Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

PLPT-793 - Replace dyn-, self-hosted #261

Merged
merged 4 commits into from
Apr 10, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
434 changes: 217 additions & 217 deletions .github/workflows/im-reusable-finish-build-workflow.yml

Large diffs are not rendered by default.

400 changes: 200 additions & 200 deletions .github/workflows/im-reusable-setup-build-workflow.yml

Large diffs are not rendered by default.

302 changes: 151 additions & 151 deletions .github/workflows/im-reusable-setup-deployment-workflow.yml
Original file line number Diff line number Diff line change
@@ -1,151 +1,151 @@
# The purpose of this workflow is to verify that the branch/tag/sha to deploy is a valid ref
# and for production deploys to verify that the tag is reachable from the default branch
# (meaning it has been reviewed and merged into main) and that the release is production
# ready (it is not a draft/pre-release).
# Example Usage in a repo's workflow:
# jobs:
# setup-deployment-workflow:
# uses: im-practices/.github/.github/workflows/im-reusable-setup-deployment-workflow.yml@v2
# with:
# runs-on: im-linux
# ref-to-deploy: v1.2.3
# deployment-environment: prod
# production-environments: 'prod,prod-secondary'
# default-branch: main
on:
workflow_call:
inputs:
runs-on:
description: 'The runner that this workflow will run on.'
required: false
type: string
default: 'im-linux'
ref-to-deploy:
description: The branch, tag or sha that will be deployed.
type: string
required: true
deployment-environment:
description: 'The environment that is being deployed to: dev, qa, stage, stage-secondary, uat, demo, prod, prod-secondary.'
required: true
type: string
production-environments:
description: Comma separated list of production environments to check against. Defaults to 'prod,prod-secondary'
required: false
type: string
default: 'prod,prod-secondary'
verify-release-production-ready:
description: Verify associated release is not draft or prerelease
required: false
type: boolean
default: true
default-branch:
description: Default branch of the repository
required: false
type: string
default: main
workflow-summary:
description: 'String that will override the default GitHub Summary when provided.'
type: string
required: false
jobs:
setup-deployment-workflow:
runs-on: ${{ inputs.runs-on}}
steps:
- name: Print inputs
uses: actions/github-script@v7
with:
script: |
function printInput(inputName, inputValue, isMultilineInput){
if (!inputValue || inputValue.trim().length === 0){
core.info(`${inputName}: Not Provided`);
} else if (isMultilineInput){
console.log(`\n${inputName}:\n${inputValue}`);
}
else {
core.info(`${inputName}: ${inputValue}`);
}
}
printInput('runs-on', '${{ inputs.runs-on }}');
printInput('ref-to-deploy', '${{ inputs.ref-to-deploy }}');
printInput('deployment-environment', '${{ inputs.deployment-environment }}');
printInput('production-environments', '${{ inputs.production-environments }}');
printInput('verify-release-production-ready', '${{ inputs.verify-release-production-ready }}');
printInput('default-branch', '${{ inputs.default-branch }}');
printInput('workflow-summary', process.env.SUMMARY, true);
env:
SUMMARY: ${{ inputs.workflow-summary }}
- name: Construct Workflow Summary
id: summary
uses: actions/github-script@v7
with:
script: |
let summary = process.env.SUMMARY;
if (!summary || summary.trim().length === 0){
console.log('A workflow summary was not provided. The default value will be constructed for this workflow run.');
summary = `
| Deployment Arguments | Value |
| --- | --- |
| Deployment Environment | \`${{ inputs.deployment-environment }}\` |
| Ref to Deploy | \`${{ inputs.ref-to-deploy }}\` |
| Actor | \`${{ github.actor }}\` |
| Workflow Source | \`${{ github.ref_name }}\` - SHA: \`${{ github.sha }}\` |`;
} else {
console.log('A workflow summary was provided and will be used instead of the default value.');
}
console.log('Workflow Summary:');
console.log(summary);
core.setOutput('summary', summary);
env:
SUMMARY: ${{ inputs.workflow-summary }}
- run: echo '${{ steps.summary.outputs.summary }}' >> $GITHUB_STEP_SUMMARY
# In this job, always checkout the default branch (not the tag that was provided as an input).
# Also use fetch-depth: 0 to retrieve the history and tags so we can check if a tag is
# exists, is reachable from the default branch and is production ready.
- name: Checkout Repository
uses: actions/checkout@v4
with:
ref: ${{ inputs.default-branch }}
fetch-depth: 0
- name: Verify Tag Exists
uses: im-open/[email protected]
with:
branch-tag-sha: ${{ inputs.ref-to-deploy }}
- name: Determine if deployment is to Prod
id: check-env
uses: actions/github-script@v7
with:
script: |
const prodEnvsRaw = '${{ inputs.production-environments }}';
if (!prodEnvsRaw || prodEnvsRaw.length === 0){
core.setFailure('A list of production environments must be provided.');
return;
}
const prodEnvs = prodEnvsRaw.split(',').map(e => e.trim());
const deploymentEnv = '${{ inputs.deployment-environment }}'.trim();
const isProd = prodEnvs.includes(deploymentEnv);
core.setOutput('IS_PROD', isProd);
- uses: im-open/is-tag-reachable-from-default-branch@v1
if: steps.check-env.outputs.IS_PROD == 'true'
with:
tag: ${{ inputs.ref-to-deploy }}
default-branch: ${{ inputs.default-branch }}
error-if-not-reachable: true # This only runs for prod environments, so if the tag is not in main, it should fail
- uses: im-open/is-release-production-ready@v1
if: steps.check-env.outputs.IS_PROD == 'true' && inputs.verify-release-production-ready == 'true'
with:
token: ${{ secrets.GITHUB_TOKEN }}
release-tag: ${{ inputs.ref-to-deploy }}
fail-for-prerelease: true # This only runs for prod environments, so if the release is not production ready it should fail
# The purpose of this workflow is to verify that the branch/tag/sha to deploy is a valid ref
# and for production deploys to verify that the tag is reachable from the default branch
# (meaning it has been reviewed and merged into main) and that the release is production
# ready (it is not a draft/pre-release).

# Example Usage in a repo's workflow:
# jobs:
# setup-deployment-workflow:
# uses: im-practices/.github/.github/workflows/im-reusable-setup-deployment-workflow.yml@v2
# with:
# runs-on: im-linux
# ref-to-deploy: v1.2.3
# deployment-environment: prod
# production-environments: 'prod,prod-secondary'
# default-branch: main

on:
workflow_call:
inputs:
runs-on:
description: 'The runner that this workflow will run on.'
required: false
type: string
default: 'im-linux'
ref-to-deploy:
description: The branch, tag or sha that will be deployed.
type: string
required: true
deployment-environment:
description: 'The environment that is being deployed to: dev, qa, stage, stage-secondary, uat, demo, prod, prod-secondary.'
required: true
type: string
production-environments:
description: Comma separated list of production environments to check against. Defaults to 'prod,prod-secondary'
required: false
type: string
default: 'prod,prod-secondary'
verify-release-production-ready:
description: Verify associated release is not draft or prerelease
required: false
type: boolean
default: true
default-branch:
description: Default branch of the repository
required: false
type: string
default: main
workflow-summary:
description: 'String that will override the default GitHub Summary when provided.'
type: string
required: false

jobs:
setup-deployment-workflow:
runs-on: ${{ inputs.runs-on}}

steps:
- name: Print inputs
uses: actions/github-script@v7
with:
script: |
function printInput(inputName, inputValue, isMultilineInput){
if (!inputValue || inputValue.trim().length === 0){
core.info(`${inputName}: Not Provided`);
} else if (isMultilineInput){
console.log(`\n${inputName}:\n${inputValue}`);
}
else {
core.info(`${inputName}: ${inputValue}`);
}
}
printInput('runs-on', '${{ inputs.runs-on }}');
printInput('ref-to-deploy', '${{ inputs.ref-to-deploy }}');
printInput('deployment-environment', '${{ inputs.deployment-environment }}');
printInput('production-environments', '${{ inputs.production-environments }}');
printInput('verify-release-production-ready', '${{ inputs.verify-release-production-ready }}');
printInput('default-branch', '${{ inputs.default-branch }}');
printInput('workflow-summary', process.env.SUMMARY, true);

env:
SUMMARY: ${{ inputs.workflow-summary }}

- name: Construct Workflow Summary
id: summary
uses: actions/github-script@v7
with:
script: |
let summary = process.env.SUMMARY;
if (!summary || summary.trim().length === 0){
console.log('A workflow summary was not provided. The default value will be constructed for this workflow run.');
summary = `
| Deployment Arguments | Value |
| --- | --- |
| Deployment Environment | \`${{ inputs.deployment-environment }}\` |
| Ref to Deploy | \`${{ inputs.ref-to-deploy }}\` |
| Actor | \`${{ github.actor }}\` |
| Workflow Source | \`${{ github.ref_name }}\` - SHA: \`${{ github.sha }}\` |`;
} else {
console.log('A workflow summary was provided and will be used instead of the default value.');
}
console.log('Workflow Summary:');
console.log(summary);
core.setOutput('summary', summary);
env:
SUMMARY: ${{ inputs.workflow-summary }}

- run: echo '${{ steps.summary.outputs.summary }}' >> $GITHUB_STEP_SUMMARY

# In this job, always checkout the default branch (not the tag that was provided as an input).
# Also use fetch-depth: 0 to retrieve the history and tags so we can check if a tag is
# exists, is reachable from the default branch and is production ready.
- name: Checkout Repository
uses: actions/checkout@v4
with:
ref: ${{ inputs.default-branch }}
fetch-depth: 0

- name: Verify Tag Exists
uses: im-open/[email protected]
with:
branch-tag-sha: ${{ inputs.ref-to-deploy }}

- name: Determine if deployment is to Prod
id: check-env
uses: actions/github-script@v7
with:
script: |
const prodEnvsRaw = '${{ inputs.production-environments }}';
if (!prodEnvsRaw || prodEnvsRaw.length === 0){
core.setFailure('A list of production environments must be provided.');
return;
}
const prodEnvs = prodEnvsRaw.split(',').map(e => e.trim());
const deploymentEnv = '${{ inputs.deployment-environment }}'.trim();

const isProd = prodEnvs.includes(deploymentEnv);
core.setOutput('IS_PROD', isProd);

- uses: im-open/is-tag-reachable-from-default-branch@v1
if: steps.check-env.outputs.IS_PROD == 'true'
with:
tag: ${{ inputs.ref-to-deploy }}
default-branch: ${{ inputs.default-branch }}
error-if-not-reachable: true # This only runs for prod environments, so if the tag is not in main, it should fail

- uses: im-open/is-release-production-ready@v1
if: steps.check-env.outputs.IS_PROD == 'true' && inputs.verify-release-production-ready == 'true'
with:
token: ${{ secrets.GITHUB_TOKEN }}
release-tag: ${{ inputs.ref-to-deploy }}
fail-for-prerelease: true # This only runs for prod environments, so if the release is not production ready it should fail
Loading
Loading