Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

ci: add cd and performance improvements #64

Merged
merged 5 commits into from
Sep 22, 2023
Merged

ci: add cd and performance improvements #64

Changes from all commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
0e3f4af
ci: adding CD to dev, stg, and prd; added docker image caching
CharlieC3 Sep 21, 2023
ae95c38
ci: enable cargo cache
CharlieC3 Sep 21, 2023
7b3f931
ci: don't build arm64 to save on time
CharlieC3 Sep 21, 2023
dd1b4f6
ci: fix deploy parameter
CharlieC3 Sep 21, 2023
248fc82
ci: fix branch parameter
CharlieC3 Sep 21, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
202 changes: 164 additions & 38 deletions .github/workflows/ci.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,51 +5,50 @@ on:
branches:
- main
- develop
tags-ignore:
- "**"
paths-ignore:
- "**/CHANGELOG.md"
- "**/package.json"
- '**/CHANGELOG.md'
pull_request:
workflow_dispatch:

concurrency:
group: ${{ github.workflow }} @ ${{ github.event.pull_request.head.label || github.head_ref || github.ref }}
cancel-in-progress: true

jobs:
build:
runs-on: ubuntu-latest
outputs:
version_output: ${{ steps.meta.outputs.version }}
version: ${{ steps.docker_meta.outputs.version }}
steps:
- uses: actions/checkout@v2
- uses: actions/checkout@v4
with:
token: ${{ secrets.GH_TOKEN || secrets.GITHUB_TOKEN }}
fetch-depth: 0
persist-credentials: false

- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
uses: docker/setup-buildx-action@v3

- name: Docker Meta
id: meta
uses: docker/metadata-action@v4
uses: docker/metadata-action@v5
id: docker_meta
with:
images: |
hirosystems/${{ github.event.repository.name }}
tags: |
type=ref,event=branch
type=ref,event=pr
type=semver,pattern={{version}},value=${{ steps.semantic.outputs.new_release_version }},enable=${{ steps.semantic.outputs.new_release_version != '' }}
type=semver,pattern={{major}}.{{minor}},value=${{ steps.semantic.outputs.new_release_version }},enable=${{ steps.semantic.outputs.new_release_version != '' }}
type=raw,value=latest,enable={{is_default_branch}}

- name: Create artifact directory
run: mkdir -p /tmp/artifacts

- name: Build/Save Image
uses: docker/build-push-action@v2
uses: docker/build-push-action@v5
with:
context: .
tags: ${{ steps.meta.outputs.tags }},
labels: ${{ steps.meta.outputs.labels }}
tags: ${{ steps.docker_meta.outputs.tags }},
labels: ${{ steps.docker_meta.outputs.labels }}
cache-from: type=gha
cache-to: type=gha,mode=max
outputs: type=docker,dest=/tmp/artifacts/myimage.tar

- name: Save docker artifact
Expand All @@ -61,17 +60,16 @@ jobs:
k8s-tests:
runs-on: ubuntu-latest
needs: build
env:
VERSION: ${{ needs.build.outputs.version }}

steps:
- name: Read version into env var
env:
version: ${{ needs.build.outputs.version_output }}
run: |
echo "version_tag=$version" >> "$GITHUB_ENV"
echo "Extracted version tag: $version_tag"
echo "Extracted version tag: ${VERSION}"

- name: Checkout repository
uses: actions/checkout@v2
uses: actions/checkout@v4

- name: Build k8s cluster
uses: nolar/setup-k3d-k3s@v1
Expand All @@ -89,7 +87,7 @@ jobs:
- name: Load image
run: |
docker load --input /tmp/artifacts/myimage.tar
docker tag hirosystems/stacks-devnet-api:$version_tag hirosystems/stacks-devnet-api:ci
docker tag hirosystems/stacks-devnet-api:${VERSION} hirosystems/stacks-devnet-api:ci
docker image ls -a

- name: Deploy k8s manifests
Expand All @@ -112,16 +110,23 @@ jobs:
uses: actions-rs/toolchain@v1
with:
toolchain: stable
profile: minimal
override: true

- name: Cache cargo
uses: actions/cache@v3
with:
path: ~/.cargo/
key: ${{ runner.os }}-cargo-${{ hashFiles('**/Cargo.lock') }}

- name: Install and run cargo-tarpaulin
run: |
cargo install cargo-tarpaulin
cargo --version
cargo tarpaulin --out lcov

- name: Upload to codecov.io
uses: codecov/codecov-action@v2
uses: codecov/codecov-action@v3
with:
token: ${{secrets.CODECOV_TOKEN}}

Expand All @@ -130,20 +135,20 @@ jobs:
needs:
- build
- k8s-tests
if: needs.build.result == 'success' && needs.k8s-tests.result == 'success'
outputs:
docker_image_digest: ${{ steps.docker_push.outputs.digest }}
new_release_published: ${{ steps.semantic.outputs.new_release_published }}
steps:
- uses: actions/checkout@v2
- uses: actions/checkout@v4
with:
token: ${{ secrets.GH_TOKEN || secrets.GITHUB_TOKEN }}
fetch-depth: 0
persist-credentials: false

- name: Semantic Release
uses: cycjimmy/semantic-release-action@v3
uses: cycjimmy/semantic-release-action@v4
id: semantic
if: github.event_name != 'pull_request' || github.event.pull_request.head.repo.full_name == github.repository
env:
GITHUB_TOKEN: ${{ secrets.GH_TOKEN || secrets.GITHUB_TOKEN }}
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
SEMANTIC_RELEASE_PACKAGE: ${{ github.event.repository.name }}
with:
semantic_version: 19
Expand All @@ -152,12 +157,19 @@ jobs:
@semantic-release/[email protected]
[email protected]

- name: Checkout tag
if: steps.semantic.outputs.new_release_version != ''
uses: actions/checkout@v4
with:
persist-credentials: false
ref: v${{ steps.semantic.outputs.new_release_version }}

- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
uses: docker/setup-buildx-action@v3

- name: Docker Meta
id: meta
uses: docker/metadata-action@v4
uses: docker/metadata-action@v5
id: docker_meta
with:
images: |
hirosystems/${{ github.event.repository.name }}
Expand All @@ -168,18 +180,132 @@ jobs:
type=semver,pattern={{major}}.{{minor}},value=${{ steps.semantic.outputs.new_release_version }},enable=${{ steps.semantic.outputs.new_release_version != '' }}
type=raw,value=latest,enable={{is_default_branch}}

- name: Login to DockerHub
uses: docker/login-action@v2
- name: Log in to DockerHub
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_PASSWORD }}

- name: Build/Push Image
uses: docker/build-push-action@v4
uses: docker/build-push-action@v5
id: docker_push
with:
context: .
tags: ${{ steps.meta.outputs.tags }},
labels: ${{ steps.meta.outputs.labels }}
platforms: linux/amd64,linux/arm64
tags: ${{ steps.docker_meta.outputs.tags }},
labels: ${{ steps.docker_meta.outputs.labels }}
cache-from: type=gha
cache-to: type=gha,mode=max
# Only push if (there's a new release on main branch, or if building a non-main branch) and (Only run on non-PR events or only PRs that aren't from forks)
push: ${{ (github.ref != 'refs/heads/main' || steps.semantic.outputs.new_release_version != '') && (github.event_name != 'pull_request' || github.event.pull_request.head.repo.full_name == github.repository) }}

deploy-dev:
runs-on: ubuntu-latest
needs:
- build-publish-release
if: github.event_name != 'pull_request' || github.event.pull_request.head.repo.full_name == github.repository
env:
DEPLOY_ENV: dev
environment:
name: Development
url: https://platform.dev.hiro.so/
steps:
- name: Checkout actions repo
uses: actions/checkout@v4
with:
ref: main
token: ${{ secrets.GH_TOKEN }}
repository: ${{ secrets.DEVOPS_ACTIONS_REPO }}

- name: Deploy Stacks Devnet API
uses: ./actions/deploy
with:
docker_tag: ${{ needs.build-publish-release.outputs.docker_image_digest }}
k8s_repo: k8s-platform
k8s_branch: main
file_pattern: manifests/api/stacks-devnet-api/${{ env.DEPLOY_ENV }}/base/kustomization.yaml
gh_token: ${{ secrets.GH_TOKEN }}

auto-approve-dev:
runs-on: ubuntu-latest
if: needs.build-publish-release.outputs.new_release_published == 'true' && (github.event_name != 'pull_request' || github.event.pull_request.head.repo.full_name == github.repository)
needs:
- build-publish-release
steps:
- name: Approve pending deployment
run: |
sleep 5
ENV_ID=$(curl -s -H "Authorization: token ${{ secrets.GITHUB_TOKEN }}" -H "Accept: application/vnd.github.v3+json" "https://api.github.com/repos/hirosystems/stacks-devnet-api/actions/runs/${{ github.run_id }}/pending_deployments" | jq -r '.[0].environment.id // empty')
if [[ -n "${ENV_ID}" ]]; then
curl -s -X POST -H "Authorization: token ${{ secrets.GITHUB_TOKEN }}" -H "Accept: application/vnd.github.v3+json" "https://api.github.com/repos/hirosystems/stacks-devnet-api/actions/runs/${{ github.run_id }}/pending_deployments" -d "{\"environment_ids\":[${ENV_ID}],\"state\":\"approved\",\"comment\":\"auto approve\"}"
fi

deploy-staging:
runs-on: ubuntu-latest
needs:
- build-publish-release
- deploy-dev
if: github.event_name != 'pull_request' || github.event.pull_request.head.repo.full_name == github.repository
env:
DEPLOY_ENV: stg
environment:
name: Staging
url: https://platform.stg.hiro.so/
steps:
- name: Checkout actions repo
uses: actions/checkout@v4
with:
ref: main
token: ${{ secrets.GH_TOKEN }}
repository: ${{ secrets.DEVOPS_ACTIONS_REPO }}

- name: Deploy Stacks Devnet API
uses: ./actions/deploy
with:
docker_tag: ${{ needs.build-publish-release.outputs.docker_image_digest }}
k8s_repo: k8s-platform
k8s_branch: main
file_pattern: manifests/api/stacks-devnet-api/${{ env.DEPLOY_ENV }}/base/kustomization.yaml
gh_token: ${{ secrets.GH_TOKEN }}

auto-approve-staging:
runs-on: ubuntu-latest
if: needs.build-publish-release.outputs.new_release_published == 'true' && (github.event_name != 'pull_request' || github.event.pull_request.head.repo.full_name == github.repository)
needs:
- build-publish-release
- deploy-dev
steps:
- name: Approve pending deployment
run: |
sleep 5
ENV_ID=$(curl -s -H "Authorization: token ${{ secrets.GITHUB_TOKEN }}" -H "Accept: application/vnd.github.v3+json" "https://api.github.com/repos/hirosystems/stacks-devnet-api/actions/runs/${{ github.run_id }}/pending_deployments" | jq -r '.[0].environment.id // empty')
if [[ -n "${ENV_ID}" ]]; then
curl -s -X POST -H "Authorization: token ${{ secrets.GITHUB_TOKEN }}" -H "Accept: application/vnd.github.v3+json" "https://api.github.com/repos/hirosystems/stacks-devnet-api/actions/runs/${{ github.run_id }}/pending_deployments" -d "{\"environment_ids\":[${ENV_ID}],\"state\":\"approved\",\"comment\":\"auto approve\"}"
fi

deploy-prod:
runs-on: ubuntu-latest
if: needs.build-publish-release.outputs.new_release_published == 'true' && (github.event_name != 'pull_request' || github.event.pull_request.head.repo.full_name == github.repository)
needs:
- build-publish-release
- deploy-staging
env:
DEPLOY_ENV: prd
environment:
name: Production
url: https://platform.hiro.so/
steps:
- name: Checkout actions repo
uses: actions/checkout@v4
with:
ref: main
token: ${{ secrets.GH_TOKEN }}
repository: ${{ secrets.DEVOPS_ACTIONS_REPO }}

- name: Deploy Stacks Devnet API
uses: ./actions/deploy
with:
docker_tag: ${{ needs.build-publish-release.outputs.docker_image_digest }}
k8s_repo: k8s-platform
k8s_branch: main
file_pattern: manifests/api/stacks-devnet-api/${{ env.DEPLOY_ENV }}/base/kustomization.yaml
gh_token: ${{ secrets.GH_TOKEN }}
Loading