From acdea0cb3c15cb11ee2502f90f1bc5185ae5c428 Mon Sep 17 00:00:00 2001 From: fkwp Date: Fri, 19 Apr 2024 15:53:28 +0200 Subject: [PATCH] bump workflows --- .github/workflows/build.yaml | 49 +++++------ .github/workflows/docker.yaml | 56 ++++++++++++ .github/workflows/e2e.yml | 2 +- .github/workflows/element-call.yaml | 46 ++++++++++ .github/workflows/netlify.yaml | 84 ++++++++++++++++++ .github/workflows/pr-deploy.yaml | 48 +++++++++++ .github/workflows/publish.yaml | 90 ++++++++------------ .github/workflows/test.yaml | 10 +-- .github/workflows/translations-download.yaml | 4 +- .github/workflows/translations-upload.yaml | 2 + 10 files changed, 301 insertions(+), 90 deletions(-) create mode 100644 .github/workflows/docker.yaml create mode 100644 .github/workflows/element-call.yaml create mode 100644 .github/workflows/netlify.yaml create mode 100644 .github/workflows/pr-deploy.yaml diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml index 09e1d99e..c3eff6f4 100644 --- a/.github/workflows/build.yaml +++ b/.github/workflows/build.yaml @@ -1,34 +1,25 @@ name: Build on: - pull_request: {} + pull_request: + types: + - synchronize + - opened + - labeled + paths-ignore: + - ".github/**" + - "docs/**" push: branches: [livekit, full-mesh] + paths-ignore: + - ".github/**" + - "docs/**" jobs: - build: - name: Build - runs-on: ubuntu-latest - steps: - - name: Checkout code - uses: actions/checkout@v4 - - name: Yarn cache - uses: actions/setup-node@v4 - with: - cache: "yarn" - - name: Install dependencies - run: "yarn install" - - name: Build - run: "yarn run build" - env: - SENTRY_ORG: ${{ secrets.SENTRY_ORG }} - SENTRY_PROJECT: ${{ secrets.SENTRY_PROJECT }} - SENTRY_URL: ${{ secrets.SENTRY_URL }} - SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }} - VITE_APP_VERSION: ${{ github.sha }} - NODE_OPTIONS: "--max-old-space-size=4096" - - name: Upload Artifact - uses: actions/upload-artifact@v3 - with: - name: build - path: dist - # We'll only use this in a triggered job, then we're done with it - retention-days: 1 + build_element_call: + uses: ./.github/workflows/element-call.yaml + with: + vite_app_version: ${{ github.event.release.tag_name || github.sha }} + secrets: + SENTRY_ORG: ${{ secrets.SENTRY_ORG }} + SENTRY_PROJECT: ${{ secrets.SENTRY_PROJECT }} + SENTRY_URL: ${{ secrets.SENTRY_URL }} + SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }} diff --git a/.github/workflows/docker.yaml b/.github/workflows/docker.yaml new file mode 100644 index 00000000..2d63a169 --- /dev/null +++ b/.github/workflows/docker.yaml @@ -0,0 +1,56 @@ +name: Docker - Deploy +on: + workflow_call: + inputs: + docker_tags: + required: true + type: string + +env: + REGISTRY: ghcr.io + IMAGE_NAME: ${{ github.repository }} + +jobs: + build_and_deploy: + name: Build & publish docker + runs-on: ubuntu-latest + permissions: + contents: write # required to upload release asset + packages: write + steps: + - name: Check it out + uses: actions/checkout@v4 + + - name: 📥 Download artifact + uses: actions/download-artifact@v4 + with: + github-token: ${{ secrets.GITHUB_TOKEN }} + run-id: ${{ github.event.workflow_run.id }} + name: build-output + path: dist + + - name: Log in to container registry + uses: docker/login-action@5f4866a30a54f16a52d2ecb4a3898e9e424939cf + with: + registry: ${{ env.REGISTRY }} + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Extract metadata (tags, labels) for Docker + id: meta + uses: docker/metadata-action@1294d94f8ee362ab42b6da04c35f4cd03a0e6af7 + with: + images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} + tags: ${{ inputs.docker_tags}} + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@a530e948adbeb357dbca95a7f8845d385edf4438 + + - name: Build and push Docker image + uses: docker/build-push-action@7e6f77677b7892794c8852c6e3773c3e9bc3129a + with: + context: . + platforms: linux/amd64,linux/arm64 + push: true + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} diff --git a/.github/workflows/e2e.yml b/.github/workflows/e2e.yml index 910a4131..e7cb7e67 100644 --- a/.github/workflows/e2e.yml +++ b/.github/workflows/e2e.yml @@ -14,7 +14,7 @@ jobs: - name: Check out test private repo uses: actions/checkout@v4 with: - repository: vector-im/static-call-participant + repository: element-hq/static-call-participant ref: refs/heads/main path: static-call-participant token: ${{ secrets.GH_E2E_TEST_TOKEN }} diff --git a/.github/workflows/element-call.yaml b/.github/workflows/element-call.yaml new file mode 100644 index 00000000..b8c1647f --- /dev/null +++ b/.github/workflows/element-call.yaml @@ -0,0 +1,46 @@ +name: Element Call - Build +on: + workflow_call: + inputs: + vite_app_version: + required: true + type: string + secrets: + SENTRY_ORG: + required: true + SENTRY_PROJECT: + required: true + SENTRY_URL: + required: true + SENTRY_AUTH_TOKEN: + required: true + +jobs: + build: + name: Build Element Call + runs-on: ubuntu-latest + steps: + - name: Checkout code + uses: actions/checkout@v4 + - name: Yarn cache + uses: actions/setup-node@v4 + with: + cache: "yarn" + - name: Install dependencies + run: "yarn install" + - name: Build + run: "yarn run build" + env: + SENTRY_ORG: ${{ secrets.SENTRY_ORG }} + SENTRY_PROJECT: ${{ secrets.SENTRY_PROJECT }} + SENTRY_URL: ${{ secrets.SENTRY_URL }} + SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }} + VITE_APP_VERSION: ${{ inputs.vite_app_version }} + NODE_OPTIONS: "--max-old-space-size=4096" + - name: Upload Artifact + uses: actions/upload-artifact@v4 + with: + name: build-output + path: dist + # We'll only use this in a triggered job, then we're done with it + retention-days: 1 diff --git a/.github/workflows/netlify.yaml b/.github/workflows/netlify.yaml new file mode 100644 index 00000000..a10eacc8 --- /dev/null +++ b/.github/workflows/netlify.yaml @@ -0,0 +1,84 @@ +name: Netlify - Deploy +on: + workflow_call: + inputs: + pr_number: + required: true + type: string + pr_head_full_name: + required: true + type: string + pr_head_ref: + required: true + type: string + deployment_ref: + required: true + type: string + secrets: + ELEMENT_BOT_TOKEN: + required: true + NETLIFY_AUTH_TOKEN: + required: true + NETLIFY_SITE_ID: + required: true + +jobs: + deploy: + runs-on: ubuntu-latest + permissions: + deployments: write + environment: Netlify + steps: + - name: 📝 Create Deployment + uses: bobheadxi/deployments@v1 + id: deployment + with: + step: start + token: ${{ secrets.GITHUB_TOKEN }} + env: Netlify + ref: ${{ inputs.deployment_ref }} + desc: | + Do you trust the author of this PR? Maybe this build will steal your keys or give you malware. + Exercise caution. Use test accounts. + + - name: 📥 Download artifact + uses: actions/download-artifact@v4 + with: + github-token: ${{ secrets.ELEMENT_BOT_TOKEN }} + run-id: ${{ github.event.workflow_run.id }} + name: build-output + path: webapp + + - name: Add redirects file + # We fetch from github directly as we don't bother checking out the repo + run: curl -s https://raw.githubusercontent.com/element-hq/element-call/main/config/netlify_redirects > webapp/_redirects + + - name: Add config file + run: curl -s "https://raw.githubusercontent.com/${{ inputs.pr_head_full_name }}/${{ inputs.pr_head_ref }}/config/element_io_preview.json" > webapp/config.json + + - name: ☁️ Deploy to Netlify + id: netlify + uses: nwtgck/actions-netlify@v3.0 + with: + publish-dir: webapp + deploy-message: "Deploy from GitHub Actions" + alias: pr${{ inputs.pr_number }} + env: + NETLIFY_AUTH_TOKEN: ${{ secrets.NETLIFY_AUTH_TOKEN }} + NETLIFY_SITE_ID: ${{ secrets.NETLIFY_SITE_ID }} + timeout-minutes: 1 + + - name: 🚦 Update deployment status + uses: bobheadxi/deployments@v1 + if: always() + with: + step: finish + override: false + token: ${{ secrets.GITHUB_TOKEN }} + status: ${{ job.status }} + env: ${{ steps.deployment.outputs.env }} + deployment_id: ${{ steps.deployment.outputs.deployment_id }} + env_url: ${{ steps.netlify.outputs.deploy-url }} + desc: | + Do you trust the author of this PR? Maybe this build will steal your keys or give you malware. + Exercise caution. Use test accounts. diff --git a/.github/workflows/pr-deploy.yaml b/.github/workflows/pr-deploy.yaml new file mode 100644 index 00000000..032e60a3 --- /dev/null +++ b/.github/workflows/pr-deploy.yaml @@ -0,0 +1,48 @@ +name: PR Preview Deployments +on: + workflow_run: + workflows: ["Build"] + types: + - completed + +jobs: + prdetails: + if: ${{ github.event.workflow_run.conclusion == 'success' && github.event.workflow_run.event == 'pull_request' }} + runs-on: ubuntu-latest + outputs: + pr_number: ${{ steps.prdetails.outputs.pr_id }} + pr_data_json: ${{ steps.prdetails.outputs.data }} + steps: + - id: prdetails + uses: matrix-org/pr-details-action@v1.3 + continue-on-error: true + with: + owner: ${{ github.event.workflow_run.head_repository.owner.login }} + branch: ${{ github.event.workflow_run.head_branch }} + + netlify: + needs: prdetails + permissions: + deployments: write + uses: ./.github/workflows/netlify.yaml + with: + pr_number: ${{ needs.prdetails.outputs.pr_number }} + pr_head_full_name: ${{ github.event.workflow_run.head_repository.full_name }} + pr_head_ref: ${{ needs.prdetails.outputs.pr_data_json && fromJSON(needs.prdetails.outputs.pr_data_json).head.ref }} + deployment_ref: ${{ needs.prdetails.outputs.pr_data_json && fromJSON(needs.prdetails.outputs.pr_data_json).head.sha || github.ref || github.head_ref }} + secrets: + ELEMENT_BOT_TOKEN: ${{ secrets.ELEMENT_BOT_TOKEN }} + NETLIFY_AUTH_TOKEN: ${{ secrets.NETLIFY_AUTH_TOKEN }} + NETLIFY_SITE_ID: ${{ secrets.NETLIFY_SITE_ID }} + + docker: + if: ${{ needs.prdetails.outputs.pr_data_json && contains(fromJSON(needs.prdetails.outputs.pr_data_json).labels.*.name, 'docker build') }} + needs: prdetails + permissions: + contents: write + packages: write + uses: ./.github/workflows/docker.yaml + with: + docker_tags: | + type=sha,format=short,event=branch + type=raw,value=pr_${{ needs.prdetails.outputs.pr_number }} diff --git a/.github/workflows/publish.yaml b/.github/workflows/publish.yaml index ef046b0c..e3a8e5f5 100644 --- a/.github/workflows/publish.yaml +++ b/.github/workflows/publish.yaml @@ -3,17 +3,32 @@ name: Build & publish images to the package registry for tags on: release: types: [published] - push: + workflow_run: + workflows: ["Build"] branches: [livekit] + types: + - completed env: REGISTRY: ghcr.io IMAGE_NAME: ${{ github.repository }} jobs: - build: - name: Build & publish + build_element_call: + if: ${{ github.event.workflow_run.event == 'release' }} + uses: ./.github/workflows/element-call.yaml + with: + vite_app_version: ${{ github.event.release.tag_name || github.sha }} + secrets: + SENTRY_ORG: ${{ secrets.SENTRY_ORG }} + SENTRY_PROJECT: ${{ secrets.SENTRY_PROJECT }} + SENTRY_URL: ${{ secrets.SENTRY_URL }} + SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }} + publish_tarball: + name: Publish tarball runs-on: ubuntu-latest + outputs: + unix_time: ${{steps.current-time.outputs.unix_time}} permissions: contents: write # required to upload release asset packages: write @@ -21,64 +36,33 @@ jobs: - name: Get current time id: current-time run: echo "unix_time=$(date +'%s')" >> $GITHUB_OUTPUT - - - name: Check it out - uses: actions/checkout@v4 - - - name: Log in to container registry - uses: docker/login-action@3d58c274f17dffee475a5520cbe67f0a882c4dbb + - name: 📥 Download artifact + uses: actions/download-artifact@v4 with: - registry: ${{ env.REGISTRY }} - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} - - - name: Yarn cache - uses: actions/setup-node@v4 - with: - cache: "yarn" - - name: Install dependencies - run: "yarn install" - - name: Build - run: "yarn run build" - env: - SENTRY_ORG: ${{ secrets.SENTRY_ORG }} - SENTRY_PROJECT: ${{ secrets.SENTRY_PROJECT }} - SENTRY_URL: ${{ secrets.SENTRY_URL }} - SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }} - VITE_APP_VERSION: ${{ github.event.release.tag_name || github.sha }} - + github-token: ${{ secrets.GITHUB_TOKEN }} + run-id: ${{ github.event.workflow_run.id }} + name: build-output + path: dist - name: Create Tarball env: TARBALL_VERSION: ${{ github.event.release.tag_name || github.sha }} run: | tar --numeric-owner --transform "s/dist/element-call-${TARBALL_VERSION}/" -cvzf element-call-${TARBALL_VERSION}.tar.gz dist - - name: Upload - uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 + uses: actions/upload-artifact@b06cde36fc32a3ee94080e87258567f73f921537 env: GITHUB_TOKEN: ${{ github.token }} with: path: "./element-call-*.tar.gz" - - - name: Extract metadata (tags, labels) for Docker - id: meta - uses: docker/metadata-action@2a4836ac76fe8f5d0ee3a0d89aa12a80cc552ad3 - with: - images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} - tags: | - type=sha,format=short,event=branch - type=semver,pattern=v{{version}} - type=raw,value=latest-ci,enable={{is_default_branch}} - type=raw,value=latest-ci_${{steps.current-time.outputs.unix_time}},enable={{is_default_branch}} - - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@6d5347c4025fdf2bb05167a2519cac535a14a408 - - - name: Build and push Docker image - uses: docker/build-push-action@4a13e500e55cf31b7a5d59a38ab2040ab0f42f56 - with: - context: . - platforms: linux/amd64,linux/arm64 - push: true - tags: ${{ steps.meta.outputs.tags }} - labels: ${{ steps.meta.outputs.labels }} + publish_docker: + needs: publish_tarball + permissions: + contents: write + packages: write + uses: ./.github/workflows/docker.yaml + with: + docker_tags: | + type=sha,format=short,event=branch + type=semver,pattern=v{{version}} + type=raw,value=latest-ci,enable={{is_default_branch}} + type=raw,value=latest-ci_${{needs.publish_tarball.outputs.unix_time}},enable={{is_default_branch}} diff --git a/.github/workflows/test.yaml b/.github/workflows/test.yaml index dacb4283..85385cb5 100644 --- a/.github/workflows/test.yaml +++ b/.github/workflows/test.yaml @@ -1,11 +1,11 @@ -name: Run jest tests +name: Run unit tests on: pull_request: {} push: branches: [livekit, full-mesh] jobs: - jest: - name: Run jest tests + vitest: + name: Run vitest tests runs-on: ubuntu-latest steps: - name: Checkout code @@ -16,9 +16,9 @@ jobs: cache: "yarn" - name: Install dependencies run: "yarn install" - - name: Jest + - name: Vitest run: "yarn run test" - name: Upload to codecov - uses: codecov/codecov-action@v3 + uses: codecov/codecov-action@v4 with: flags: unittests diff --git a/.github/workflows/translations-download.yaml b/.github/workflows/translations-download.yaml index 8e1f1c21..c0114082 100644 --- a/.github/workflows/translations-download.yaml +++ b/.github/workflows/translations-download.yaml @@ -15,7 +15,7 @@ jobs: - name: Checkout the code uses: actions/checkout@v4 - - uses: actions/setup-node@v3 + - uses: actions/setup-node@v4 with: cache: "yarn" @@ -38,7 +38,7 @@ jobs: - name: Create Pull Request id: cpr - uses: peter-evans/create-pull-request@v5.0.2 + uses: peter-evans/create-pull-request@v6.0.3 with: token: ${{ secrets.ELEMENT_BOT_TOKEN }} branch: actions/localazy-download diff --git a/.github/workflows/translations-upload.yaml b/.github/workflows/translations-upload.yaml index f9a81ce0..d5097ca2 100644 --- a/.github/workflows/translations-upload.yaml +++ b/.github/workflows/translations-upload.yaml @@ -3,6 +3,8 @@ on: push: branches: - livekit + paths-ignore: + - ".github/**" jobs: upload: