CI Pipeline #34
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: CI Pipeline | |
on: | |
push: | |
branches: | |
- main | |
workflow_dispatch: | |
jobs: | |
build: | |
name: Build | |
runs-on: ubuntu-latest | |
outputs: | |
version: ${{ steps.set_version.outputs.version }} | |
steps: | |
- name: Checkout repo | |
uses: actions/checkout@v4 | |
- name: Setup Node | |
uses: actions/setup-node@v4 | |
with: | |
node-version: '20.x' | |
- name: set version | |
id: set_version | |
run: | | |
version=$(date +'%Y%m%d.%H%M%S') | |
echo "version=$version" >> "$GITHUB_OUTPUT" | |
printf '{"version": "%s" }' "$version" > public/version.json | |
- name: Build | |
run: | | |
npm ci && npm run build | |
- name: Update dist artifact | |
uses: actions/upload-artifact@v4 | |
with: | |
name: package | |
path: dist/ | |
- name: Run tests | |
run: | | |
npx playwright install --with-deps chromium | |
npm run test:coverage | |
- name: Update coverage | |
run: | | |
coverage_pct=$(grep -o '"pct":[0-9.]*' coverage/coverage-summary.json | head -n 1 | cut -d ':' -f 2) | |
color=$(echo "$coverage_pct < 80" | bc -l | awk '{if ($1) print "yellow"; else print "green"}') | |
curl https://img.shields.io/badge/Coverage-$coverage_pct%25-$color -o coverageBadge.svg | |
git config user.name github-actions | |
git config user.email github-actions@github.com | |
git add . | |
git commit -m "generated" | |
git push | |
deploy: | |
needs: build | |
permissions: | |
id-token: write | |
runs-on: ubuntu-latest | |
environment: | |
name: staging | |
url: https://stage-pizza.trakkup.com | |
env: | |
version: ${{needs.build.outputs.version}} | |
steps: | |
- name: Create OIDC token to AWS | |
uses: aws-actions/configure-aws-credentials@v4 | |
with: | |
audience: sts.amazonaws.com | |
aws-region: us-east-1 | |
role-to-assume: arn:aws:iam::${{ secrets.AWS_ACCOUNT }}:role/${{ secrets.CI_IAM_ROLE }} | |
- name: Download build artifact | |
uses: actions/download-artifact@v4 | |
with: | |
name: package | |
path: dist/ | |
- name: Push to AWS S3 | |
run: | | |
echo Deploying $version | |
aws s3 cp dist s3://${{ secrets.APP_BUCKET }}/$version --recursive | |
- name: Update staging version | |
run: | | |
# Get the current distribution and update it to use the new version | |
aws cloudfront get-distribution-config --id ${{ secrets.DISTRIBUTION_ID }} > original.json | |
etag=$(jq -r '.ETag' original.json) | |
jq '.DistributionConfig' original.json > request.json | |
jq --arg version "/$version" '.Origins.Items[0].OriginPath = $version' request.json > finalRequest.json | |
aws cloudfront update-distribution --id ${{ secrets.DISTRIBUTION_ID }} --if-match $etag --distribution-config file://finalRequest.json | |
# Wait for the distribution to deploy and then invalidate the cache | |
while [ "$(aws cloudfront get-distribution --id ${{ secrets.DISTRIBUTION_ID }} --query 'Distribution.Status' --output text)" != "Deployed" ]; do echo "Distribution is still updating..."; sleep 5; done | |
aws cloudfront create-invalidation --distribution-id ${{ secrets.DISTRIBUTION_ID }} --paths "/*" | |
release: | |
needs: | |
- build | |
- deploy | |
runs-on: ubuntu-latest | |
steps: | |
- name: Create Release | |
uses: ncipollo/release-action@v1 | |
env: | |
version: ${{needs.build.outputs.version}} | |
with: | |
tag: version-${{ env.version }} | |
name: Version ${{ env.version }} | |
body: | | |
## 🚀 Changes | |
${{ github.event.head_commit.message }} | |
**commit**: ${{ github.sha }} |