Skip to content

Commit 3bf6a59

Browse files
senuLabsenuLab
committed
p
0 parents  commit 3bf6a59

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

50 files changed

+13299
-0
lines changed

.github/workflows/main.yml

Lines changed: 389 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,389 @@
1+
name: CI/CD Workflow
2+
3+
# env:
4+
# VERCEL_ORG_ID: ${{ secrets.VERCEL_ORG_ID }}
5+
# VERCEL_PROJECT_ID: ${{ secrets.VERCEL_PROJECT_ID }}
6+
7+
8+
on:
9+
push:
10+
branches:
11+
- main
12+
pull_request:
13+
branches:
14+
- main
15+
16+
jobs:
17+
# 0. バージョン取得
18+
extract-versions:
19+
runs-on: ubuntu-latest
20+
outputs:
21+
node_version: ${{ steps.extract-versions.outputs.node_version }}
22+
pnpm_version: ${{ steps.extract-versions.outputs.pnpm_version }}
23+
steps:
24+
- name: Checkout code
25+
uses: actions/checkout@v3
26+
27+
- name: Extract versions from .prototools
28+
id: extract-versions
29+
run: |
30+
NODE_VERSION=$(grep 'node' .prototools | cut -d '"' -f2)
31+
PNPM_VERSION=$(grep 'pnpm' .prototools | cut -d '"' -f2)
32+
echo "node_version=$NODE_VERSION" >> $GITHUB_OUTPUT
33+
echo "pnpm_version=$PNPM_VERSION" >> $GITHUB_OUTPUT
34+
echo $NODE_VERSION
35+
echo $PNPM_VERSION
36+
37+
# 1. Turboによる変更検知
38+
turbo:
39+
needs: extract-versions
40+
name: Detect Affected Apps
41+
runs-on: ubuntu-latest
42+
# env:
43+
# TURBO_TOKEN: ${{ secrets.TURBO_TOKEN }}
44+
# TURBO_TEAM: ${{ vars.TURBO_TEAM }}
45+
outputs:
46+
is_backend_changed: ${{ steps.ex5.outputs.is_backend_changed }}
47+
is_frontend_changed: ${{ steps.ex5.outputs.is_frontend_changed }}
48+
steps:
49+
- name: Checkout code
50+
uses: actions/checkout@v3
51+
52+
- name: Cache turbo build setup
53+
uses: actions/cache@v4
54+
with:
55+
path: .turbo
56+
key: ${{ runner.os }}-turbo-${{ github.sha }}
57+
restore-keys: |
58+
${{ runner.os }}-turbo-
59+
60+
- name: pnpm v
61+
run: echo ${{ needs.extract-versions.outputs.pnpm_version }}
62+
63+
- name: Set up pnpm
64+
uses: pnpm/action-setup@v4
65+
with:
66+
version: ${{ needs.extract-versions.outputs.pnpm_version }}
67+
68+
- name: node v
69+
run: echo ${{ needs.extract-versions.outputs.node_version }}
70+
71+
- name: Set up Node.js
72+
uses: actions/setup-node@v4
73+
with:
74+
node-version: ${{ needs.extract-versions.outputs.node_version }}
75+
cache: pnpm
76+
77+
- name: Install dependencies
78+
run: pnpm install --frozen-lockfile
79+
80+
- name: Prune unnecessary packages
81+
run: pnpm prune
82+
83+
# lint,formatチェック(turboのキャッシュを使う)
84+
# - name: Lint and Format changes
85+
# run: pnpm turbo run check
86+
# # run: turbo run check --filter=...[HEAD^]
87+
88+
# type checkを実行(turboのキャッシュを使う)
89+
# - name: Type check
90+
# run: pnpm turbo run type-check
91+
# run: turbo run type-check --filter=...[HEAD^]
92+
93+
# type checkを実行(turboのキャッシュを使う)
94+
# - name: Test
95+
# run: pnpm turbo run test
96+
97+
# buildが必要なappを特定(turboのキャッシュを使う)
98+
- name: Run Turbo dry-run
99+
id: ex5
100+
run: |
101+
pnpm turbo run build --dry-run=json > turbo-dry-run.json
102+
BACKEND_CACHE_STATUS=$(cat turbo-dry-run.json | jq '.tasks[] | select(.package == "backend")' | jq -r '.cache.status')
103+
FRONTEND_CACHE_STATUS=$(cat turbo-dry-run.json | jq '.tasks[] | select(.package == "frontend")' | jq -r '.cache.status')
104+
if [ $BACKEND_CACHE_STATUS = "HIT" ]; then
105+
echo "is_backend_changed=false" >> $GITHUB_OUTPUT
106+
else
107+
echo "is_backend_changed=true" >> $GITHUB_OUTPUT
108+
fi
109+
if [ $FRONTEND_CACHE_STATUS = "HIT" ]; then
110+
echo "is_frontend_changed=false" >> $GITHUB_OUTPUT
111+
else
112+
echo "is_frontend_changed=true" >> $GITHUB_OUTPUT
113+
fi
114+
echo $BACKEND_CACHE_STATUS
115+
echo $FRONTEND_CACHE_STATUS
116+
cat turbo-dry-run.json
117+
118+
# - name: Set Backend Output
119+
# id: set_backend_output
120+
# run: echo "is_backend_changed=${{ env.is_backend_changed }}" >> $GITHUB_OUTPUT
121+
122+
# - name: Set Frontend Output
123+
# id: set_frontend_output
124+
# run: echo "is_frontend_changed=${{ env.is_frontend_changed }}" >> $GITHUB_OUTPUT
125+
126+
127+
# test-buil:
128+
# name: Test and Build Next.js App
129+
# runs-on: ubuntu-latest
130+
# needs: turbo
131+
# steps:
132+
# - name: Debug Outputs
133+
# run: |
134+
# echo "is_backend_changed: ${{ needs.turbo.outputs.is_backend_changed }}"
135+
# echo "is_frontend_changed: ${{ needs.turbo.outputs.is_frontend_changed }}"
136+
137+
138+
# 2. Next.jsのテストとビルド
139+
test-build-next:
140+
if: ${{ needs.turbo.outputs.is_frontend_changed == 'true' }}
141+
name: Test and Build Next.js App
142+
runs-on: ubuntu-latest
143+
# env:
144+
# TURBO_TOKEN: ${{ secrets.TURBO_TOKEN }}
145+
# TURBO_TEAM: ${{ vars.TURBO_TEAM }}
146+
needs: [extract-versions, turbo]
147+
steps:
148+
- name: env
149+
run: echo ${{ needs.turbo.outputs.is_frontend_changed }}
150+
151+
- name: Checkout code
152+
uses: actions/checkout@v3
153+
154+
- name: Set up pnpm
155+
uses: pnpm/action-setup@v4
156+
with:
157+
version: ${{ needs.extract-versions.outputs.pnpm_version }}
158+
159+
- name: Set up Node.js
160+
uses: actions/setup-node@v4
161+
with:
162+
node-version: ${{ needs.extract-versions.outputs.node_version }}
163+
cache: pnpm
164+
165+
- name: Cache turbo build setup
166+
uses: actions/cache@v4
167+
with:
168+
path: .turbo
169+
key: ${{ runner.os }}-turbo-${{ github.sha }}
170+
restore-keys: |
171+
${{ runner.os }}-turbo-
172+
173+
- name: Install dependencies
174+
run: pnpm install --frozen-lockfile
175+
176+
- name: Prune unnecessary packages
177+
run: node -v
178+
179+
# - name: Prune unnecessary packages
180+
# run: pnpm prune
181+
182+
# - name: Run tests
183+
# run: pnpm turbo run test --filter=frontend
184+
# - name: Install Vercel CLI
185+
# run: pnpm install -g vercel@latest
186+
187+
- name: Pull Vercel Environment Information
188+
working-directory: apps/frontend
189+
run: pnpm vercel pull --yes --environment=production --token=${{ secrets.VERCEL_TOKEN }}
190+
# run: pnpm dlx vercel pull --yes --environment=production
191+
192+
# - name: Build Project Artifacts
193+
# run: vercel build --prod --token=${{ secrets.VERCEL_TOKEN }}
194+
195+
- name: Build
196+
run: pnpm turbo run vercel-gha-build --filter=frontend
197+
198+
199+
200+
# 3. Expressのテストとビルド
201+
test-build-express:
202+
if: ${{ needs.turbo.outputs.is_backend_changed == 'true' }}
203+
name: Test and Build Express App
204+
runs-on: ubuntu-latest
205+
# env:
206+
# TURBO_TOKEN: ${{ secrets.TURBO_TOKEN }}
207+
# TURBO_TEAM: ${{ vars.TURBO_TEAM }}
208+
needs: [extract-versions, turbo]
209+
steps:
210+
- name: env
211+
run: echo ${{ needs.turbo.outputs.is_backend_changed }}
212+
213+
- name: Checkout code
214+
uses: actions/checkout@v3
215+
216+
- name: Set up pnpm
217+
uses: pnpm/action-setup@v4
218+
with:
219+
version: ${{ needs.extract-versions.outputs.pnpm_version }}
220+
221+
- name: Set up Node.js
222+
uses: actions/setup-node@v4
223+
with:
224+
node-version: ${{ needs.extract-versions.outputs.node_version }}
225+
cache: pnpm
226+
227+
- name: Cache turbo build setup
228+
uses: actions/cache@v4
229+
with:
230+
path: .turbo
231+
key: ${{ runner.os }}-turbo-${{ github.sha }}
232+
restore-keys: |
233+
${{ runner.os }}-turbo-
234+
235+
- name: Install dependencies
236+
run: pnpm install --frozen-lockfile
237+
238+
- name: Prune unnecessary packages
239+
run: pnpm prune
240+
241+
# # - name: Run tests
242+
# # run: pnpm turbo run test --filter=backend
243+
244+
- name: Build Express app
245+
run: pnpm turbo build --filter=backend
246+
247+
# - name: Prune app
248+
# run: pnpm turbo prune backend --docker
249+
250+
# - name: Set up Docker Buildx
251+
# uses: docker/setup-buildx-action@v3
252+
253+
# - name: Restore Docker Cache
254+
# uses: actions/cache@v3
255+
# with:
256+
# path: /tmp/.buildx-cache
257+
# key: ${{ runner.os }}-docker-${{ github.sha }}
258+
# restore-keys: |
259+
# ${{ runner.os }}-docker-
260+
261+
# - name: Build Docker Image
262+
# run: |
263+
# docker buildx build \
264+
# --tag senuweb/apps:backend-latest \
265+
# --file ./out/full/apps/backend/DockerFile \
266+
# --cache-from type=local,src=/tmp/.buildx-cache \
267+
# --cache-to type=local,dest=/tmp/.buildx-cache,mode=max \
268+
# --load \
269+
# ./out
270+
271+
# - name: Check images
272+
# run: docker images
273+
274+
# 脆弱性チェック
275+
# - name: Scan image with Trivy
276+
# uses: aquasecurity/trivy-action@master
277+
# with:
278+
# image-ref: senuweb/apps:backend-latest
279+
# format: "table"
280+
# severity: "CRITICAL,HIGH"
281+
# # exit-code: 1
282+
# env:
283+
# DOCKER_HOST: unix:///var/run/docker.sock
284+
285+
# - name: Check Docker best practices with Dockle
286+
# uses: erzz/dockle-action@v1
287+
# with:
288+
# image: senuweb/apps:backend-latest
289+
# failure-threshold: fatal
290+
# # exit-code: 1
291+
# env:
292+
# DOCKER_HOST: unix:///var/run/docker.sock
293+
294+
# - name: Log in to Docker Hub
295+
# if: github.event_name == 'push'
296+
# uses: docker/login-action@v2
297+
# with:
298+
# username: ${{ secrets.DOCKER_HUB_USERNAME }}
299+
# password: ${{ secrets.DOCKER_PASSWORD }}
300+
301+
# - name: Push Docker Image
302+
# if: github.event_name == 'push'
303+
# run: docker push senuweb/apps:backend-latest
304+
305+
# 4. Next.jsのデプロイ (Vercel)
306+
deploy-next:
307+
if: github.event_name == 'push'
308+
name: Deploy Next.js App to Vercel
309+
runs-on: ubuntu-latest
310+
# env:
311+
# TURBO_TOKEN: ${{ secrets.TURBO_TOKEN }}
312+
# TURBO_TEAM: ${{ vars.TURBO_TEAM }}
313+
needs: [extract-versions, test-build-next]
314+
steps:
315+
- name: Checkout code
316+
uses: actions/checkout@v3
317+
318+
- name: Set up pnpm
319+
uses: pnpm/action-setup@v4
320+
with:
321+
version: ${{ needs.extract-versions.outputs.pnpm_version }}
322+
323+
- name: Set up Node.js
324+
uses: actions/setup-node@v4
325+
with:
326+
node-version: ${{ needs.extract-versions.outputs.node_version }}
327+
cache: pnpm
328+
329+
- name: Cache turbo build setup
330+
uses: actions/cache@v4
331+
with:
332+
path: .turbo
333+
key: ${{ runner.os }}-turbo-${{ github.sha }}
334+
restore-keys: |
335+
${{ runner.os }}-turbo-
336+
337+
- name: Install dependencies
338+
run: pnpm install --frozen-lockfile
339+
340+
# - name: Install Vercel CLI
341+
# run: pnpm install -g vercel@latest
342+
343+
- name: Pull Vercel Environment Information
344+
run: pnpm vercel pull --yes --environment=production --token=${{ secrets.VERCEL_TOKEN }}
345+
# run: pnpm dlx vercel pull --yes --environment=production
346+
347+
- name: Build
348+
run: pnpm turbo run vercel-gha-build --filter=frontend
349+
350+
# - name: Build Project Artifacts
351+
# run: vercel build --prod --token=${{ secrets.VERCEL_TOKEN }}
352+
353+
# - name: Ls
354+
# run: ls -al apps/frontend/.vercel
355+
356+
# - name: Ls
357+
# run: ls -al apps/frontend/.next
358+
359+
- name: Cp n
360+
run: cp -a apps/frontend/.next/. .next/
361+
362+
- name: Cp v
363+
run: cp -a apps/frontend/.vercel/. .vercel/
364+
365+
# - name: Ls
366+
# run: ls -al
367+
368+
# - name: Ls
369+
# run: ls -al .vercel
370+
371+
# - name: Ls
372+
# run: ls -al .next
373+
374+
- name: Deploy Project Artifacts to Vercel
375+
#working-directory: apps/frontend
376+
run: pnpm vercel deploy --prebuilt --prod --token=${{ secrets.VERCEL_TOKEN }}
377+
# run: pnpm dlx vercel deploy --prebuilt --prod
378+
# run: pnpm dlx vercel deploy --prod --token=${{ secrets.VERCEL_TOKEN }}
379+
380+
381+
# 5. Expressのデプロイ (EC2)
382+
# deploy-express:
383+
# if: github.event_name == 'push'
384+
# name: Deploy Express App to EC2
385+
# runs-on: ubuntu-latest
386+
# needs: [test-build-express]
387+
# steps:
388+
# - name: Deploy
389+
# run: curl ${{ secrets.DEPLOY_HOOK }}

0 commit comments

Comments
 (0)