novu/.github/workflows/dev-deploy-webhook.yml at next · roqtech/novu · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
name: Deploy DEV WEBHOOK

# Controls when the action will run. Triggers the workflow on push or pull request
# events but only for the master branch
on:
  workflow_dispatch:
  push:
    branches:
      - next
    paths:
      - 'package.json'
      - 'yarn.lock'
      - 'apps/webhook/**'
      - 'libs/dal/**'
      - 'libs/shared/**'

jobs:
  test_webhook:
    uses: ./.github/workflows/reusable-webhook-e2e.yml

  deploy_dev_webhook:
    if: "!contains(github.event.head_commit.message, 'ci skip')"
    # The type of runner that the job will run on
    runs-on: ubuntu-latest
    needs: test_webhook
    timeout-minutes: 80
    environment: Development
    permissions:
      contents: read
      packages: write
      deployments: write
    steps:
      # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
      - uses: actions/checkout@v2
      - name: Setup kernel for react native, increase watchers
        run: echo fs.inotify.max_user_watches=524288 | sudo tee -a /etc/sysctl.conf && sudo sysctl -p
      - uses: actions/setup-node@v2
        with:
          node-version: '16.15.1'

      - name: Start MongoDB
        uses: supercharge/mongodb-github-action@1.3.0
        with:
          mongodb-version: 4.2.8

      - uses: pnpm/action-setup@v2.0.1
        with:
          version: 7.5.0
          run_install: false

      - name: Install root dependencies
        run: pnpm --filter novuhq install

      - name: Build, tag, and push image to Amazon ECR
        id: build-image
        env:
          REGISTRY_OWNER: novuhq
          DOCKER_NAME: novu/webhook
          IMAGE_TAG: ${{ github.sha }}
          GH_ACTOR: ${{ github.actor }}
          GH_PASSWORD: ${{ secrets.GH_PACKAGES }}
        run: |
          echo $GH_PASSWORD | docker login ghcr.io -u $GH_ACTOR --password-stdin
          cd apps/webhook && DOCKER_BUILDKIT=1 npm run docker:build
          docker tag novu-webhook ghcr.io/$REGISTRY_OWNER/$DOCKER_NAME:dev
          docker tag novu-webhook ghcr.io/$REGISTRY_OWNER/$DOCKER_NAME:$IMAGE_TAG

          docker run --network=host --name webhook -dit --env NODE_ENV=test ghcr.io/$REGISTRY_OWNER/$DOCKER_NAME:$IMAGE_TAG
          docker run --network=host appropriate/curl --retry 10 --retry-delay 5 --retry-connrefused http://localhost:1341/v1/health-check | grep 'ok'

          docker push ghcr.io/$REGISTRY_OWNER/$DOCKER_NAME:dev
          docker push ghcr.io/$REGISTRY_OWNER/$DOCKER_NAME:$IMAGE_TAG
          echo "::set-output name=IMAGE::ghcr.io/$REGISTRY_OWNER/$DOCKER_NAME:$IMAGE_TAG"

      - name: Checkout cloud infra
        uses: actions/checkout@master
        with:
          repository: novuhq/cloud-infra
          token: ${{ secrets.GH_PACKAGES }}
          path: cloud-infra

      - name: Configure AWS credentials
        uses: aws-actions/configure-aws-credentials@v1
        with:
          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
          aws-region: eu-central-1

      - name: Terraform setup
        uses: hashicorp/setup-terraform@v1
        with:
          terraform_version: 1.1.7
          terraform_wrapper: false

      - name: Terraform Init
        working-directory: cloud-infra/terraform
        run: terraform init

      - name: Terraform Change Workspace
        working-directory: cloud-infra/terraform
        run: terraform workspace select dev

      - name: Terraform get output
        working-directory: cloud-infra/terraform
        id: terraform
        run: |
          echo "webhook_ecs_container_name=$(terraform output -json webhook_ecs_container_name | jq -r .)" >> $GITHUB_ENV
          echo "webhook_ecs_service=$(terraform output -json webhook_ecs_service | jq -r .)" >> $GITHUB_ENV
          echo "webhook_ecs_cluster=$(terraform output -json webhook_ecs_cluster | jq -r .)" >> $GITHUB_ENV
          echo "webhook_task_name=$(terraform output -json webhook_task_name | jq -r .)" >> $GITHUB_ENV

      - name: Download task definition
        run: |
          aws ecs describe-task-definition --task-definition ${{ env.webhook_task_name }} \
          --query taskDefinition > task-definition.json

      - name: Render Amazon ECS task definition
        id: render-web-container
        uses: aws-actions/amazon-ecs-render-task-definition@v1
        with:
          task-definition: task-definition.json
          container-name: ${{ env.webhook_ecs_container_name }}
          image: ${{ steps.build-image.outputs.IMAGE }}

      - name: Deploy to Amazon ECS service
        uses: aws-actions/amazon-ecs-deploy-task-definition@v1
        with:
          task-definition: ${{ steps.render-web-container.outputs.task-definition }}
          service: ${{ env.webhook_ecs_service }}
          cluster: ${{ env.webhook_ecs_cluster }}
          wait-for-service-stability: true