From a4c6feff09b269e650556b48c599a070bf762f79 Mon Sep 17 00:00:00 2001 From: Ronny Badilla Date: Mon, 27 Dec 2021 13:30:41 -0600 Subject: [PATCH 01/25] feat: added deploy workflows for staging and production --- .github/workflows/build.yaml | 67 +++++++++++++++++++------- .github/workflows/push_production.yaml | 31 ++++++++++++ .github/workflows/push_staging.yaml | 30 ++++++++++++ 3 files changed, 110 insertions(+), 18 deletions(-) create mode 100644 .github/workflows/push_production.yaml create mode 100644 .github/workflows/push_staging.yaml diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml index 7186bb4c71..a7d38d0765 100644 --- a/.github/workflows/build.yaml +++ b/.github/workflows/build.yaml @@ -1,12 +1,18 @@ -# this build is triggered when a new pre-release has been created -# it creates a new docker build image based on the tag associated +# this is a reusable workflow that will be called by the +# push_staging and push_production workflows +# more info: https://docs.github.com/en/actions/learn-github-actions/reusing-workflows name: build on: - release: - types: - - 'prereleased' + workflow_call: + inputs: + is_production: + required: true + type: boolean + description: Determine whether the current workflow is executed against production or not + +# TODO: get the secrets via inputs, so we let the staging/production workflows retrieve their corresponding credentials env: AWS_REGION: ${{ secrets.AWS_REGION }} AWS_ACCOUNT_ID: ${{ secrets.AWS_ACCOUNT_ID }} @@ -19,17 +25,6 @@ jobs: runs-on: ubuntu-latest steps: - # download the source code into the runner - - name: checkout - uses: actions/checkout@v2 - - # gather metadata from git & github actions to reference in docker - - name: git & github metadata - id: metadata - uses: docker/metadata-action@v3 - with: - images: ${{ env.AWS_ACCOUNT_ID }}.dkr.ecr.${{ env.AWS_REGION }}.amazonaws.com/openverse/frontend - # setup docker buildx - name: setup docker buildx uses: docker/setup-buildx-action@v1 @@ -40,13 +35,49 @@ jobs: - name: docker login uses: aws-actions/amazon-ecr-login@v1 + # for staging + # gather metadata from git & github actions to reference in docker + - name: git & github metadata staging + id: metadata_staging + uses: docker/metadata-action@v3 + if: ${{ github.event.inputs.is_production == false }} + with: + images: ${{ env.AWS_ACCOUNT_ID }}.dkr.ecr.${{ env.AWS_REGION }}.amazonaws.com/openverse/frontend + tags: | + latest=auto + type=edge,branch=main + + # build a docker image + - name: build docker image + uses: docker/build-push-action@v2 + if: ${{ github.event.inputs.is_production == false }} + with: + context: . + tags: ${{ steps.metadata_staging.outputs.tags }} + labels: ${{ steps.metadata_staging.outputs.labels }} + push: true + + # for production + # gather metadata from git & github actions to reference in docker + - name: git & github metadata production + id: metadata_production + uses: docker/metadata-action@v3 + if: ${{ github.event.inputs.is_production == true }} + with: + images: ${{ env.AWS_ACCOUNT_ID }}.dkr.ecr.${{ env.AWS_REGION }}.amazonaws.com/openverse/frontend + tags: | + latest=false + type=raw,value=stable + type=semver,pattern={{version}} + # build a docker image - name: build docker image uses: docker/build-push-action@v2 + if: ${{ github.event.inputs.is_production == true }} with: context: . - tags: ${{ steps.metadata.outputs.tags }} - labels: ${{ steps.metadata.outputs.labels }} + tags: ${{ steps.metadata_production.outputs.tags }} + labels: ${{ steps.metadata_production.outputs.labels }} push: true diff --git a/.github/workflows/push_production.yaml b/.github/workflows/push_production.yaml new file mode 100644 index 0000000000..96a1bde89e --- /dev/null +++ b/.github/workflows/push_production.yaml @@ -0,0 +1,31 @@ +# this build is triggered when a new pre-release has been created +# it creates a new docker build image based on the tag associated + +name: push_production + +on: + release: + types: + - 'prereleased' + +jobs: + push: + name: push + runs-on: ubuntu-latest + environment: + name: production + url: https://search.openverse.engineering + + steps: + # download the source code into the runner + - name: checkout + uses: actions/checkout@v2 + + # build a new docker image and push it into the repository + - name: docker build + uses: ./.github/workflows/build.yaml@v1 + with: + is_production: true + + + diff --git a/.github/workflows/push_staging.yaml b/.github/workflows/push_staging.yaml new file mode 100644 index 0000000000..479147dbfa --- /dev/null +++ b/.github/workflows/push_staging.yaml @@ -0,0 +1,30 @@ +# this build is triggered when a new pull request has been merged +# into the main branch + +name: push_staging + +on: + push: + branches: + - main + +jobs: + push: + name: push + runs-on: ubuntu-latest + environment: + name: staging + url: https://search-staging.openverse.engineering + + steps: + # download the source code into the runner + - name: checkout + uses: actions/checkout@v2 + + # build a new docker image and push it into the repository + - name: docker build + uses: ./.github/workflows/build.yaml@v1 + with: + is_production: false + + From a833c366bd8f286c8e56250cc036c474b4552c6d Mon Sep 17 00:00:00 2001 From: Ronny Badilla Date: Tue, 11 Jan 2022 10:11:17 -0600 Subject: [PATCH 02/25] feat: rename the event that triggers the deploy to production --- .github/workflows/build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 62434998a4..ea00fcdb4b 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -14,7 +14,7 @@ on: release: types: - - "prereleased" + - "released" # TODO: get the secrets via inputs, so we let the staging/production workflows retrieve their corresponding credentials env: From a6ac112a194a7308d58896efa4641ab4102379b6 Mon Sep 17 00:00:00 2001 From: Zack Krida Date: Tue, 1 Feb 2022 17:41:42 -0500 Subject: [PATCH 03/25] format files --- .github/workflows/build.yml | 1 - .github/workflows/push_production.yaml | 3 --- .github/workflows/push_staging.yaml | 2 -- 3 files changed, 6 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index ea00fcdb4b..38ad7ca12c 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -83,4 +83,3 @@ jobs: tags: ${{ steps.metadata_production.outputs.tags }} labels: ${{ steps.metadata_production.outputs.labels }} push: true - diff --git a/.github/workflows/push_production.yaml b/.github/workflows/push_production.yaml index 96a1bde89e..a0f5604d38 100644 --- a/.github/workflows/push_production.yaml +++ b/.github/workflows/push_production.yaml @@ -26,6 +26,3 @@ jobs: uses: ./.github/workflows/build.yaml@v1 with: is_production: true - - - diff --git a/.github/workflows/push_staging.yaml b/.github/workflows/push_staging.yaml index 479147dbfa..c3bf88f0f9 100644 --- a/.github/workflows/push_staging.yaml +++ b/.github/workflows/push_staging.yaml @@ -26,5 +26,3 @@ jobs: uses: ./.github/workflows/build.yaml@v1 with: is_production: false - - From ad503dd459be6809f85cca98e6b7b6e072fb8a5e Mon Sep 17 00:00:00 2001 From: Ronny Badilla Date: Wed, 2 Feb 2022 10:45:27 -0600 Subject: [PATCH 04/25] feat: switch prerelease event to release --- .github/workflows/push_production.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/push_production.yaml b/.github/workflows/push_production.yaml index a0f5604d38..5bc4e216c4 100644 --- a/.github/workflows/push_production.yaml +++ b/.github/workflows/push_production.yaml @@ -6,7 +6,7 @@ name: push_production on: release: types: - - 'prereleased' + - 'released' jobs: push: From f6f87635ff95986328c391eeb053ab4c4741cc96 Mon Sep 17 00:00:00 2001 From: Ronny Badilla Date: Wed, 2 Feb 2022 10:55:48 -0600 Subject: [PATCH 05/25] feat: change the url of the deployment workflow for visual reference purposes --- .github/workflows/push_production.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/push_production.yaml b/.github/workflows/push_production.yaml index 5bc4e216c4..a106004def 100644 --- a/.github/workflows/push_production.yaml +++ b/.github/workflows/push_production.yaml @@ -14,7 +14,7 @@ jobs: runs-on: ubuntu-latest environment: name: production - url: https://search.openverse.engineering + url: https://search-prod.openverse.engineering steps: # download the source code into the runner From 40564914b2005f47f1995f9c049d5586c4e36900 Mon Sep 17 00:00:00 2001 From: Ronny Badilla Date: Wed, 2 Feb 2022 11:40:51 -0600 Subject: [PATCH 06/25] test: deploying to staging and production environments --- .github/workflows/build.yml | 4 ---- .github/workflows/push_staging.yaml | 1 + 2 files changed, 1 insertion(+), 4 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 38ad7ca12c..811ff693cd 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -12,10 +12,6 @@ on: type: boolean description: Determine whether the current workflow is executed against production or not - release: - types: - - "released" - # TODO: get the secrets via inputs, so we let the staging/production workflows retrieve their corresponding credentials env: AWS_REGION: ${{ secrets.AWS_REGION }} diff --git a/.github/workflows/push_staging.yaml b/.github/workflows/push_staging.yaml index c3bf88f0f9..66da15de28 100644 --- a/.github/workflows/push_staging.yaml +++ b/.github/workflows/push_staging.yaml @@ -7,6 +7,7 @@ on: push: branches: - main + - ci/* # allow any ci/* branch the ability to deploy to staging without the need to merge the PR jobs: push: From 5b83ee49b9a259344b9a5c4f057ef95c1b0a1616 Mon Sep 17 00:00:00 2001 From: Ronny Badilla Date: Wed, 2 Feb 2022 16:53:05 -0600 Subject: [PATCH 07/25] test: point the branch in the action name to avoid errors --- .github/workflows/push_production.yaml | 4 ++-- .github/workflows/push_staging.yaml | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/push_production.yaml b/.github/workflows/push_production.yaml index a106004def..22634c494d 100644 --- a/.github/workflows/push_production.yaml +++ b/.github/workflows/push_production.yaml @@ -1,7 +1,7 @@ # this build is triggered when a new pre-release has been created # it creates a new docker build image based on the tag associated -name: push_production +name: openverse/deploy/production on: release: @@ -23,6 +23,6 @@ jobs: # build a new docker image and push it into the repository - name: docker build - uses: ./.github/workflows/build.yaml@v1 + uses: ./.github/workflows/build.yaml@ci/actions with: is_production: true diff --git a/.github/workflows/push_staging.yaml b/.github/workflows/push_staging.yaml index 66da15de28..149b7d7bd0 100644 --- a/.github/workflows/push_staging.yaml +++ b/.github/workflows/push_staging.yaml @@ -1,7 +1,7 @@ # this build is triggered when a new pull request has been merged # into the main branch -name: push_staging +name: openverse/deploy/staging on: push: @@ -24,6 +24,6 @@ jobs: # build a new docker image and push it into the repository - name: docker build - uses: ./.github/workflows/build.yaml@v1 + uses: ./.github/workflows/build.yaml@ci/actions with: is_production: false From 6a8d006c5e0af480ae9d674c06e56b0f78ad64f9 Mon Sep 17 00:00:00 2001 From: Ronny Badilla Date: Wed, 2 Feb 2022 16:59:45 -0600 Subject: [PATCH 08/25] fix: point the right name of the build workflow file --- .github/workflows/build.yml | 2 +- .github/workflows/pre-build.yaml | 4 ++-- .github/workflows/push_staging.yaml | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 811ff693cd..d993701175 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -2,7 +2,7 @@ # push_staging and push_production workflows # more info: https://docs.github.com/en/actions/learn-github-actions/reusing-workflows -name: build +name: openverse/build on: workflow_call: diff --git a/.github/workflows/pre-build.yaml b/.github/workflows/pre-build.yaml index 39c494e246..b6223fdf0c 100644 --- a/.github/workflows/pre-build.yaml +++ b/.github/workflows/pre-build.yaml @@ -1,9 +1,9 @@ # this workflow will try to lint and build a node.js application # -# this is useful for stages that you require to make sure everything is working +# this is useful for stages that you require making sure everything is working # properly before creating a container image to be pushed on the cloud # -name: pre_build +name: openverse/validate on: pull_request: diff --git a/.github/workflows/push_staging.yaml b/.github/workflows/push_staging.yaml index 149b7d7bd0..d59fc2fdf0 100644 --- a/.github/workflows/push_staging.yaml +++ b/.github/workflows/push_staging.yaml @@ -24,6 +24,6 @@ jobs: # build a new docker image and push it into the repository - name: docker build - uses: ./.github/workflows/build.yaml@ci/actions + uses: ./.github/workflows/build.yml@v1 with: is_production: false From 689ae5fcb07b2700f261b9c98112b30d774490c2 Mon Sep 17 00:00:00 2001 From: Ronny Badilla Date: Wed, 2 Feb 2022 17:05:20 -0600 Subject: [PATCH 09/25] fix: name of the branch when calling the action --- .github/workflows/pre-build.yaml | 8 ++++---- .github/workflows/push_staging.yaml | 4 +++- 2 files changed, 7 insertions(+), 5 deletions(-) diff --git a/.github/workflows/pre-build.yaml b/.github/workflows/pre-build.yaml index b6223fdf0c..f54703514c 100644 --- a/.github/workflows/pre-build.yaml +++ b/.github/workflows/pre-build.yaml @@ -7,10 +7,10 @@ name: openverse/validate on: pull_request: - push: - branches: - - 'main' - - 'ci/*' # branches that follows the pattern ci/* can access this workflow too +# push: +# branches: +# - 'main' +# - 'ci/*' # branches that follows the pattern ci/* can access this workflow too jobs: pre_build: diff --git a/.github/workflows/push_staging.yaml b/.github/workflows/push_staging.yaml index d59fc2fdf0..7dcc8c0802 100644 --- a/.github/workflows/push_staging.yaml +++ b/.github/workflows/push_staging.yaml @@ -22,8 +22,10 @@ jobs: - name: checkout uses: actions/checkout@v2 + - run: ls -lah ./.github/workflows/ + # build a new docker image and push it into the repository - name: docker build - uses: ./.github/workflows/build.yml@v1 + uses: ./.github/workflows/build.yml@ci/actions with: is_production: false From 529fff21e51a0412e44f2631124360ae87b13097 Mon Sep 17 00:00:00 2001 From: Ronny Badilla Date: Wed, 2 Feb 2022 18:05:13 -0600 Subject: [PATCH 10/25] feat: relocate the build workflow as an action --- .github/actions/build/action.yml | 86 +++++++++++++++++++++++++++++ .github/workflows/build.yml | 81 --------------------------- .github/workflows/push_staging.yaml | 8 ++- 3 files changed, 91 insertions(+), 84 deletions(-) create mode 100644 .github/actions/build/action.yml delete mode 100644 .github/workflows/build.yml diff --git a/.github/actions/build/action.yml b/.github/actions/build/action.yml new file mode 100644 index 0000000000..900ec9838c --- /dev/null +++ b/.github/actions/build/action.yml @@ -0,0 +1,86 @@ +# this is a reusable workflow that will be called by the +# push_staging and push_production workflows +# more info: https://docs.github.com/en/actions/learn-github-actions/reusing-workflows + +name: openverse/build +description: build a docker image that can be used in different environments + +inputs: + is_production: + required: true + description: Determine whether the current workflow is executed against production or not + aws_region: + required: true + description: AWS region where the resource will be deployed + aws_account_id: + required: true + description: AWS account number where the resources are already deployed + aws_access_key_id: + required: true + description: AWS access key id that performs the modifications described in this action + aws_secret_access_key: + required: true + description: AWS secret access key associated to the access key id specified above + +runs: + using: "composite" + steps: + # setup docker buildx + - name: setup docker buildx + uses: docker/setup-buildx-action@v1 + with: + install: true + + # login in docker repository + - name: docker login + uses: aws-actions/amazon-ecr-login@v1 + env: + AWS_REGION: ${{ env.INPUT_AWS_REGION }} + AWS_ACCOUNT_ID: ${{ env.INPUT_AWS_ACCOUNT_ID }} + AWS_ACCESS_KEY_ID: ${{ env.INPUT_AWS_ACCESS_KEY_ID }} + AWS_SECRET_ACCESS_KEY: ${{ env.INPUT_AWS_SECRET_ACCESS_KEY }} + + # for staging + # gather metadata from git & github actions to reference in docker + - name: git & github metadata staging + id: metadata_staging + uses: docker/metadata-action@v3 + if: ${{ github.event.inputs.is_production == false }} + with: + images: ${{ env.INPUT_AWS_ACCOUNT_ID }}.dkr.ecr.${{ env.INPUT_AWS_REGION }}.amazonaws.com/openverse/frontend + tags: | + latest=auto + type=edge,branch=main + + # build a docker image + - name: build docker image + uses: docker/build-push-action@v2 + if: ${{ github.event.inputs.is_production == false }} + with: + context: . + tags: ${{ steps.metadata_staging.outputs.tags }} + labels: ${{ steps.metadata_staging.outputs.labels }} + push: true + + # for production + # gather metadata from git & github actions to reference in docker + - name: git & github metadata production + id: metadata_production + uses: docker/metadata-action@v3 + if: ${{ github.event.inputs.is_production == true }} + with: + images: ${{ env.INPUT_AWS_ACCOUNT_ID }}.dkr.ecr.${{ env.INPUT_AWS_REGION }}.amazonaws.com/openverse/frontend + tags: | + latest=false + type=raw,value=stable + type=semver,pattern={{version}} + + # build a docker image + - name: build docker image + uses: docker/build-push-action@v2 + if: ${{ github.event.inputs.is_production == true }} + with: + context: . + tags: ${{ steps.metadata_production.outputs.tags }} + labels: ${{ steps.metadata_production.outputs.labels }} + push: true diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml deleted file mode 100644 index d993701175..0000000000 --- a/.github/workflows/build.yml +++ /dev/null @@ -1,81 +0,0 @@ -# this is a reusable workflow that will be called by the -# push_staging and push_production workflows -# more info: https://docs.github.com/en/actions/learn-github-actions/reusing-workflows - -name: openverse/build - -on: - workflow_call: - inputs: - is_production: - required: true - type: boolean - description: Determine whether the current workflow is executed against production or not - -# TODO: get the secrets via inputs, so we let the staging/production workflows retrieve their corresponding credentials -env: - AWS_REGION: ${{ secrets.AWS_REGION }} - AWS_ACCOUNT_ID: ${{ secrets.AWS_ACCOUNT_ID }} - AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} - AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} - -jobs: - build: - name: build - runs-on: ubuntu-latest - - steps: - # setup docker buildx - - name: setup docker buildx - uses: docker/setup-buildx-action@v1 - with: - install: true - - # login in docker repository - - name: docker login - uses: aws-actions/amazon-ecr-login@v1 - - # for staging - # gather metadata from git & github actions to reference in docker - - name: git & github metadata staging - id: metadata_staging - uses: docker/metadata-action@v3 - if: ${{ github.event.inputs.is_production == false }} - with: - images: ${{ env.AWS_ACCOUNT_ID }}.dkr.ecr.${{ env.AWS_REGION }}.amazonaws.com/openverse/frontend - tags: | - latest=auto - type=edge,branch=main - - # build a docker image - - name: build docker image - uses: docker/build-push-action@v2 - if: ${{ github.event.inputs.is_production == false }} - with: - context: . - tags: ${{ steps.metadata_staging.outputs.tags }} - labels: ${{ steps.metadata_staging.outputs.labels }} - push: true - - # for production - # gather metadata from git & github actions to reference in docker - - name: git & github metadata production - id: metadata_production - uses: docker/metadata-action@v3 - if: ${{ github.event.inputs.is_production == true }} - with: - images: ${{ env.AWS_ACCOUNT_ID }}.dkr.ecr.${{ env.AWS_REGION }}.amazonaws.com/openverse/frontend - tags: | - latest=false - type=raw,value=stable - type=semver,pattern={{version}} - - # build a docker image - - name: build docker image - uses: docker/build-push-action@v2 - if: ${{ github.event.inputs.is_production == true }} - with: - context: . - tags: ${{ steps.metadata_production.outputs.tags }} - labels: ${{ steps.metadata_production.outputs.labels }} - push: true diff --git a/.github/workflows/push_staging.yaml b/.github/workflows/push_staging.yaml index 7dcc8c0802..b2906923b8 100644 --- a/.github/workflows/push_staging.yaml +++ b/.github/workflows/push_staging.yaml @@ -22,10 +22,12 @@ jobs: - name: checkout uses: actions/checkout@v2 - - run: ls -lah ./.github/workflows/ - # build a new docker image and push it into the repository - name: docker build - uses: ./.github/workflows/build.yml@ci/actions + uses: ./.github/actions/build.yml@v1 with: is_production: false + AWS_REGION: ${{ secrets.AWS_REGION }} + AWS_ACCOUNT_ID: ${{ secrets.AWS_ACCOUNT_ID }} + AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} + AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} From c059921f879b372bfc3b5071259894018a9c7951 Mon Sep 17 00:00:00 2001 From: Ronny Badilla Date: Wed, 2 Feb 2022 18:07:53 -0600 Subject: [PATCH 11/25] feat: point the right name of the action --- .github/workflows/push_staging.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/push_staging.yaml b/.github/workflows/push_staging.yaml index b2906923b8..adc339bd05 100644 --- a/.github/workflows/push_staging.yaml +++ b/.github/workflows/push_staging.yaml @@ -24,7 +24,7 @@ jobs: # build a new docker image and push it into the repository - name: docker build - uses: ./.github/actions/build.yml@v1 + uses: ./.github/actions/build@v1 with: is_production: false AWS_REGION: ${{ secrets.AWS_REGION }} From 9424da8188ec0847720cc428c403bd909d51585c Mon Sep 17 00:00:00 2001 From: Ronny Badilla Date: Wed, 2 Feb 2022 18:10:05 -0600 Subject: [PATCH 12/25] feat: try using the branch to reference the action file --- .github/workflows/push_staging.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/push_staging.yaml b/.github/workflows/push_staging.yaml index adc339bd05..60d5fcd07b 100644 --- a/.github/workflows/push_staging.yaml +++ b/.github/workflows/push_staging.yaml @@ -24,7 +24,7 @@ jobs: # build a new docker image and push it into the repository - name: docker build - uses: ./.github/actions/build@v1 + uses: ./.github/actions/build@ci/actions with: is_production: false AWS_REGION: ${{ secrets.AWS_REGION }} From 70bf20aea2482a0f3bb5051613d6efc0f7e0f353 Mon Sep 17 00:00:00 2001 From: Ronny Badilla Date: Wed, 2 Feb 2022 18:12:18 -0600 Subject: [PATCH 13/25] Update push_staging.yaml --- .github/workflows/push_staging.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/push_staging.yaml b/.github/workflows/push_staging.yaml index 60d5fcd07b..6ec0029950 100644 --- a/.github/workflows/push_staging.yaml +++ b/.github/workflows/push_staging.yaml @@ -24,7 +24,7 @@ jobs: # build a new docker image and push it into the repository - name: docker build - uses: ./.github/actions/build@ci/actions + uses: ./.github/actions/build@9424da8188ec0847720cc428c403bd909d51585c with: is_production: false AWS_REGION: ${{ secrets.AWS_REGION }} From 6ae3554e0a632a0fd982cddead5989334ea20246 Mon Sep 17 00:00:00 2001 From: Ronny Badilla Date: Wed, 2 Feb 2022 18:13:49 -0600 Subject: [PATCH 14/25] Update push_staging.yaml --- .github/workflows/push_staging.yaml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/.github/workflows/push_staging.yaml b/.github/workflows/push_staging.yaml index 6ec0029950..c387db8456 100644 --- a/.github/workflows/push_staging.yaml +++ b/.github/workflows/push_staging.yaml @@ -21,6 +21,11 @@ jobs: # download the source code into the runner - name: checkout uses: actions/checkout@v2 + + - run: ls -lah .github + - run: ls -lah .github/actions + - run: ls -lah .github/workflows + - run: ls -lah .github/actions/build # build a new docker image and push it into the repository - name: docker build From ef1d0bd3d446b3c0d03a862920f5d152e19a1ae4 Mon Sep 17 00:00:00 2001 From: Ronny Badilla Date: Wed, 2 Feb 2022 18:15:30 -0600 Subject: [PATCH 15/25] Update push_staging.yaml --- .github/workflows/push_staging.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/push_staging.yaml b/.github/workflows/push_staging.yaml index c387db8456..823d9aad7c 100644 --- a/.github/workflows/push_staging.yaml +++ b/.github/workflows/push_staging.yaml @@ -22,6 +22,7 @@ jobs: - name: checkout uses: actions/checkout@v2 + - run: pwd - run: ls -lah .github - run: ls -lah .github/actions - run: ls -lah .github/workflows From 5e44560f5396228db8881549919c622db00bd29f Mon Sep 17 00:00:00 2001 From: Ronny Badilla Date: Wed, 2 Feb 2022 18:18:41 -0600 Subject: [PATCH 16/25] Update push_staging.yaml --- .github/workflows/push_staging.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/push_staging.yaml b/.github/workflows/push_staging.yaml index 823d9aad7c..e8ec53f581 100644 --- a/.github/workflows/push_staging.yaml +++ b/.github/workflows/push_staging.yaml @@ -30,7 +30,7 @@ jobs: # build a new docker image and push it into the repository - name: docker build - uses: ./.github/actions/build@9424da8188ec0847720cc428c403bd909d51585c + uses: ./.github/actions/build with: is_production: false AWS_REGION: ${{ secrets.AWS_REGION }} From d2b4e03e1304589d34f27c828551360408a58fd4 Mon Sep 17 00:00:00 2001 From: Ronny Badilla Date: Wed, 2 Feb 2022 18:25:17 -0600 Subject: [PATCH 17/25] feat: fix the inputs and env vars in the action file --- .github/actions/build/action.yml | 12 ++++++------ .github/workflows/push_staging.yaml | 6 ------ 2 files changed, 6 insertions(+), 12 deletions(-) diff --git a/.github/actions/build/action.yml b/.github/actions/build/action.yml index 900ec9838c..42c894224a 100644 --- a/.github/actions/build/action.yml +++ b/.github/actions/build/action.yml @@ -35,10 +35,10 @@ runs: - name: docker login uses: aws-actions/amazon-ecr-login@v1 env: - AWS_REGION: ${{ env.INPUT_AWS_REGION }} - AWS_ACCOUNT_ID: ${{ env.INPUT_AWS_ACCOUNT_ID }} - AWS_ACCESS_KEY_ID: ${{ env.INPUT_AWS_ACCESS_KEY_ID }} - AWS_SECRET_ACCESS_KEY: ${{ env.INPUT_AWS_SECRET_ACCESS_KEY }} + AWS_REGION: ${{ inputs.aws_region }} + AWS_ACCOUNT_ID: ${{ inputs.aws_account_id }} + AWS_ACCESS_KEY_ID: ${{ inputs.aws_access_key_id }} + AWS_SECRET_ACCESS_KEY: ${{ inputs.aws_secret_access_key }} # for staging # gather metadata from git & github actions to reference in docker @@ -47,7 +47,7 @@ runs: uses: docker/metadata-action@v3 if: ${{ github.event.inputs.is_production == false }} with: - images: ${{ env.INPUT_AWS_ACCOUNT_ID }}.dkr.ecr.${{ env.INPUT_AWS_REGION }}.amazonaws.com/openverse/frontend + images: ${{ inputs.aws_account_id }}.dkr.ecr.${{ inputs.aws_region }}.amazonaws.com/openverse/frontend tags: | latest=auto type=edge,branch=main @@ -69,7 +69,7 @@ runs: uses: docker/metadata-action@v3 if: ${{ github.event.inputs.is_production == true }} with: - images: ${{ env.INPUT_AWS_ACCOUNT_ID }}.dkr.ecr.${{ env.INPUT_AWS_REGION }}.amazonaws.com/openverse/frontend + images: ${{ inputs.aws_account_id }}.dkr.ecr.${{ inputs.aws_region }}.amazonaws.com/openverse/frontend tags: | latest=false type=raw,value=stable diff --git a/.github/workflows/push_staging.yaml b/.github/workflows/push_staging.yaml index e8ec53f581..a494bf57bd 100644 --- a/.github/workflows/push_staging.yaml +++ b/.github/workflows/push_staging.yaml @@ -21,12 +21,6 @@ jobs: # download the source code into the runner - name: checkout uses: actions/checkout@v2 - - - run: pwd - - run: ls -lah .github - - run: ls -lah .github/actions - - run: ls -lah .github/workflows - - run: ls -lah .github/actions/build # build a new docker image and push it into the repository - name: docker build From 2fb595ea88fd460bdcf6b8c1dd5af6453851f32b Mon Sep 17 00:00:00 2001 From: Ronny Badilla Date: Wed, 2 Feb 2022 18:30:55 -0600 Subject: [PATCH 18/25] Update action.yml --- .github/actions/build/action.yml | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/.github/actions/build/action.yml b/.github/actions/build/action.yml index 42c894224a..d3ce88eadc 100644 --- a/.github/actions/build/action.yml +++ b/.github/actions/build/action.yml @@ -48,8 +48,9 @@ runs: if: ${{ github.event.inputs.is_production == false }} with: images: ${{ inputs.aws_account_id }}.dkr.ecr.${{ inputs.aws_region }}.amazonaws.com/openverse/frontend - tags: | + flavor: | latest=auto + tags: | type=edge,branch=main # build a docker image @@ -70,8 +71,9 @@ runs: if: ${{ github.event.inputs.is_production == true }} with: images: ${{ inputs.aws_account_id }}.dkr.ecr.${{ inputs.aws_region }}.amazonaws.com/openverse/frontend - tags: | + flavor: | latest=false + tags: | type=raw,value=stable type=semver,pattern={{version}} From 5db5964c141b81d2713dfdeb5215ca407f58254c Mon Sep 17 00:00:00 2001 From: Ronny Badilla Date: Wed, 2 Feb 2022 18:35:30 -0600 Subject: [PATCH 19/25] Update action.yml --- .github/actions/build/action.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/actions/build/action.yml b/.github/actions/build/action.yml index d3ce88eadc..2e87edd364 100644 --- a/.github/actions/build/action.yml +++ b/.github/actions/build/action.yml @@ -51,7 +51,7 @@ runs: flavor: | latest=auto tags: | - type=edge,branch=main + type=edge,enable=true,priority=700,prefix=,suffix=,branch=$repo.default_branch # build a docker image - name: build docker image From 8d3a73723de3abfe43444720e99e4182e48b0a25 Mon Sep 17 00:00:00 2001 From: Ronny Badilla Date: Wed, 2 Feb 2022 18:51:16 -0600 Subject: [PATCH 20/25] Update action.yml --- .github/actions/build/action.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/actions/build/action.yml b/.github/actions/build/action.yml index 2e87edd364..384ba2c731 100644 --- a/.github/actions/build/action.yml +++ b/.github/actions/build/action.yml @@ -51,6 +51,7 @@ runs: flavor: | latest=auto tags: | + type=ref,event=pr type=edge,enable=true,priority=700,prefix=,suffix=,branch=$repo.default_branch # build a docker image From af9cb5c248e1c5d6935cef1761fbb4b3fad6089f Mon Sep 17 00:00:00 2001 From: Ronny Badilla Date: Wed, 2 Feb 2022 18:58:35 -0600 Subject: [PATCH 21/25] Update action.yml --- .github/actions/build/action.yml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/.github/actions/build/action.yml b/.github/actions/build/action.yml index 384ba2c731..3d0fb0e6ed 100644 --- a/.github/actions/build/action.yml +++ b/.github/actions/build/action.yml @@ -51,8 +51,7 @@ runs: flavor: | latest=auto tags: | - type=ref,event=pr - type=edge,enable=true,priority=700,prefix=,suffix=,branch=$repo.default_branch + type=sha,enable=true,priority=100,prefix=sha-,suffix=,format=short # build a docker image - name: build docker image From bcce15140676893fe0c38f9651e940a548ef74cc Mon Sep 17 00:00:00 2001 From: Ronny Badilla Date: Wed, 2 Feb 2022 19:06:54 -0600 Subject: [PATCH 22/25] Update action.yml --- .github/actions/build/action.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/actions/build/action.yml b/.github/actions/build/action.yml index 3d0fb0e6ed..9ec7223168 100644 --- a/.github/actions/build/action.yml +++ b/.github/actions/build/action.yml @@ -51,7 +51,7 @@ runs: flavor: | latest=auto tags: | - type=sha,enable=true,priority=100,prefix=sha-,suffix=,format=short + type=ref,event=branch # build a docker image - name: build docker image From 5eb2272cf93a47a124d205953b02a332915e2cbe Mon Sep 17 00:00:00 2001 From: Ronny Badilla Date: Wed, 2 Feb 2022 19:09:30 -0600 Subject: [PATCH 23/25] Update action.yml --- .github/actions/build/action.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/actions/build/action.yml b/.github/actions/build/action.yml index 9ec7223168..87bb815bd3 100644 --- a/.github/actions/build/action.yml +++ b/.github/actions/build/action.yml @@ -51,6 +51,7 @@ runs: flavor: | latest=auto tags: | + type=ref,event=tag type=ref,event=branch # build a docker image @@ -75,6 +76,7 @@ runs: latest=false tags: | type=raw,value=stable + type=ref,event=tag type=semver,pattern={{version}} # build a docker image From 2b7877575873aaa51486ace6ce40367a94085ae9 Mon Sep 17 00:00:00 2001 From: Ronny Badilla Date: Wed, 2 Feb 2022 19:12:08 -0600 Subject: [PATCH 24/25] Update action.yml --- .github/actions/build/action.yml | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/.github/actions/build/action.yml b/.github/actions/build/action.yml index 87bb815bd3..52f53702a7 100644 --- a/.github/actions/build/action.yml +++ b/.github/actions/build/action.yml @@ -48,10 +48,8 @@ runs: if: ${{ github.event.inputs.is_production == false }} with: images: ${{ inputs.aws_account_id }}.dkr.ecr.${{ inputs.aws_region }}.amazonaws.com/openverse/frontend - flavor: | - latest=auto tags: | - type=ref,event=tag + type=raw,value=latest type=ref,event=branch # build a docker image From acc8fc2f62cb5f8cc7eabbb63ad8ecaec00bfea6 Mon Sep 17 00:00:00 2001 From: Ronny Badilla Date: Wed, 2 Feb 2022 19:35:30 -0600 Subject: [PATCH 25/25] feat: stabilize the workflows and propagate the same configuration to production environment --- .github/workflows/push_production.yaml | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/.github/workflows/push_production.yaml b/.github/workflows/push_production.yaml index 22634c494d..47779f6ee0 100644 --- a/.github/workflows/push_production.yaml +++ b/.github/workflows/push_production.yaml @@ -23,6 +23,10 @@ jobs: # build a new docker image and push it into the repository - name: docker build - uses: ./.github/workflows/build.yaml@ci/actions + uses: ./.github/actions/build with: is_production: true + AWS_REGION: ${{ secrets.AWS_REGION }} + AWS_ACCOUNT_ID: ${{ secrets.AWS_ACCOUNT_ID }} + AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} + AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}