forked from novuhq/novu
-
Notifications
You must be signed in to change notification settings - Fork 0
181 lines (159 loc) · 6.54 KB
/
dev-deploy-inbound-mail.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
name: Deploy DEV Inbound Mail
# Controls when the action will run. Triggers the workflow on push or pull request
# events but only for the master branch
on:
workflow_dispatch:
push:
branches:
- next
- main
paths:
- 'package.json'
- 'pnpm-lock.yaml'
- 'apps/inbound-mail/**'
- 'libs/shared/**'
- 'libs/testing/**'
env:
TF_WORKSPACE: novu-dev
jobs:
test_inbound_mail:
strategy:
matrix:
name: ['novu/inbound-mail-ee', 'novu/inbound-mail']
uses: ./.github/workflows/reusable-inbound-mail-e2e.yml
with:
ee: ${{ contains (matrix.name,'-ee') }}
secrets: inherit
dev_deploy_inbound_mail:
# The type of runner that the job will run on
runs-on: ubuntu-latest
needs: test_inbound_mail
timeout-minutes: 80
environment: Development
permissions:
contents: read
packages: write
deployments: write
id-token: write
if: "!contains(github.event.head_commit.message, 'ci skip')"
strategy:
matrix:
name: ['novu/inbound-mail-ee']
steps:
- uses: actions/checkout@v3
- uses: ./.github/actions/setup-project
- uses: crazy-max/ghaction-setup-docker@v2
with:
version: v24.0.6
daemon-config: |
{
"features": {
"containerd-snapshotter": true
}
}
- name: Setup QEMU
uses: docker/setup-qemu-action@v3
with:
platforms: linux/amd64,linux/arm64
- name: Set Up Docker Buildx
uses: docker/setup-buildx-action@v3
with:
driver-opts: 'image=moby/buildkit:v0.13.1'
- name: Prepare
shell: bash
run: |
service=${{ matrix.name }}
echo "SERVICE_NAME=$(basename "${service//-/-}")" >> $GITHUB_ENV
- name: Set Bull MQ Env variable for EE
shell: bash
run: |
echo "BULL_MQ_PRO_NPM_TOKEN=${{ secrets.BULL_MQ_PRO_NPM_TOKEN }}" >> $GITHUB_ENV
if: ${{contains(matrix.name, 'ee')}}
- name: Build, tag, and push image to Amazon ECR
id: build-image
env:
REGISTRY_OWNER: novuhq
DOCKER_NAME: ${{ matrix.name }}
IMAGE_TAG: ${{ github.sha }}
GH_ACTOR: ${{ github.actor }}
GH_PASSWORD: ${{ secrets.GH_PACKAGES }}
DOCKER_BUILD_ARGUMENTS: >
--cache-from type=registry,ref=ghcr.io/novuhq/cache:build-cache-${{ env.SERVICE_NAME }}-dev
--cache-to type=registry,ref=ghcr.io/novuhq/cache:build-cache-${{ env.SERVICE_NAME }}-dev,mode=max
--platform=linux/amd64 --provenance=false
--output=type=image,name=ghcr.io/novuhq/${{ matrix.name }},push-by-digest=true,name-canonical=true
run: |
echo $GH_PASSWORD | docker login ghcr.io -u $GH_ACTOR --password-stdin
cd apps/inbound-mail && pnpm --silent --workspace-root pnpm-context -- apps/inbound-mail/Dockerfile | BULL_MQ_PRO_NPM_TOKEN=${BULL_MQ_PRO_NPM_TOKEN} docker buildx build --secret id=BULL_MQ_PRO_NPM_TOKEN --build-arg PACKAGE_PATH=apps/inbound-mail - -t novu-inbound-mail --load $DOCKER_BUILD_ARGUMENTS
docker tag novu-inbound-mail ghcr.io/$REGISTRY_OWNER/$DOCKER_NAME:dev
docker tag novu-inbound-mail ghcr.io/$REGISTRY_OWNER/$DOCKER_NAME:$IMAGE_TAG
docker run --network=host --name inbound-mail -dit --env NODE_ENV=test ghcr.io/$REGISTRY_OWNER/$DOCKER_NAME:$IMAGE_TAG
docker push ghcr.io/$REGISTRY_OWNER/$DOCKER_NAME:dev
docker push ghcr.io/$REGISTRY_OWNER/$DOCKER_NAME:$IMAGE_TAG
echo "IMAGE=ghcr.io/$REGISTRY_OWNER/$DOCKER_NAME:$IMAGE_TAG" >> $GITHUB_OUTPUT
- name: Checkout cloud infra
uses: actions/checkout@master
with:
repository: novuhq/cloud-infra
token: ${{ secrets.GH_PACKAGES }}
path: cloud-infra
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v1
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: eu-west-2
- name: Terraform setup
uses: hashicorp/setup-terraform@v1
with:
cli_config_credentials_token: ${{ secrets.TF_API_TOKEN }}
terraform_version: 1.5.5
terraform_wrapper: false
- name: Terraform Init
working-directory: cloud-infra/terraform/novu/aws
run: terraform init
- name: Terraform get output
working-directory: cloud-infra/terraform/novu/aws
id: terraform
run: |
echo "inbound_mail_ecs_container_name=$(terraform output -json inbound_mail_ecs_container_name | jq -r .)" >> $GITHUB_ENV
echo "inbound_mail_ecs_service=$(terraform output -json inbound_mail_ecs_service | jq -r .)" >> $GITHUB_ENV
echo "inbound_mail_ecs_cluster=$(terraform output -json inbound_mail_ecs_cluster | jq -r .)" >> $GITHUB_ENV
echo "inbound_mail_task_name=$(terraform output -json inbound_mail_task_name | jq -r .)" >> $GITHUB_ENV
- name: Download task definition
run: |
aws ecs describe-task-definition --task-definition ${{ env.inbound_mail_task_name }} \
--query taskDefinition > task-definition.json
- name: Render Amazon ECS task definition
id: render-web-container
uses: aws-actions/amazon-ecs-render-task-definition@v1
with:
task-definition: task-definition.json
container-name: ${{ env.inbound_mail_ecs_container_name }}
image: ${{ steps.build-image.outputs.IMAGE }}
- name: Deploy to Amazon ECS service
uses: aws-actions/amazon-ecs-deploy-task-definition@v1
with:
task-definition: ${{ steps.render-web-container.outputs.task-definition }}
service: ${{ env.inbound_mail_ecs_service }}
cluster: ${{ env.inbound_mail_ecs_cluster }}
wait-for-service-stability: true
- name: get-npm-version
id: package-version
uses: martinbeentjes/npm-get-version-action@main
with:
path: apps/inbound-mail
- name: Create Sentry release
uses: getsentry/action-release@v1
env:
SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }}
SENTRY_ORG: novu-r9
SENTRY_PROJECT: inbound-mail
with:
version: ${{ steps.package-version.outputs.current-version}}
environment: dev
version_prefix: v
sourcemaps: apps/inbound-mail/dist
ignore_empty: true
ignore_missing: true
url_prefix: "~"