Version Packages (#4519) #1931
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Description: this workflow publishes UI packages to `latest` tag on NPM. | |
# | |
# Triggered by: whenever "Version Packages" is merged to `main` | |
# If successful, we will publish all updated UI packages to NPM. | |
name: Test and Publish / latest | |
on: | |
push: | |
branches: [main] | |
permissions: | |
id-token: write # This is required for requesting the JWT | |
contents: write # Used to push tags to GitHub | |
jobs: | |
setup: | |
runs-on: ubuntu-latest | |
outputs: | |
has-changesets: ${{ steps.has-changesets.outputs.has-changesets }} | |
steps: | |
- name: Checkout repo | |
uses: actions/checkout@24cb9080177205b6e8c946b17badbe402adc938f # v3.4.0 https://github.com/actions/checkout/commit/24cb9080177205b6e8c946b17badbe402adc938f | |
with: | |
# This makes Actions fetch all Git history so that Changesets can generate changelogs with the correct commits | |
fetch-depth: 0 | |
- name: Check if repo has unconsumed changesets | |
id: has-changesets | |
uses: ./.github/actions/has-changesets | |
# Note: if there are no changesets, that means that either | |
# (1) "Version Packages" PR was just merged, or | |
# (2) no commits with changesets have been merged after packages were last published. | |
# | |
# In either way, we'll attempt to publish the packages. In case of (1), publish will succeed. In | |
# case of (2), `@changesets/action` will know that UI packages have already published and will | |
# skip publish. | |
build-test: | |
runs-on: ubuntu-latest | |
needs: setup | |
environment: ci | |
if: ${{ needs.setup.outputs.has-changesets != 'true' }} | |
steps: | |
- name: Checkout repo | |
uses: actions/checkout@24cb9080177205b6e8c946b17badbe402adc938f # v3.4.0 https://github.com/actions/checkout/commit/24cb9080177205b6e8c946b17badbe402adc938f | |
- name: Setup Node.js 16 | |
uses: actions/setup-node@64ed1c7eab4cce3362f8c340dee64e5eaeef8f7c # v3.6.0 https://github.com/actions/setup-node/commit/64ed1c7eab4cce3362f8c340dee64e5eaeef8f7c | |
with: | |
node-version: 16 | |
cache: 'yarn' | |
env: | |
SEGMENT_DOWNLOAD_TIMEOUT_MINS: 2 | |
- name: Add Amplify CLI | |
run: yarn global add @aws-amplify/cli | |
- name: Configure AWS credentials | |
uses: aws-actions/configure-aws-credentials@e1e17a757e536f70e52b5a12b2e8d1d1c60e04ef # v2.0.0 https://github.com/aws-actions/configure-aws-credentials/commit/e1e17a757e536f70e52b5a12b2e8d1d1c60e04ef | |
with: | |
aws-region: us-east-2 | |
role-to-assume: ${{ secrets.AUTH_E2E_ROLE_ARN }} | |
# Amplify CLI does not support headless pull with temporary credentials | |
# when useProfile is false. | |
# See: https://github.com/aws-amplify/amplify-cli/issues/11009. | |
- name: Create temp AWS profile | |
run: | | |
aws configure set aws_access_key_id $AWS_ACCESS_KEY_ID && \ | |
aws configure set aws_secret_access_key $AWS_SECRET_ACCESS_KEY && \ | |
aws configure set aws_session_token $AWS_SESSION_TOKEN && \ | |
aws configure set default.region $AWS_REGION | |
- name: Pull down AWS environments | |
run: yarn pull | |
working-directory: ./canary | |
- name: Delete AWS Profile | |
run: rm -rf ~/.aws | |
- name: Setup canary apps against @next | |
run: yarn setup:next | |
working-directory: ./canary | |
- name: Run yarn install on each sample app | |
run: yarn install | |
working-directory: ./canary | |
- name: Run yarn build on each sample app | |
run: yarn build | |
working-directory: ./canary | |
publish: | |
runs-on: ubuntu-latest | |
environment: deployment | |
needs: build-test | |
if: ${{ needs.setup.outputs.has-changesets != 'true' }} | |
steps: | |
- name: Checkout repo | |
uses: actions/checkout@24cb9080177205b6e8c946b17badbe402adc938f # v3.4.0 https://github.com/actions/checkout/commit/24cb9080177205b6e8c946b17badbe402adc938f | |
with: | |
# This makes Actions fetch all Git history so that Changesets can generate changelogs with the correct commits | |
fetch-depth: 0 | |
- name: Setup Node.js 16 | |
uses: actions/setup-node@64ed1c7eab4cce3362f8c340dee64e5eaeef8f7c # v3.6.0 https://github.com/actions/setup-node/commit/64ed1c7eab4cce3362f8c340dee64e5eaeef8f7c | |
with: | |
node-version: 16 | |
cache: 'yarn' | |
env: | |
SEGMENT_DOWNLOAD_TIMEOUT_MINS: 2 | |
- name: Install packages | |
uses: ./.github/actions/install-with-retries | |
with: | |
skip-cypress-binary: true # publishing doesn't need cypress | |
- name: Build packages | |
run: yarn build | |
- name: Publish to @latest | |
uses: changesets/action@b98cec97583b917ff1dc6179dd4d230d3e439894 | |
with: | |
publish: yarn publish:latest | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
NPM_TOKEN: ${{ secrets.NPM_TOKEN }} | |
- name: Trigger build for prod liveness sample app pointing at latest tag | |
run: curl -X POST -d {} $ENDPOINT -H "Content-Type:application/json" | |
env: | |
ENDPOINT: ${{ secrets.LIVENESS_PROD_SAMPLE_APP_BUILD_TRIGGER }} | |
log-failure-metric: | |
# Send a failure data point to metric PublishLatestFailure in github-workflows@ us-east-2 | |
runs-on: ubuntu-latest | |
environment: ci | |
needs: publish | |
if: ${{ failure() }} | |
steps: | |
- name: Log failure data point to metric PublishLatestFailure | |
uses: aws-amplify/amplify-ui/.github/actions/log-metric@main | |
with: | |
metric-name: PublishLatestFailure | |
value: 1 | |
role-to-assume: ${{ secrets.METRIC_LOGGER_ROLE_ARN }} | |
aws-region: us-east-2 | |
log-success-metric: | |
# Send a success data point to metric PublishLatestFailure in github-workflows@ us-east-2 | |
runs-on: ubuntu-latest | |
environment: ci | |
needs: publish | |
if: ${{ success() }} | |
steps: | |
- name: Log success data point to metric PublishLatestFailure | |
uses: aws-amplify/amplify-ui/.github/actions/log-metric@main | |
with: | |
metric-name: PublishLatestFailure | |
value: 0 | |
role-to-assume: ${{ secrets.METRIC_LOGGER_ROLE_ARN }} | |
aws-region: us-east-2 |