forked from novuhq/novu
-
Notifications
You must be signed in to change notification settings - Fork 0
172 lines (155 loc) · 5.83 KB
/
prod-deploy-api.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
name: Deploy PROD API
# Controls when the action will run. Triggers the workflow on push or pull request
# events but only for the master branch
on:
workflow_dispatch:
jobs:
test_api:
strategy:
# The order is important for ee to be first, otherwise outputs not work correctly
matrix:
name: [ 'novu/api-ee', 'novu/api' ]
uses: ./.github/workflows/reusable-api-e2e.yml
with:
ee: ${{ contains (matrix.name,'ee') }}
submodules: ${{ contains (matrix.name,'ee') }}
submodule_branch: "main"
secrets: inherit
test_e2e_ee:
name: Test E2E EE
runs-on: ubuntu-latest
timeout-minutes: 80
permissions:
contents: read
packages: write
deployments: write
id-token: write
steps:
- run: echo ${{ matrix.projectName }}
- uses: actions/checkout@v3
- uses: ./.github/actions/setup-project
- uses: ./.github/actions/setup-redis-cluster
- uses: mansagroup/nrwl-nx-action@v3
name: Lint and build
with:
targets: lint,build
projects: ${{matrix.projectName}}
- uses: ./.github/actions/start-localstack
- uses: ./.github/actions/run-worker
if: ${{matrix.projectName == '@novu/api' }}
with:
launch_darkly_sdk_key: ${{ secrets.LAUNCH_DARKLY_SDK_KEY }}
- uses: mansagroup/nrwl-nx-action@v3
name: Running the E2E tests
env:
LAUNCH_DARKLY_SDK_KEY: ${{ secrets.LAUNCH_DARKLY_SDK_KEY }}
GOOGLE_OAUTH_CLIENT_ID: ${{ secrets.GOOGLE_OAUTH_CLIENT_ID }}
GOOGLE_OAUTH_CLIENT_SECRET: ${{ secrets.GOOGLE_OAUTH_CLIENT_SECRET }}
CI_EE_TEST: true
with:
targets: test:e2e:ee
projects: ${{matrix.projectName}}
build_prod_image:
if: "!contains(github.event.head_commit.message, 'ci skip')"
# The type of runner that the job will run on
runs-on: ubuntu-latest
needs: test_api
timeout-minutes: 80
environment: Production
strategy:
matrix:
name: [ 'novu/api-ee', 'novu/api' ]
outputs:
docker_image: ${{ steps.build-image.outputs.IMAGE }}
permissions:
contents: read
packages: write
deployments: write
id-token: write
steps:
- uses: actions/checkout@v3
- uses: ./.github/actions/setup-project
- name: build api
run: pnpm build:api
- name: Setup Depot
uses: depot/setup-action@v1
with:
oidc: true
- name: Set Bull MQ Env variable for EE
if: contains(matrix.name, 'ee')
shell: bash
run: |
echo "BULL_MQ_PRO_NPM_TOKEN=${{ secrets.BULL_MQ_PRO_NPM_TOKEN }}" >> $GITHUB_ENV
- name: Build, tag, and push image to Amazon ECR
id: build-image
env:
REGISTRY_OWNER: novuhq
DOCKER_NAME: ${{matrix.name}}
IMAGE_TAG: ${{ github.sha }}
GH_ACTOR: ${{ github.actor }}
GH_PASSWORD: ${{ secrets.GH_PACKAGES }}
DEPOT_PROJECT_ID: 6sj0jfv0n7
run: |
echo $GH_PASSWORD | docker login ghcr.io -u $GH_ACTOR --password-stdin
cd apps/api && pnpm --silent --workspace-root pnpm-context -- apps/api/Dockerfile | depot build --build-arg BULL_MQ_PRO_TOKEN=${BULL_MQ_PRO_NPM_TOKEN} --build-arg PACKAGE_PATH=apps/api - -t novu-api --load
docker tag novu-api ghcr.io/$REGISTRY_OWNER/$DOCKER_NAME:latest
docker tag novu-api ghcr.io/$REGISTRY_OWNER/$DOCKER_NAME:prod
docker tag novu-api ghcr.io/$REGISTRY_OWNER/$DOCKER_NAME:$IMAGE_TAG
docker run --network=host --name api -dit --env NODE_ENV=test ghcr.io/$REGISTRY_OWNER/$DOCKER_NAME:$IMAGE_TAG
docker run --network=host appropriate/curl --retry 10 --retry-delay 5 --retry-connrefused http://localhost:1337/v1/health-check | grep 'ok'
docker push ghcr.io/$REGISTRY_OWNER/$DOCKER_NAME:prod
docker push ghcr.io/$REGISTRY_OWNER/$DOCKER_NAME:latest
docker push ghcr.io/$REGISTRY_OWNER/$DOCKER_NAME:$IMAGE_TAG
echo "IMAGE=ghcr.io/$REGISTRY_OWNER/$DOCKER_NAME:$IMAGE_TAG" >> $GITHUB_OUTPUT
deploy_prod_api_eu:
needs: build_prod_image
uses: ./.github/workflows/reusable-app-service-deploy.yml
secrets: inherit
with:
environment: Production
service_name: api
terraform_workspace: novu-prod-eu
# This is a workaround to an issue with matrix outputs
docker_image: ghcr.io/novuhq/novu/api-ee:${{ github.sha }}
deploy_prod_api_us:
needs:
- deploy_prod_api_eu
- build_prod_image
uses: ./.github/workflows/reusable-app-service-deploy.yml
secrets: inherit
with:
environment: Production
service_name: api
terraform_workspace: novu-prod
# This is a workaround to an issue with matrix outputs
docker_image: ghcr.io/novuhq/novu/api-ee:${{ github.sha }}
deploy_sentry_release: true
sentry_project: api
deploy_docs:
needs: deploy_prod_api_us
runs-on: ubuntu-latest
environment: Production
steps:
- name: Deploy API Documentation
uses: fjogeleit/http-request-action@v1
with:
url: ${{ secrets.API_DOCS_BUILD_WEBHOOK }}
method: 'POST'
newrelic:
runs-on: ubuntu-latest
name: New Relic Deploy
needs: deploy_prod_api_us
environment: Production
steps:
# This step builds a var with the release tag value to use later
- name: Set Release Version from Tag
run: echo "RELEASE_VERSION=${{ github.ref_name }}" >> $GITHUB_ENV
# This step creates a new Change Tracking Marker
- name: New Relic Application Deployment Marker
uses: newrelic/[email protected]
with:
region: EU
apiKey: ${{ secrets.NEW_RELIC_API_KEY }}
guid: "MzgxMjQwOHxBUE18QVBQTElDQVRJT058NDk3NzA2ODk2"
version: "${{ env.RELEASE_VERSION }}"
user: "${{ github.actor }}"