Migrate from CircleCI to GitHub actions (#1087)

Not keeping CircleCI build as there's value in the move to GitHub actions for open source contributions.

Having said that, I've focussed on getting our deployment up and running and there's no PR trigger yet.

Steps require internal GH packages for deployment, but these should be easy to factor out. I'd like forks to be able to at least run e2e and perhaps in time add a template for GH pages deploys.

Author: microbit-matt-hillsdon

.circleci/config.yml

@@ -0,0 +1,64 @@
+name: build
+
+on:
+  release:
+    types: [created]
+  push:
+    branches:
+      - "**"
+
+# This is conservative: ideally we'd include branch and stage in this key
+# https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#concurrency
+concurrency: deploy-python-editor-v3
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      packages: read
+    env:
+      AWS_DEFAULT_REGION: eu-west-1
+      PRODUCTION_CLOUDFRONT_DISTRIBUTION_ID: E2ELTBTA2OFPY2
+      STAGING_CLOUDFRONT_DISTRIBUTION_ID: E2ELTBTA2OFPY2
+      REVIEW_CLOUDFRONT_DISTRIBUTION_ID: E3267W09ZJHQG9
+
+    steps:
+      # Note: This workflow will not run on forks without modification; we're open to making steps
+      #       that reply on our deployment infrastructure conditional. Please open an issue.
+      - uses: actions/checkout@v3
+      - name: Configure node
+        uses: actions/setup-node@v3
+        with:
+          node-version: 16.x
+          cache: "npm"
+          registry-url: "https://npm.pkg.github.com"
+      - run: npm ci
+        env:
+          NODE_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+      - run: npm install --no-save @microbit-foundation/[email protected] @microbit-foundation/[email protected] @microbit-foundation/[email protected] @microbit-foundation/circleci-npm-package-versioner@1
+        env:
+          NODE_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+      - run: node ./bin/print-ci-env.js >> $GITHUB_ENV
+      - run: npm run ci:update-version
+      - run: npm run ci
+      - run: mkdir -p /tmp/app${PUBLIC_URL} && cp -r build/* /tmp/app${PUBLIC_URL} && npx serve --no-clipboard -l 3000 /tmp/app &
+        if: env.STAGE == 'REVIEW' || env.STAGE == 'STAGING'
+      - run: curl --insecure -4 --retry 7 --retry-connrefused http://localhost:3000 1>/dev/null
+        if: env.STAGE == 'REVIEW' || env.STAGE == 'STAGING'
+      - run: npm run test:e2e:headless
+        if: env.STAGE == 'REVIEW' || env.STAGE == 'STAGING'
+      - name: Store reports
+        if: env.STAGE == 'REVIEW' || env.STAGE == 'STAGING'
+        uses: actions/upload-artifact@v3
+        with:
+          name: reports
+          path: reports/
+      - run: npm run deploy
+        env:
+          AWS_ACCESS_KEY_ID: ${{ secrets.WEB_DEPLOY_AWS_ACCESS_KEY_ID }}
+          AWS_SECRET_ACCESS_KEY: ${{ secrets.WEB_DEPLOY_AWS_SECRET_ACCESS_KEY }}
+      - run: npm run invalidate
+        env:
+          AWS_ACCESS_KEY_ID: ${{ secrets.WEB_DEPLOY_AWS_ACCESS_KEY_ID }}
+          AWS_SECRET_ACCESS_KEY: ${{ secrets.WEB_DEPLOY_AWS_SECRET_ACCESS_KEY }}

.github/workflows/build.yml

@@ -0,0 +1,21 @@
+#!/usr/bin/env node
+const { bucketPrefix } = require("../deployment");
+const ref = process.env.GITHUB_REF;
+const eventName = process.env.GITHUB_EVENT_NAME;
+
+let stage = "";
+if (ref === "refs/heads/main") {
+  if (eventName === "release") {
+    stage = "PRODUCTION";
+  } else {
+    stage = "STAGING";
+  }
+} else {
+  stage = "REVIEW";
+}
+
+console.log(`STAGE=${stage}`);
+console.log(`REACT_APP_STAGE=${stage}`);
+// Two env vars as PUBLIC_URL seems to be blank when running jest even if we set it.
+console.log(`PUBLIC_URL=/${bucketPrefix}/`);
+console.log(`E2E_PUBLIC_URL=/${bucketPrefix}/`);

bin/print-ci-env.js

@@ -91,8 +91,7 @@
     "invalidate": "aws cloudfront create-invalidation --distribution-id $(printenv ${STAGE}_CLOUDFRONT_DISTRIBUTION_ID) --paths \"/*\"",
     "i18n:compile": "node bin/tidy-lang.js && formatjs compile-folder --ast lang src/messages",
     "i18n:convert": "node bin/tidy-lang.js && node bin/crowdin-convert.js",
-    "fix-licensing-headers": "node bin/fix-licensing-headers.js",
-    "public-url": "node bin/public-url.js"
+    "fix-licensing-headers": "node bin/fix-licensing-headers.js"
   },
   "eslintConfig": {
     "extends": [

bin/public-url.js

@@ -144,7 +144,7 @@ export class App {
       await dialog.accept();
     });
 
-    const logsPath = reportsPath + expect.getState().currentTestName + ".txt";
+    const logsPath = this.reportFilename("txt");
     // Clears previous output from local file.
     fs.writeFile(logsPath, "", (err) => {
       if (err) {
@@ -1052,10 +1052,20 @@ export class App {
   async screenshot() {
     const page = await this.page;
     return page.screenshot({
-      path: reportsPath + expect.getState().currentTestName + ".png",
+      path: this.reportFilename("png"),
     });
   }
 
+  private reportFilename(extension: string): string {
+    return (
+      reportsPath +
+      // GH actions has character restrictions
+      expect.getState().currentTestName.replace(/[^0-9a-zA-Z]+/g, "-") +
+      "." +
+      extension
+    );
+  }
+
   private async focusEditorContent(): Promise<ElementHandle> {
     const document = await this.document();
     const content = await document.$("[data-testid='editor'] .cm-content");