From ded7a1e46ac2bbe8d90714ee2a400d55eaea204c Mon Sep 17 00:00:00 2001 From: philmcmahon Date: Mon, 2 Oct 2023 10:08:07 +0100 Subject: [PATCH 01/12] Add github actions workflow --- .github/workflows/build.yml | 57 +++++++++++++++++++++++++++++++++++++ 1 file changed, 57 insertions(+) create mode 100644 .github/workflows/build.yml diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml new file mode 100644 index 00000000..e7ce3ab3 --- /dev/null +++ b/.github/workflows/build.yml @@ -0,0 +1,57 @@ +# Find full documentation here https://docs.github.com/en/actions/learn-github-actions/workflow-syntax-for-github-actions +name: CI + +on: + pull_request: + + # Manual invocation. + workflow_dispatch: + + push: + branches: + - "main" +jobs: + CI: + runs-on: ubuntu-latest + + # See https://docs.github.com/en/actions/security-guides/automatic-token-authentication#permissions-for-the-github_token + permissions: + # required by aws-actions/configure-aws-credentials + id-token: write + contents: read + steps: + - uses: actions/checkout@v4 + + # Setup AWS credentials to enable uploading to S3 for Riff-Raff. + # See https://github.com/aws-actions/configure-aws-credentials + - uses: aws-actions/configure-aws-credentials@v4 + name: setup-riffraff-credentials + with: + role-to-assume: ${{ secrets.GU_RIFF_RAFF_ROLE_ARN }} + aws-region: eu-west-1 + unset-current-credentials: true + + # Setup Node, checking common Node config files to determine the version of Node to use. + # Configuring caching is also recommended. + # See https://github.com/guardian/actions-setup-node + - name: Setup Node + uses: actions/setup-node@v3 + with: + node-version-file: frontend/.nvmrc + + # Configuring caching is also recommended. + # See https://github.com/actions/setup-java + - name: Setup Java 8 + uses: actions/setup-java@v3 + with: + java-version: '11' + distribution: 'adopt' + + # 1. Seed the build number with last number from TeamCity. + # Update `LAST_TEAMCITY_BUILD` as needed or remove entirely if changing Riff-Raff project name. + # See https://github.com/github/scripts-to-rule-them-all + - name: Run script/teamcity + run: | + LAST_TEAMCITY_BUILD=5000 + export BUILD_NUMBER=$(( $GITHUB_RUN_NUMBER + $LAST_TEAMCITY_BUILD )) + ./scripts/teamcity.sh From d59fa0e4073f32cd8327fddd7187eca922771423 Mon Sep 17 00:00:00 2001 From: philmcmahon Date: Mon, 2 Oct 2023 10:09:18 +0100 Subject: [PATCH 02/12] Run on every push --- .github/workflows/build.yml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index e7ce3ab3..daa1eced 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -8,8 +8,7 @@ on: workflow_dispatch: push: - branches: - - "main" + jobs: CI: runs-on: ubuntu-latest From ae375d07e74126d2c6201f64cb23ad219f88bc80 Mon Sep 17 00:00:00 2001 From: philmcmahon Date: Mon, 2 Oct 2023 10:10:45 +0100 Subject: [PATCH 03/12] fix node version location --- .github/workflows/build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index daa1eced..b5a9f6dc 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -36,7 +36,7 @@ jobs: - name: Setup Node uses: actions/setup-node@v3 with: - node-version-file: frontend/.nvmrc + node-version-file: .nvmrc # Configuring caching is also recommended. # See https://github.com/actions/setup-java From 2d4c976faa8053a7140b811d650366b54657f229 Mon Sep 17 00:00:00 2001 From: philmcmahon Date: Mon, 2 Oct 2023 11:03:24 +0100 Subject: [PATCH 04/12] Remove pdfjs-dist copy step in case JDeb behaves differently on GHA --- .github/workflows/build.yml | 8 ++++---- scripts/teamcity.sh | 2 +- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index b5a9f6dc..c7d09ffe 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -2,12 +2,12 @@ name: CI on: - pull_request: - # Manual invocation. workflow_dispatch: - push: + # None of the projects in this build are in use so all auto-building is disabled +# push: +# pull_request: jobs: CI: @@ -53,4 +53,4 @@ jobs: run: | LAST_TEAMCITY_BUILD=5000 export BUILD_NUMBER=$(( $GITHUB_RUN_NUMBER + $LAST_TEAMCITY_BUILD )) - ./scripts/teamcity.sh + ./scripts/teamcity.sh diff --git a/scripts/teamcity.sh b/scripts/teamcity.sh index 29e6c519..8f7cde1a 100755 --- a/scripts/teamcity.sh +++ b/scripts/teamcity.sh @@ -21,7 +21,7 @@ popd cp -r frontend/build/* backend/public # Replace the symbolic link we use in dev with the actual file. # On Teamcity the JDeb build doesn't seem to follow the symbolic link while packaging, weirdly -cp frontend/node_modules/pdfjs-dist/build/pdf.worker.min.js backend/public/third-party/pdf.worker.min.js +#cp frontend/node_modules/pdfjs-dist/build/pdf.worker.min.js backend/public/third-party/pdf.worker.min.js #Use java 11 export JAVA_HOME=/usr/lib/jvm/java-11-amazon-corretto From 903dccecf9c1ecb3ecba36181be05118da89078f Mon Sep 17 00:00:00 2001 From: philmcmahon Date: Mon, 2 Oct 2023 11:05:56 +0100 Subject: [PATCH 05/12] Run on push --- .github/workflows/build.yml | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index c7d09ffe..76db7328 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -5,9 +5,7 @@ on: # Manual invocation. workflow_dispatch: - # None of the projects in this build are in use so all auto-building is disabled -# push: -# pull_request: + push: jobs: CI: From 103a8ee3e696a9cb3c0c82b808b8dac9a0617389 Mon Sep 17 00:00:00 2001 From: philmcmahon Date: Mon, 2 Oct 2023 11:26:16 +0100 Subject: [PATCH 06/12] try fix build number --- .github/workflows/build.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 76db7328..ccab3b7e 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -50,5 +50,5 @@ jobs: - name: Run script/teamcity run: | LAST_TEAMCITY_BUILD=5000 - export BUILD_NUMBER=$(( $GITHUB_RUN_NUMBER + $LAST_TEAMCITY_BUILD )) - ./scripts/teamcity.sh + export GITHUB_RUN_NUMBER=$(( $GITHUB_RUN_NUMBER + $LAST_TEAMCITY_BUILD )) + ./scripts/teamcity.sh From 374f3808d63087db6909e655aed53b95fabb19bb Mon Sep 17 00:00:00 2001 From: philmcmahon Date: Mon, 2 Oct 2023 11:33:35 +0100 Subject: [PATCH 07/12] Document removal of cp pdf command --- scripts/teamcity.sh | 3 +++ 1 file changed, 3 insertions(+) diff --git a/scripts/teamcity.sh b/scripts/teamcity.sh index 8f7cde1a..5d9b552b 100755 --- a/scripts/teamcity.sh +++ b/scripts/teamcity.sh @@ -21,6 +21,9 @@ popd cp -r frontend/build/* backend/public # Replace the symbolic link we use in dev with the actual file. # On Teamcity the JDeb build doesn't seem to follow the symbolic link while packaging, weirdly +# NOTE: On Github actions this seems to work, and in fact it will complain if you try and run the below line +# because it thinks that the two files are the same. So could be removed at some point but let's leave it for +# a bit in case e.g. github actions custom runners have similar issues #cp frontend/node_modules/pdfjs-dist/build/pdf.worker.min.js backend/public/third-party/pdf.worker.min.js #Use java 11 From c8fb361247f7c7e7087abfd80437cdf131d2650a Mon Sep 17 00:00:00 2001 From: philmcmahon Date: Mon, 2 Oct 2023 12:26:22 +0100 Subject: [PATCH 08/12] Remove unnecessary unset-current-crednetials parameter --- .github/workflows/build.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index ccab3b7e..35638847 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -26,7 +26,6 @@ jobs: with: role-to-assume: ${{ secrets.GU_RIFF_RAFF_ROLE_ARN }} aws-region: eu-west-1 - unset-current-credentials: true # Setup Node, checking common Node config files to determine the version of Node to use. # Configuring caching is also recommended. From 093f3b96c230bf586dc49c710fee219520b431ef Mon Sep 17 00:00:00 2001 From: philmcmahon Date: Mon, 2 Oct 2023 13:16:33 +0100 Subject: [PATCH 09/12] Tidy up documentation --- .github/workflows/build.yml | 4 ---- 1 file changed, 4 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 35638847..8bfd0e9e 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -27,7 +27,6 @@ jobs: role-to-assume: ${{ secrets.GU_RIFF_RAFF_ROLE_ARN }} aws-region: eu-west-1 - # Setup Node, checking common Node config files to determine the version of Node to use. # Configuring caching is also recommended. # See https://github.com/guardian/actions-setup-node - name: Setup Node @@ -43,9 +42,6 @@ jobs: java-version: '11' distribution: 'adopt' - # 1. Seed the build number with last number from TeamCity. - # Update `LAST_TEAMCITY_BUILD` as needed or remove entirely if changing Riff-Raff project name. - # See https://github.com/github/scripts-to-rule-them-all - name: Run script/teamcity run: | LAST_TEAMCITY_BUILD=5000 From cacfb127ad6cf4417513807ce552ff3b78f23007 Mon Sep 17 00:00:00 2001 From: philmcmahon Date: Mon, 2 Oct 2023 13:19:14 +0100 Subject: [PATCH 10/12] more docs tidying --- .github/workflows/build.yml | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 8bfd0e9e..ad7e4176 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -27,14 +27,13 @@ jobs: role-to-assume: ${{ secrets.GU_RIFF_RAFF_ROLE_ARN }} aws-region: eu-west-1 - # Configuring caching is also recommended. - # See https://github.com/guardian/actions-setup-node + # TODO: configure caching - name: Setup Node uses: actions/setup-node@v3 with: node-version-file: .nvmrc - # Configuring caching is also recommended. + # TODO: configure caching # See https://github.com/actions/setup-java - name: Setup Java 8 uses: actions/setup-java@v3 From 9396cca177822fe89ccda1068ac69a45bfcae981 Mon Sep 17 00:00:00 2001 From: philmcmahon Date: Mon, 2 Oct 2023 13:23:59 +0100 Subject: [PATCH 11/12] Remove redundant nvm code, rename teamcity.sh>ci.sh --- .github/workflows/build.yml | 4 ++-- riff-raff.yaml | 2 +- scripts/{teamcity.sh => ci.sh} | 6 ------ 3 files changed, 3 insertions(+), 9 deletions(-) rename scripts/{teamcity.sh => ci.sh} (92%) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index ad7e4176..6e61c257 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -35,7 +35,7 @@ jobs: # TODO: configure caching # See https://github.com/actions/setup-java - - name: Setup Java 8 + - name: Setup Java uses: actions/setup-java@v3 with: java-version: '11' @@ -45,4 +45,4 @@ jobs: run: | LAST_TEAMCITY_BUILD=5000 export GITHUB_RUN_NUMBER=$(( $GITHUB_RUN_NUMBER + $LAST_TEAMCITY_BUILD )) - ./scripts/teamcity.sh + ./scripts/ci.sh diff --git a/riff-raff.yaml b/riff-raff.yaml index 7feba1df..5b94e584 100644 --- a/riff-raff.yaml +++ b/riff-raff.yaml @@ -1,4 +1,4 @@ -# We implement deploying to multiple stages by doing multiple builds in `teamcity.sh` +# We implement deploying to multiple stages by doing multiple builds in `ci.sh` # updating all references to `pfi-playground` in this file between each. stacks: [pfi-playground] regions: [eu-west-1] diff --git a/scripts/teamcity.sh b/scripts/ci.sh similarity index 92% rename from scripts/teamcity.sh rename to scripts/ci.sh index 5d9b552b..109fab30 100755 --- a/scripts/teamcity.sh +++ b/scripts/ci.sh @@ -4,12 +4,6 @@ set -e # Make Create React App treat warnings as errors export CI=true -export NVM_DIR="$HOME/.nvm" -[[ -s "$NVM_DIR/nvm.sh" ]] && . "$NVM_DIR/nvm.sh" # This loads nvm - -nvm install -nvm use - pushd frontend npm install From 02fb3626c0c0116a03838c8ffefd8bd3fa6d6f28 Mon Sep 17 00:00:00 2001 From: philmcmahon Date: Mon, 2 Oct 2023 13:26:04 +0100 Subject: [PATCH 12/12] Only set CI=true once --- scripts/ci.sh | 3 --- 1 file changed, 3 deletions(-) diff --git a/scripts/ci.sh b/scripts/ci.sh index 109fab30..05d76602 100755 --- a/scripts/ci.sh +++ b/scripts/ci.sh @@ -1,9 +1,6 @@ #!/usr/bin/env bash set -e -# Make Create React App treat warnings as errors -export CI=true - pushd frontend npm install