diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml new file mode 100644 index 0000000..04d9cbb --- /dev/null +++ b/.github/workflows/ci.yml @@ -0,0 +1,72 @@ +name: CI + +on: + pull_request: + types: [opened, synchronize, reopened, ready_for_review] + +concurrency: + group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }} + cancel-in-progress: true + +jobs: + set-variables: + name: Set variables + runs-on: ubuntu-latest + timeout-minutes: 10 + outputs: + VERSION: ${{ steps.version.outputs.VERSION }} + steps: + - name: Define version + id: version + run: | + export COMMIT_SHA=${{ github.sha }} + export COMMIT_SHA_SHORT=${COMMIT_SHA:0:8} + export REF_NAME=${{ github.ref_name }} + export REF_SLUG=${REF_NAME//\//_} + echo "short sha: ${COMMIT_SHA_SHORT} slug: ${REF_SLUG}" + if [[ ${REF_SLUG} == "master" ]] + then + export VERSION=${REF_SLUG}-${COMMIT_SHA_SHORT} + echo "VERSION=${VERSION}" >> $GITHUB_OUTPUT + else + export VERSION=${REF_SLUG} + echo "VERSION=${VERSION}" >> $GITHUB_OUTPUT + fi + echo "set COMMIT_SHA_SHORT=${COMMIT_SHA_SHORT}" + echo "set VERSION=${VERSION}" + ci: + name: Run lint, test + runs-on: ubuntu-latest + timeout-minutes: 10 + steps: + - name: Check out the repo + uses: actions/checkout@v4 + - uses: actions/setup-node@v4 + with: + node-version: 22 + - name: Tests + run: | + yarn --immutable + yarn lint + yarn test + + build_image: + name: Build docker image + runs-on: ubuntu-latest + needs: [set-variables] + timeout-minutes: 10 + env: + VERSION: ${{ needs.set-variables.outputs.VERSION }} + IMAGE_NAME: "docker.io/paritytech/substrate-tip-bot" + steps: + - name: Check out the repo + uses: actions/checkout@v4 + + - name: Build Docker image + uses: docker/build-push-action@v5 + with: + context: . + file: ./Dockerfile + push: false + tags: | + ${{ env.IMAGE_NAME }}:${{ env.VERSION }} diff --git a/.github/workflows/gitspiegel-trigger.yml b/.github/workflows/gitspiegel-trigger.yml deleted file mode 100644 index dce3aaf..0000000 --- a/.github/workflows/gitspiegel-trigger.yml +++ /dev/null @@ -1,22 +0,0 @@ -name: gitspiegel sync - -# This workflow doesn't do anything, it's only use is to trigger "workflow_run" -# webhook, that'll be consumed by gitspiegel -# This way, gitspiegel won't do mirroring, unless this workflow runs, -# and running the workflow is protected by GitHub - -on: - pull_request: - types: - - opened - - synchronize - - unlocked - - ready_for_review - - reopened - -jobs: - sync: - runs-on: ubuntu-latest - steps: - - name: Do nothing - run: echo "let's go" diff --git a/.github/workflows/publish-deploy.yml b/.github/workflows/publish-deploy.yml new file mode 100644 index 0000000..3b3c017 --- /dev/null +++ b/.github/workflows/publish-deploy.yml @@ -0,0 +1,114 @@ +name: Publish and deploy + +on: + push: + branches: + - master + tags: + - v* + - stg-v* + +concurrency: + group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }} + cancel-in-progress: true + +#to use reusable workflow +permissions: + id-token: write + contents: read + +env: + APP: "substrate-tip-bot" + +jobs: + set-variables: + name: Set variables + runs-on: ubuntu-latest + outputs: + VERSION: ${{ steps.version.outputs.VERSION }} + steps: + - name: Define version + id: version + run: | + export COMMIT_SHA=${{ github.sha }} + export COMMIT_SHA_SHORT=${COMMIT_SHA:0:8} + export REF_NAME=${{ github.ref_name }} + export REF_SLUG=${REF_NAME//\//_} + echo "short sha: ${COMMIT_SHA_SHORT} slug: ${REF_SLUG}" + if [[ ${REF_SLUG} == "master" ]] + then + export VERSION=${REF_SLUG}-${COMMIT_SHA_SHORT} + echo "VERSION=${VERSION}" >> $GITHUB_OUTPUT + else + export VERSION=${REF_SLUG} + echo "VERSION=${VERSION}" >> $GITHUB_OUTPUT + fi + echo "set VERSION=${VERSION}" + build_push_docker: + name: Build docker image + runs-on: ubuntu-latest + environment: master_n_tags + needs: [set-variables] + env: + VERSION: ${{ needs.set-variables.outputs.VERSION }} + steps: + - name: Check out the repo + uses: actions/checkout@v4 + - name: Log in to Docker Hub + uses: docker/login-action@v3 + with: + username: ${{ secrets.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_PASSWORD }} + + - name: Build Docker image + uses: docker/build-push-action@v5 + with: + context: . + file: ./Dockerfile + push: true + tags: | + docker.io/paritytech/substrate-tip-bot:${{ env.VERSION }} + + deploy-stg: + name: Deploy Staging + runs-on: ubuntu-latest + needs: [set-variables, build_push_docker] + environment: parity-stg + env: + VERSION: ${{ needs.set-variables.outputs.VERSION }} + ARGOCD_SERVER: "argocd-stg.teleport.parity.io" + steps: + - name: Deploy to ArgoCD + uses: paritytech/argocd-deployment-action@main + with: + environment: "parity-stg" + tag: "${{ env.VERSION }}" + app_name: "${{ env.APP }}" + app_packages: "common" + argocd_server: ${{ env.ARGOCD_SERVER }} + teleport_token: "substrate-tip" + teleport_app_name: "argocd-stg" + argocd_auth_token: ${{ secrets.ARGOCD_AUTH_TOKEN }} + + deploy-prod: + name: Deploy Production + runs-on: ubuntu-latest + needs: [set-variables, deploy-stg] + # deploy only on tags + if: startsWith(github.ref, 'refs/tags/v') + environment: parity-prod + env: + VERSION: ${{ needs.set-variables.outputs.VERSION }} + ARGOCD_SERVER: "argocd-prod.teleport.parity.io" + steps: + - name: Deploy to ArgoCD + uses: paritytech/argocd-deployment-action@main + with: + environment: "parity-prod" + tag: "${{ env.VERSION }}" + app_name: "${{ env.APP }}" + app_packages: "common" + argocd_server: ${{ env.ARGOCD_SERVER }} + teleport_token: "substrate-tip" + teleport_app_name: "argocd-prod" + argocd_auth_token: ${{ secrets.ARGOCD_AUTH_TOKEN }} diff --git a/.github/workflows/test-e2e.yml b/.github/workflows/test-e2e.yml index e99f6f8..e6bf44c 100644 --- a/.github/workflows/test-e2e.yml +++ b/.github/workflows/test-e2e.yml @@ -5,6 +5,10 @@ on: branches: - master +concurrency: + group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }} + cancel-in-progress: true + jobs: test-e2e: runs-on: ubuntu-22.04 diff --git a/.github/workflows/test-integration.yml b/.github/workflows/test-integration.yml index ae92902..549868d 100644 --- a/.github/workflows/test-integration.yml +++ b/.github/workflows/test-integration.yml @@ -5,6 +5,10 @@ on: branches: - master +concurrency: + group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }} + cancel-in-progress: true + jobs: test-integration: timeout-minutes: 15 diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml deleted file mode 100644 index afc20e8..0000000 --- a/.gitlab-ci.yml +++ /dev/null @@ -1,177 +0,0 @@ -stages: - - test - - build - - staging - - production - -default: - interruptible: true - retry: - max: 2 - when: - - runner_system_failure - - unknown_failure - - api_failure - -variables: - KUBE_NAMESPACE: "substrate-tip-bot" - CI_REGISTRY: "docker.io/paritytech" - GIT_STRATEGY: fetch - CI_IMAGE: "docker.io/paritytech/eng-automation-ci:latest" - # BUILDAH_IMAGE is defined in group variables - BUILDAH_COMMAND: "buildah --storage-driver overlay2" - DOCKERHUB_REPO: "paritytech" - IMAGE_NAME: docker.io/$DOCKERHUB_REPO/substrate-tip-bot - DOCKER_TAG: "${CI_COMMIT_SHORT_SHA}" - -.common-refs: &common-refs - rules: - - if: $CI_PIPELINE_SOURCE == "web" - - if: $CI_PIPELINE_SOURCE == "schedule" - - if: $CI_COMMIT_REF_NAME == "master" - - if: $CI_COMMIT_REF_NAME =~ /^v[0-9]+\.[0-9]+.*$/ # i.e. v1.0, v2.1rc1 - - if: $CI_COMMIT_REF_NAME =~ /^stg-v[0-9]+\.[0-9]+.*$/ # i.e. stg-v1.0, stg-v2.1rc1 - - if: $CI_COMMIT_REF_NAME =~ /^[0-9]+$/ # PRs - -.test-refs: &test-refs - rules: - - if: $CI_COMMIT_REF_NAME =~ /^v[0-9]+\.[0-9]+.*$/ # i.e. v1.0, v2.1rc1 - - if: $CI_COMMIT_REF_NAME =~ /^stg-v[0-9]+\.[0-9]+.*$/ # i.e. stg-v1.0, stg-v2.1rc1 - - if: $CI_COMMIT_REF_NAME =~ /^[0-9]+$/ # PRs - -# Deploy on production goes only manually -.deploy-prod-refs: &deploy-prod-refs - rules: - - if: $CI_COMMIT_REF_NAME =~ /^v[0-9]+\.[0-9]+.*$/ # i.e. v1.0, v2.1rc1 - - if: $CI_COMMIT_REF_NAME == "master" # on commits to main branch - when: manual - -# Publish docker image and deploy it on staging -.publish-deploy-stg-refs: &publish-deploy-stg-refs - rules: - - if: $CI_COMMIT_REF_NAME =~ /^v[0-9]+\.[0-9]+.*$/ # i.e. v1.0, v2.1rc1 - - if: $CI_COMMIT_REF_NAME =~ /^stg-v[0-9]+\.[0-9]+.*$/ # i.e. stg-v1.0, stg-v2.1rc1 - - if: $CI_COMMIT_REF_NAME == "master" # on commits to main branch - -.kubernetes-env: &kubernetes-env - image: $CI_IMAGE - tags: - - kubernetes-parity-build - -# template task for building and pushing an image -.build-push-docker-image: &build-push-docker-image - image: $BUILDAH_IMAGE - script: - - test "$Docker_Hub_User_Parity" -a "$Docker_Hub_Pass_Parity" || - ( echo "no docker credentials provided"; exit 1 ) - - $BUILDAH_COMMAND build - --format=docker - --build-arg VCS_REF="${CI_COMMIT_SHA}" - --build-arg BUILD_DATE="$(date -u '+%Y-%m-%dT%H:%M:%SZ')" - --build-arg VERSION="${DOCKER_TAG}" - --build-arg PROJECT_NAME="${CI_PROJECT_NAME}" - --tag "$IMAGE_NAME:${DOCKER_TAG}" - --tag "$IMAGE_NAME:latest" - --file "$DOCKERFILE" . - - echo "$Docker_Hub_Pass_Parity" | - buildah login --username "$Docker_Hub_User_Parity" --password-stdin docker.io - - $BUILDAH_COMMAND info - - $BUILDAH_COMMAND push --format=v2s2 "$IMAGE_NAME:${DOCKER_TAG}" - - $BUILDAH_COMMAND push --format=v2s2 "$IMAGE_NAME:latest" - after_script: - - buildah logout --all - -# test that docker image can build - -.build-only-docker-image: &build-only-docker-image - image: $BUILDAH_IMAGE - script: - - $BUILDAH_COMMAND build - --format=docker - --build-arg VCS_REF="${CI_COMMIT_SHA}" - --build-arg BUILD_DATE="$(date -u '+%Y-%m-%dT%H:%M:%SZ')" - --build-arg PROJECT_NAME="${CI_PROJECT_NAME}" - --tag "$IMAGE_NAME:latest" - --file "$DOCKERFILE" . - -check-linting: - stage: test - <<: *common-refs - <<: *kubernetes-env - script: - - yarn --immutable - - yarn lint - -test-unit: - stage: test - <<: *common-refs - <<: *kubernetes-env - script: - - yarn --immutable - - yarn test - -build-docker-bot: - stage: build - <<: *test-refs - <<: *kubernetes-env - <<: *build-only-docker-image - variables: - DOCKERFILE: "Dockerfile" - - -publish-docker-bot: - stage: build - <<: *publish-deploy-stg-refs - <<: *kubernetes-env - <<: *build-push-docker-image - variables: - DOCKERFILE: "Dockerfile" - -publish-docker-image-description: - stage: build - <<: *kubernetes-env - variables: - CI_IMAGE: paritytech/dockerhub-description - DOCKERHUB_REPOSITORY: paritytech/substrate-tip-bot - DOCKER_USERNAME: $Docker_Hub_User_Parity - DOCKER_PASSWORD: $Docker_Hub_Pass_Parity - README_FILEPATH: $CI_PROJECT_DIR/Dockerfile.README.md - SHORT_DESCRIPTION: "A GitHub App built with Probot that can submit tips on behalf of a Substrate based network" - rules: - - if: $CI_COMMIT_REF_NAME == "master" - changes: - - Dockerfile.README.md - script: - - cd / && sh entrypoint.sh - -#### stage: deploy - -.deploy-k8s: &deploy-k8s - variables: - ARGOCD_OPTS: --grpc-web --grpc-web-root-path /$ENVIRONMENT - APP: substrate-tip-bot - environment: - name: $ENVIRONMENT - script: - - argocd app list - - argocd app set $APP --helm-set common.image.tag="${DOCKER_TAG}" - - argocd app sync $APP - - argocd app wait $APP --timeout 180 - -deploy-stg: - stage: staging - extends: .deploy-k8s - <<: *kubernetes-env - <<: *publish-deploy-stg-refs - variables: - CI_IMAGE: "quay.io/argoproj/argocd:v2.7.9" - ENVIRONMENT: parity-stg - -deploy-prod: - stage: production - extends: .deploy-k8s - <<: *kubernetes-env - <<: *deploy-prod-refs - variables: - CI_IMAGE: "quay.io/argoproj/argocd:v2.7.9" - ENVIRONMENT: parity-prod