ steps.config.outputs.devPipelines }} + aws-s3-bucket-name: ${{ steps.config.outputs.artifactBucket }} + trigger-type: "artifact" + # NOTE: The key passed to artifact-parameters will be the name of + # the SSM parameter where the reference to the artifact is stored. + artifact-parameters: "devWebappArtifactS3Key=${{ steps.upload-s3-artifact.outputs.aws-s3-key }}" + + - name: trigger production deployment pipelines + uses: capralifecycle/actions-lib/trigger-deployment-pipeline@7eaefbf567a011164b4085366190807b4ddce7bc # v1.2.0 + if: ${{ github.ref == format('refs/heads/{0}', github.event.repository.default_branch) }} + env: + AWS_ACCESS_KEY_ID: ${{ steps.aws.outputs.aws-access-key-id }} + AWS_SECRET_ACCESS_KEY: ${{ steps.aws.outputs.aws-secret-access-key }} + AWS_SESSION_TOKEN: ${{ steps.aws.outputs.aws-session-token }} + with: + pipelines: ${{ steps.config.outputs.prodPipelines }} + aws-s3-bucket-name: ${{ steps.config.outputs.artifactBucket }} + trigger-type: "artifact" + artifact-parameters: "prodWebappArtifactS3Key=${{ steps.upload-s3-artifact.outputs.aws-s3-key }}"