Skip to content

Build

Build #2665

Workflow file for this run

name: Build
on:
pull_request:
types: [opened]
branches:
- "release-please--**"
push:
branches:
- "release-please--**"
workflow_dispatch:
concurrency:
group: ${{ github.workflow }}-${{ github.event.pull_request.number }}
cancel-in-progress: true
env:
PARABOL_DOCKERFILE: ./docker/images/parabol-ubi/dockerfiles/basic.dockerfile
PARABOL_BUILD_ENV_PATH: docker/images/parabol-ubi/environments/pipeline
jobs:
build:
runs-on: ubuntu-8cores
timeout-minutes: 30
permissions:
contents: "read"
id-token: "write"
services:
postgres:
image: pgvector/pgvector:0.7.0-pg16
# This env variables must be the same in the file PARABOL_BUILD_ENV_PATH
env:
POSTGRES_PASSWORD: "temppassword"
POSTGRES_USER: "tempuser"
POSTGRES_DB: "tempdb"
ports:
- 5432:5432
redis:
image: redis:7.0-alpine
ports:
- 6379:6379
steps:
- name: Checkout
uses: actions/checkout@v3
- name: Setup environment variables
run: |
ACTION_VERSION=$(grep '"version":' package.json | cut -d\" -f4)
echo "ACTION_VERSION=${ACTION_VERSION}" >> $GITHUB_ENV
echo "NODE_VERSION=$(jq -r -j '.engines.node|ltrimstr("^")' package.json)" >> $GITHUB_ENV
DOCKER_REPOSITORY_FOR_REF=${{ secrets.GCP_AR_PARABOL_DEV }}
echo "DOCKER_REPOSITORY_FOR_REF=${{ secrets.GCP_AR_PARABOL_DEV }}" >> $GITHUB_ENV
- name: Setup Node
uses: actions/setup-node@v3
with:
node-version-file: package.json
# Caching yarn dir & running yarn install is too slow
# Instead, we aggressively cache node_modules below to avoid calling install
- name: Get cached node modules
id: cache
uses: actions/cache@v3
with:
path: |
**/node_modules
key: node_modules-${{ runner.arch }}-${{ env.NODE_VERSION }}-${{ hashFiles('yarn.lock') }}
- name: Install node_modules
if: steps.cache.outputs.cache-hit != 'true'
run: yarn install --immutable
- name: Build the DBs
run: |
cp ${{ env.PARABOL_BUILD_ENV_PATH }} ./.env
yarn kysely migrate:latest
yarn pg:build
yarn pg:generate
- name: Build for release
env:
NODE_OPTIONS: "--max_old_space_size=8192"
run: yarn build --no-deps
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
with:
buildkitd-flags: "--allow-insecure-entitlement network.host"
driver-opts: network=host
- id: "auth"
name: "Authenticate to Google Cloud"
uses: "google-github-actions/auth@v1"
with:
token_format: "access_token"
workload_identity_provider: ${{ secrets.GCP_WI_PROVIDER_NAME }}
service_account: ${{ secrets.GCP_SA_EMAIL }}
- uses: "docker/login-action@v2"
with:
registry: ${{ secrets.GCP_DOCKER_REGISTRY }}
username: "oauth2accesstoken"
password: "${{ steps.auth.outputs.access_token }}"
- name: Push build to dev
uses: docker/build-push-action@v4
with:
network: host
allow: network.host
provenance: false
file: ${{ env.PARABOL_DOCKERFILE }}
context: .
build-args: |
"_NODE_VERSION=${{ env.NODE_VERSION }}"
push: true
tags: |
"${{ secrets.GCP_AR_PARABOL_DEV }}:${{github.sha}}"
- name: Push Artifacts to Sentry
uses: getsentry/action-release@v1
env:
SENTRY_AUTH_TOKEN: "${{secrets.SENTRY_AUTH_TOKEN}}"
SENTRY_ORG: "parabol"
SENTRY_PROJECT: "action-production"
with:
environment: "production"
sourcemaps: "./build"
version: ${{env.ACTION_VERSION}}
- name: Push Artifacts to Datadog
env:
DATADOG_API_KEY: "${{secrets.DATADOG_API_KEY}}"
CDN_BUILD_URL: "https://action-files.parabol.co/production/build/"
run: |
yarn datadog-ci sourcemaps upload ./build \
--service=parabol-saas-production \
--release-version=${{env.ACTION_VERSION}} \
--minified-path-prefix=${{env.CDN_BUILD_URL}}
- name: Report Status
if: failure()
uses: ravsamhq/notify-slack-action@v2
with:
status: ${{ job.status }}
notify_when: "failure"
env:
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_GH_ACTIONS_NOTIFICATIONS }}