ci: gha migration boilerplate

This commit is contained in:
Maxim Schram 2023-10-24 15:20:47 -04:00
parent d2afc940a7
commit 056d02708a
4 changed files with 1397 additions and 70 deletions

View file

@ -1,70 +0,0 @@
version: 2.1
orbs:
aws-s3: circleci/aws-s3@3.0
fastly: bankrate/fastly@0.1.0
executors:
default-executor:
docker:
- image: "cimg/node:lts"
working_directory: ~/project
resource_class: medium
commands:
restore_test_cache:
steps:
- restore_cache:
keys:
- v1-deps-{{ .Environment.CIRCLE_JOB }}-{{ .Branch }}-{{ .Revision }}
- v1-deps-{{ .Environment.CIRCLE_JOB }}-{{ .Branch }}
- v1-deps-
save_test_cache:
steps:
- save_cache:
key: v1-deps-{{ .Environment.CIRCLE_JOB }}-{{ .Branch }}-{{ .Revision }}
paths:
- node_modules
setup:
steps:
- run:
name: Setup
command: |
npm install
npm run build
jobs:
build-and-deploy:
executor: default-executor
steps:
- checkout
- setup
- aws-s3/sync:
arguments: |
--acl public-read \
--cache-control "maxage=86400, s-maxage=31536000 no-transform"
aws-access-key-id: AWS_ACCESS_KEY_ID
aws-region: AWS_DEFAULT_REGION
aws-secret-access-key: AWS_SECRET_ACCESS_KEY
from: resources
to: 's3://scratch-resources'
- fastly/purge-all:
fastly-key: '${FASTLY_KEY}'
service-id: '${FASTLY_SERVICE_ID}'
workflows:
build-and-deploy-workflow:
when:
or:
- equal: [ master, <<pipeline.git.branch>> ]
jobs:
- build-and-deploy:
context:
- scratch-aws-creds
- scratch-resources-fastly
filters:
branches:
only:
- master

83
.github/workflows/ci-cd.yml vendored Normal file
View file

@ -0,0 +1,83 @@
name: CI/CD
on:
workflow_dispatch: # Allows you to run this workflow manually from the Actions tab
pull_request: # Runs whenever a pull request is created or updated
push: # Runs whenever a commit is pushed to the repository
branches: [master]
concurrency:
group: "${{ github.workflow }} @ ${{ github.event.pull_request.head.label || github.head_ref || github.ref }}"
cancel-in-progress: true
permissions:
contents: write # publish a GitHub release
pages: write # deploy to GitHub Pages
issues: write # comment on released issues
pull-requests: write # comment on released pull requests
jobs:
sync-s3:
runs-on: ubuntu-latest
permissions:
id-token: write
contents: read
env:
LEGACY_ACCOUNT_OIDC_ROLE: ${{ secrets.LEGACY_ACCOUNT_OIDC_ROLE }}
AWS_REGION: ${{ secrets.AWS_REGION }}
S3_BUCKET_NAME: ${{ secrets.S3_BUCKET_NAME }}
TRIGGER_DEPLOY: ${{ startsWith(github.ref, 'refs/heads/master') }}
steps:
- uses: actions/checkout@v4
- uses: wagoid/commitlint-github-action@v5
if: github.event_name == 'pull_request'
- uses: actions/setup-node@v3
with:
cache: "npm"
node-version-file: ".nvmrc"
- name: Info
run: |
cat <<EOF
Node version: $(node --version)
NPM version: $(npm --version)
GitHub ref: ${{ github.ref }}
GitHub head ref: ${{ github.head_ref }}
EOF
- name: Install dependencies
run: npm ci
- name: Build
run: npm run build
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v3
with:
role-to-assume: ${{ env.LEGACY_ACCOUNT_OIDC_ROLE }}
aws-region: ${{ env.AWS_REGION }}
- name: Sync "resources" directory with S3
env:
S3_BUCKET_NAME: ${{ env.S3_BUCKET_NAME }}
run: |
aws s3 sync resources s3://${{ env.S3_BUCKET_NAME }} $([[ "$TRIGGER_DEPLOY" == "false" ]] && echo "--dryrun")
fastly-purge-all:
runs-on: ubuntu-latest
needs: sync-s3
if: github.ref == 'refs/heads/master'
env:
FASTLY_API_TOKEN: ${{ secrets.FASTLY_KEY }}
FASTLY_SERVICE_ID: ${{ secrets.FASTLY_SERVICE_ID }}
steps:
- uses: actions/checkout@v4
- name: Purge Fastly Cache
run: |
curl -X POST -H "Fastly-Key: ${{ secrets.FASTLY_API_TOKEN }}" https://api.fastly.com/service/${{ secrets.FASTLY_SERVICE_ID }}/purge_all

1
.nvmrc Normal file
View file

@ -0,0 +1 @@
v16

1313
package-lock.json generated Normal file

File diff suppressed because it is too large Load diff