diff --git a/.github/workflows/build-docker-image.yml b/.github/workflows/build-docker-image.yml new file mode 100644 index 0000000..e3ab316 --- /dev/null +++ b/.github/workflows/build-docker-image.yml @@ -0,0 +1,58 @@ +name: Build docker image +run-name: "Build image for ${{ github.ref_name }} triggered by ${{ github.actor }} for ${{ inputs.environment }}; version: ${{ inputs.version || 'N/A'}}" + +on: + workflow_call: + inputs: + version: + required: false + type: string + +env: + ECR_REPOSITORY: "filplus-backend" + +jobs: + build_and_push: + runs-on: ubuntu-latest + environment: production-fidl + + steps: + - name: Checkout code + uses: actions/checkout@v4 + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + + - name: Configure AWS credentials + uses: aws-actions/configure-aws-credentials@v4 + with: + aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} + aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + aws-region: us-east-1 + + - name: Login to Amazon ECR + uses: aws-actions/amazon-ecr-login@v2 + with: + mask-password: "true" + registry-type: public + + - name: Docker meta + id: meta + uses: docker/metadata-action@v5 + with: + flavor: latest=false + images: public.ecr.aws/f4h6r4m9/${{ env.ECR_REPOSITORY }} + tags: | + type=semver,pattern={{version}},value=${{ inputs.version }},enable=${{inputs.version != ''}} + type=ref,event=branch,pattern={{branch}} + type=ref,event=pr,pattern={{branch}} + + - name: Build tag and push Docker image + uses: docker/build-push-action@v6 + with: + context: . + push: true + tags: ${{ steps.meta.outputs.tags }} + cache-from: type=gha + cache-to: type=gha,mode=max + github-token: ${{ secrets.GITHUB_TOKEN }} \ No newline at end of file diff --git a/.github/workflows/code-check.yml b/.github/workflows/code-check.yml new file mode 100644 index 0000000..50e9a09 --- /dev/null +++ b/.github/workflows/code-check.yml @@ -0,0 +1,74 @@ +name: Check linter, formatting, tests + +on: + workflow_call: + +jobs: + format_and_lint: + runs-on: ubuntu-latest + + steps: + - name: Checkout code + uses: actions/checkout@v4 + + - name: Cache Cargo registry + uses: actions/cache@v4 + with: + path: | + ~/.cargo/registry + ~/.cargo/git + key: ${{ runner.os }}-cargo-registry-${{ hashFiles('**/Cargo.lock') }} + restore-keys: | + ${{ runner.os }}-cargo-registry- + + - name: Cache Cargo build + uses: actions/cache@v4 + with: + path: target + key: ${{ runner.os }}-cargo-build-${{ hashFiles('**/Cargo.lock') }} + restore-keys: | + ${{ runner.os }}-cargo-build- + + - name: Install Rust + uses: actions-rust-lang/setup-rust-toolchain@v1 + with: + components: rustfmt, clippy + + - name: Rustfmt Check + uses: actions-rust-lang/rustfmt@v1 + + - name: Run Clippy + run: cargo clippy + + tests: + runs-on: ubuntu-latest + needs: format_and_lint + environment: staging-fidl + + steps: + - name: Checkout code + uses: actions/checkout@v4 + + - name: Cache Cargo registry + uses: actions/cache@v4 + with: + path: | + ~/.cargo/registry + ~/.cargo/git + key: ${{ runner.os }}-cargo-registry-${{ hashFiles('**/Cargo.lock') }} + restore-keys: | + ${{ runner.os }}-cargo-registry- + + - name: Cache Cargo build + uses: actions/cache@v4 + with: + path: target + key: ${{ runner.os }}-cargo-build-${{ hashFiles('**/Cargo.lock') }} + restore-keys: | + ${{ runner.os }}-cargo-build- + + - name: Run tests + env: + GH_PRIVATE_KEY: ${{ secrets.GH_PRIVATE_KEY }} + DB_URL: ${{secrets.DB_URL}} + run: cargo test -- --nocapture \ No newline at end of file diff --git a/.github/workflows/deploy-new-version.yml b/.github/workflows/deploy-new-version.yml deleted file mode 100644 index cfc56cd..0000000 --- a/.github/workflows/deploy-new-version.yml +++ /dev/null @@ -1,44 +0,0 @@ -name: Deploy new version -run-name: New deployment for "${{ github.ref_name }}" triggered by ${{ github.actor }} - -on: - workflow_dispatch: - inputs: - version: - description: "Enter the version number" - required: true - default: "latest" - -jobs: - check-version: - runs-on: ubuntu-latest - - steps: - - name: Checkout code - uses: actions/checkout@v4 - - - name: Install cargo-edit - run: cargo install cargo-edit - - - name: Update version - run: cargo set-version ${{ inputs.version }} - - - name: Run cargo check - run: cargo check - - - name: Git config - run: | - git config user.name "${GITHUB_ACTOR}" - git config user.email "${GITHUB_ACTOR}@users.noreply.github.com" - - - name: Commit version change - run: | - git commit -am "Update version to ${{ inputs.version }}" - git push origin main - - call-release-workflow: - needs: check-version - uses: ./.github/workflows/release-new-version.yml - with: - version: ${{ inputs.version }} - secrets: inherit diff --git a/.github/workflows/publish-new-build.yml b/.github/workflows/publish-new-build.yml new file mode 100644 index 0000000..759e00d --- /dev/null +++ b/.github/workflows/publish-new-build.yml @@ -0,0 +1,80 @@ +name: Publish new build +run-name: Publish new images for "${{ github.ref_name }}" triggered by ${{ github.actor }} + +on: + pull_request: + types: [opened, synchronize] + push: + branches: + - main + workflow_dispatch: + inputs: + version: + description: 'Enter the version number' + required: true + default: 'latest' + +jobs: + code-check: + uses: ./.github/workflows/code-check.yml + secrets: inherit + + bump-version: + runs-on: ubuntu-latest + needs: code-check + if: ${{ github.ref_name == 'main' && inputs.version != '' }} + + steps: + - name: Checkout code + uses: actions/checkout@v4 + + - name: Install cargo-edit + run: cargo install cargo-edit + + - name: Update version + run: cargo set-version ${{ inputs.version }} + + - name: Run cargo check + run: cargo check + + - name: Git config + run: | + git config user.name "${GITHUB_ACTOR}" + git config user.email "${GITHUB_ACTOR}@users.noreply.github.com" + + - name: Commit version change + run: | + git commit -am "Update version to ${{ inputs.version }}" + git push origin main + + build-and-publish: + needs: + - code-check + - bump-version + if: | + always() && + !contains(needs.*.result, 'failure') && + !contains(needs.*.result, 'cancelled') + uses: ./.github/workflows/build-docker-image.yml + with: + version: ${{ inputs.version }} + secrets: inherit + + git-tag: + runs-on: ubuntu-latest + needs: build-and-publish + if: | + ${{ github.ref_name == 'main' && inputs.version != '' }} && + always() && + !contains(needs.*.result, 'failure') && + !contains(needs.*.result, 'cancelled') + steps: + - name: Checkout code + uses: actions/checkout@v4 + + - name: Create and push tag + run: | + TAG_NAME="v${{ inputs.version }}" + git tag $TAG_NAME + git push origin $TAG_NAME + diff --git a/.github/workflows/release-new-version.yml b/.github/workflows/release-new-version.yml deleted file mode 100644 index eb3ed14..0000000 --- a/.github/workflows/release-new-version.yml +++ /dev/null @@ -1,147 +0,0 @@ -name: Release New Version -run-name: New release for "${{ github.ref_name }}" triggered by ${{ github.actor }} -on: - pull_request: - types: [opened, synchronize] - push: - branches: - - main - workflow_call: - inputs: - version: - required: true - type: string - -env: - ECR_REPOSITORY: "filplus-backend" - -jobs: - format_and_lint: - runs-on: ubuntu-latest - - steps: - - name: Checkout code - uses: actions/checkout@v4 - - - name: Cache Cargo registry - uses: actions/cache@v2 - with: - path: | - ~/.cargo/registry - ~/.cargo/git - key: ${{ runner.os }}-cargo-registry-${{ hashFiles('**/Cargo.lock') }} - restore-keys: | - ${{ runner.os }}-cargo-registry- - - - name: Cache Cargo build - uses: actions/cache@v2 - with: - path: target - key: ${{ runner.os }}-cargo-build-${{ hashFiles('**/Cargo.lock') }} - restore-keys: | - ${{ runner.os }}-cargo-build- - - - name: Install Rust - uses: actions-rust-lang/setup-rust-toolchain@v1 - with: - components: rustfmt, clippy - - - name: Rustfmt Check - uses: actions-rust-lang/rustfmt@v1 - - - name: Run Clippy - run: cargo clippy - - end_to_end_tests: - runs-on: ubuntu-latest - needs: format_and_lint - environment: staging-fidl - - steps: - - name: Checkout code - uses: actions/checkout@v4 - - - name: Cache Cargo registry - uses: actions/cache@v2 - with: - path: | - ~/.cargo/registry - ~/.cargo/git - key: ${{ runner.os }}-cargo-registry-${{ hashFiles('**/Cargo.lock') }} - restore-keys: | - ${{ runner.os }}-cargo-registry- - - - name: Cache Cargo build - uses: actions/cache@v2 - with: - path: target - key: ${{ runner.os }}-cargo-build-${{ hashFiles('**/Cargo.lock') }} - restore-keys: | - ${{ runner.os }}-cargo-build- - - - name: Run tests - env: - GH_PRIVATE_KEY: ${{ secrets.GH_PRIVATE_KEY }} - DB_URL: ${{secrets.DB_URL}} - run: cargo test -- --nocapture - - build_and_push: - runs-on: ubuntu-latest - needs: [format_and_lint, end_to_end_tests] - environment: production-fidl - - steps: - - name: Checkout code - uses: actions/checkout@v4 - - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v2 - - - name: Cache Docker - uses: actions/cache@v3 - with: - path: /tmp/.buildx-cache - key: ${{ runner.os }}-docker-build-${{ github.sha }} - restore-keys: | - ${{ runner.os }}-docker-build- - - - name: Configure AWS credentials - uses: aws-actions/configure-aws-credentials@v2 - with: - aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} - aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} - aws-region: us-east-1 - - - name: Login to Amazon ECR - uses: aws-actions/amazon-ecr-login@v1 - with: - mask-password: "true" - registry-type: public - - - name: Docker meta - id: meta - uses: docker/metadata-action@v5 - with: - flavor: latest=false - images: public.ecr.aws/f4h6r4m9/${{ env.ECR_REPOSITORY }} - tags: | - type=semver,pattern={{version}},value=v${{ inputs.version }},enable=${{inputs.version != ''}} - type=raw,value={{branch}} - type=ref,event=pr,pattern={{branch}} - - - name: Build tag and push Docker image - uses: docker/build-push-action@v6 - with: - context: . - push: true - tags: ${{ steps.meta.outputs.tags }} - cache-from: type=gha - cache-to: type=gha,mode=max - github-token: ${{ secrets.GITHUB_TOKEN }} - - - name: Create and push tag - if: ${{ github.ref == format('refs/heads/{0}', 'main') && inputs.version != '' }} - run: | - TAG_NAME="v${{ inputs.version }}" - git tag $TAG_NAME - git push origin $TAG_NAME