-
Notifications
You must be signed in to change notification settings - Fork 300
149 lines (140 loc) · 6.07 KB
/
publish-latest.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
# Description: this workflow publishes UI packages to `latest` tag on NPM.
#
# Triggered by: whenever "Version Packages" is merged to `main`
# If successful, we will publish all updated UI packages to NPM.
name: Test and Publish / latest
on:
push:
branches: [main]
permissions:
id-token: write # This is required for requesting the JWT
contents: write # Used to push tags to GitHub
jobs:
setup:
runs-on: ubuntu-latest
outputs:
has-changesets: ${{ steps.has-changesets.outputs.has-changesets }}
steps:
- name: Checkout repo
uses: actions/checkout@24cb9080177205b6e8c946b17badbe402adc938f # v3.4.0 https://github.com/actions/checkout/commit/24cb9080177205b6e8c946b17badbe402adc938f
with:
# This makes Actions fetch all Git history so that Changesets can generate changelogs with the correct commits
fetch-depth: 0
- name: Check if repo has unconsumed changesets
id: has-changesets
uses: ./.github/actions/has-changesets
# Note: if there are no changesets, that means that either
# (1) "Version Packages" PR was just merged, or
# (2) no commits with changesets have been merged after packages were last published.
#
# In either way, we'll attempt to publish the packages. In case of (1), publish will succeed. In
# case of (2), `@changesets/action` will know that UI packages have already published and will
# skip publish.
build-test:
runs-on: ubuntu-latest
needs: setup
environment: ci
if: ${{ needs.setup.outputs.has-changesets != 'true' }}
steps:
- name: Checkout repo
uses: actions/checkout@24cb9080177205b6e8c946b17badbe402adc938f # v3.4.0 https://github.com/actions/checkout/commit/24cb9080177205b6e8c946b17badbe402adc938f
- name: Setup Node.js 20
uses: actions/setup-node@64ed1c7eab4cce3362f8c340dee64e5eaeef8f7c # v3.6.0 https://github.com/actions/setup-node/commit/64ed1c7eab4cce3362f8c340dee64e5eaeef8f7c
with:
node-version: 20
cache: 'yarn'
env:
SEGMENT_DOWNLOAD_TIMEOUT_MINS: 2
- name: Add Amplify CLI
run: yarn global add @aws-amplify/cli
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@e1e17a757e536f70e52b5a12b2e8d1d1c60e04ef # v2.0.0 https://github.com/aws-actions/configure-aws-credentials/commit/e1e17a757e536f70e52b5a12b2e8d1d1c60e04ef
with:
aws-region: us-east-2
role-to-assume: ${{ secrets.AUTH_E2E_ROLE_ARN }}
# Amplify CLI does not support headless pull with temporary credentials
# when useProfile is false.
# See: https://github.com/aws-amplify/amplify-cli/issues/11009.
- name: Create temp AWS profile
run: |
aws configure set aws_access_key_id $AWS_ACCESS_KEY_ID && \
aws configure set aws_secret_access_key $AWS_SECRET_ACCESS_KEY && \
aws configure set aws_session_token $AWS_SESSION_TOKEN && \
aws configure set default.region $AWS_REGION
- name: Pull down AWS environments
run: yarn pull
working-directory: ./canary
- name: Delete AWS Profile
run: rm -rf ~/.aws
- name: Setup canary apps against @next
run: yarn setup:next
working-directory: ./canary
- name: Run yarn install on each sample app
run: yarn install
working-directory: ./canary
- name: Run yarn build on each sample app
run: yarn build
working-directory: ./canary
publish:
runs-on: ubuntu-latest
environment: deployment
needs: build-test
if: ${{ needs.setup.outputs.has-changesets != 'true' }}
steps:
- name: Checkout repo
uses: actions/checkout@24cb9080177205b6e8c946b17badbe402adc938f # v3.4.0 https://github.com/actions/checkout/commit/24cb9080177205b6e8c946b17badbe402adc938f
with:
# This makes Actions fetch all Git history so that Changesets can generate changelogs with the correct commits
fetch-depth: 0
- name: Setup Node.js 20
uses: actions/setup-node@64ed1c7eab4cce3362f8c340dee64e5eaeef8f7c # v3.6.0 https://github.com/actions/setup-node/commit/64ed1c7eab4cce3362f8c340dee64e5eaeef8f7c
with:
node-version: 20
cache: 'yarn'
env:
SEGMENT_DOWNLOAD_TIMEOUT_MINS: 2
- name: Install packages
uses: ./.github/actions/install-with-retries
with:
skip-cypress-binary: true # publishing doesn't need cypress
- name: Build packages
run: yarn build
- name: Publish to @latest
uses: changesets/action@b98cec97583b917ff1dc6179dd4d230d3e439894
with:
publish: yarn publish:latest
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
- name: Trigger build for prod liveness sample app pointing at latest tag
run: curl -X POST -d {} $ENDPOINT -H "Content-Type:application/json"
env:
ENDPOINT: ${{ secrets.LIVENESS_PROD_SAMPLE_APP_BUILD_TRIGGER }}
log-failure-metric:
# Send a failure data point to metric PublishLatestFailure in github-workflows@ us-east-2
runs-on: ubuntu-latest
environment: ci
needs: publish
if: ${{ failure() }}
steps:
- name: Log failure data point to metric PublishLatestFailure
uses: aws-amplify/amplify-ui/.github/actions/log-metric@main
with:
metric-name: PublishLatestFailure
value: 1
role-to-assume: ${{ secrets.METRIC_LOGGER_ROLE_ARN }}
aws-region: us-east-2
log-success-metric:
# Send a success data point to metric PublishLatestFailure in github-workflows@ us-east-2
runs-on: ubuntu-latest
environment: ci
needs: publish
if: ${{ success() }}
steps:
- name: Log success data point to metric PublishLatestFailure
uses: aws-amplify/amplify-ui/.github/actions/log-metric@main
with:
metric-name: PublishLatestFailure
value: 0
role-to-assume: ${{ secrets.METRIC_LOGGER_ROLE_ARN }}
aws-region: us-east-2