From f40b72552f8a00cc61bd1e6aa8ddf0aa772d47b2 Mon Sep 17 00:00:00 2001 From: Josh Pigford Date: Fri, 12 Jan 2024 10:14:55 -0600 Subject: [PATCH] Removing github workflows Will re-add once we've got a more stable foundation --- .github/workflows/deploy-auth0.yml | 23 ---- .github/workflows/deploy-services-manual.yml | 58 ---------- .github/workflows/deploy-services.yml | 61 ---------- .github/workflows/template.auth0-deploy.yml | 37 ------ .../workflows/template.deploy-services.yml | 108 ------------------ .github/workflows/validate-pull-request.yml | 101 ---------------- 6 files changed, 388 deletions(-) delete mode 100644 .github/workflows/deploy-auth0.yml delete mode 100644 .github/workflows/deploy-services-manual.yml delete mode 100644 .github/workflows/deploy-services.yml delete mode 100644 .github/workflows/template.auth0-deploy.yml delete mode 100644 .github/workflows/template.deploy-services.yml delete mode 100644 .github/workflows/validate-pull-request.yml diff --git a/.github/workflows/deploy-auth0.yml b/.github/workflows/deploy-auth0.yml deleted file mode 100644 index 339f5e4f..00000000 --- a/.github/workflows/deploy-auth0.yml +++ /dev/null @@ -1,23 +0,0 @@ -# Deploys the configuration stored in /auth0/tenant.yaml -name: Deploy Auth0 -on: - workflow_dispatch: - inputs: - deploy_env: - required: true - description: The environment to deploy to - type: choice - options: - - staging - - production - default: staging - -jobs: - deploy: - uses: ./.github/workflows/template.auth0-deploy.yml - with: - auth0_env: ${{ github.event.inputs.deploy_env }} - secrets: - client_secret: ${{ (github.event.inputs.deploy_env == 'production' && secrets.PROD_AUTH0_CLIENT_SECRET) || (github.event.inputs.deploy_env == 'staging' && secrets.STAGING_AUTH0_CLIENT_SECRET) }} - postmark_secret: ${{ secrets.POSTMARK_SMTP_PASS }} - apple_secret: ${{ secrets.APPLE_SIGN_IN_SECRET_KEY }} diff --git a/.github/workflows/deploy-services-manual.yml b/.github/workflows/deploy-services-manual.yml deleted file mode 100644 index 4780580c..00000000 --- a/.github/workflows/deploy-services-manual.yml +++ /dev/null @@ -1,58 +0,0 @@ -# This workflow serves two purposes: -# 1. Allows us to deploy a specific PR to staging for testing -# 2. Allows us to re-deploy production off the `main` branch -name: MANUAL | Deploy services -on: - workflow_dispatch: - inputs: - deploy_env: - description: The environment to deploy to - type: choice - options: - - staging - - production - default: staging - required: true - deploy_shared_stack: - description: Deploy shared AWS resources? - type: boolean - required: false - default: true - deploy_server_stack: - description: Deploy server to ECS Fargate? - type: boolean - required: false - default: false - deploy_workers_stack: - description: Deploy Bull workers to ECS Fargate? - type: boolean - required: false - default: false - deploy_tools_stack: - description: Deploy tools stack? (CI/CD resources) - type: boolean - required: false - default: false - deploy_vercel_client: - description: Deploy Vercel client? - type: boolean - required: false - default: false - -concurrency: - group: deployments - cancel-in-progress: false - -jobs: - deploy: - uses: ./.github/workflows/template.deploy-services.yml - # Production can only be deployed from `main` manually, while staging can be deployed from any branch - if: ${{ (github.event.inputs.deploy_env == 'production' && github.ref == 'refs/heads/main') || github.event.inputs.deploy_env == 'staging' }} - with: - deploy_env: ${{ github.event.inputs.deploy_env }} - deploy_shared_stack: ${{ github.event.inputs.deploy_shared_stack == 'true' }} - deploy_server_stack: ${{ github.event.inputs.deploy_server_stack == 'true' }} - deploy_workers_stack: ${{ github.event.inputs.deploy_workers_stack == 'true' }} - deploy_tools_stack: ${{ github.event.inputs.deploy_tools_stack == 'true' }} - deploy_vercel_client: ${{ github.event.inputs.deploy_vercel_client == 'true' }} - secrets: inherit diff --git a/.github/workflows/deploy-services.yml b/.github/workflows/deploy-services.yml deleted file mode 100644 index 794d7cca..00000000 --- a/.github/workflows/deploy-services.yml +++ /dev/null @@ -1,61 +0,0 @@ -name: Deploy services - -on: - push: - branches: - - 'main' - -concurrency: - group: deployments - cancel-in-progress: false - -jobs: - get_affected_apps: - name: Get affected apps - runs-on: ubuntu-latest - - steps: - - name: Checkout repo - uses: actions/checkout@v3 - with: - fetch-depth: 0 # NX needs the entire repo history to run affected commands - - - name: Set NX commit SHAs for affected commands - uses: nrwl/nx-set-shas@v2 # derive appropriate SHAs for base and head for `nx affected` commands - - # Only install nx affected command requirements, no need for a full dependency install - - name: Install requirements for nx - run: | - NX_REPO_VERSION=$(node -e "console.log(require('./package.json').devDependencies['@nrwl/workspace'])") - TS_REPO_VERSION=$(node -e "console.log(require('./package.json').devDependencies['typescript'])") - yarn add -D @nrwl/workspace@$NX_REPO_VERSION --prefer-offline - yarn add -D typescript@$TS_VERSION --prefer-offline - ./node_modules/.bin/nx affected:apps --plain - - - name: Set affected outputs - id: set_affected_outputs - shell: bash - run: ./tools/scripts/getAffectedApps.sh - - - name: Verify outputs - run: | - echo "Will deploy client? ${{ steps.set_affected_outputs.outputs.client_affected == 'true' && 'yes' || 'no' }}" - echo "Will deploy server? ${{ steps.set_affected_outputs.outputs.server_affected == 'true' && 'yes' || 'no' }}" - echo "Will deploy workers? ${{ steps.set_affected_outputs.outputs.workers_affected == 'true' && 'yes' || 'no' }}" - - outputs: - should_deploy_client: ${{ steps.set_affected_outputs.outputs.client_affected }} - should_deploy_server: ${{ steps.set_affected_outputs.outputs.server_affected }} - should_deploy_workers: ${{ steps.set_affected_outputs.outputs.workers_affected }} - - deploy_production: - name: Deploy production services - needs: [get_affected_apps] - uses: ./.github/workflows/template.deploy-services.yml - with: - deploy_env: production - deploy_shared_stack: true - deploy_vercel_client: ${{ needs.get_affected_apps.outputs.should_deploy_client == 'true' }} - deploy_server_stack: ${{ needs.get_affected_apps.outputs.should_deploy_server == 'true' }} - deploy_workers_stack: ${{ needs.get_affected_apps.outputs.should_deploy_workers == 'true' }} - secrets: inherit diff --git a/.github/workflows/template.auth0-deploy.yml b/.github/workflows/template.auth0-deploy.yml deleted file mode 100644 index 9b8e188c..00000000 --- a/.github/workflows/template.auth0-deploy.yml +++ /dev/null @@ -1,37 +0,0 @@ -# Deploys the configuration stored in /auth0/tenant.yaml -name: TEMPLATE | Deploy Auth0 -on: - workflow_call: - inputs: - auth0_env: - description: Tenant to deploy to. Valid values are `staging | production` - type: string - required: true - secrets: - client_secret: - required: true - postmark_secret: - required: true - apple_secret: - required: true - -concurrency: - group: auth0_deployments - cancel-in-progress: false - -jobs: - deploy: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v2 - - uses: actions/setup-node@v2 - with: - node-version: '18' - - run: yarn install --frozen-lockfile - - name: Deploy Auth0 resources - env: - AUTH0_DEPLOY_CLIENT_SECRET: ${{ secrets.client_secret }} - POSTMARK_SMTP_PASS: ${{ secrets.postmark_secret }} - APPLE_SIGN_IN_SECRET_KEY: ${{ secrets.apple_secret }} - AUTH0_ENV: ${{ inputs.auth0_env }} - run: yarn auth0:deploy diff --git a/.github/workflows/template.deploy-services.yml b/.github/workflows/template.deploy-services.yml deleted file mode 100644 index efd58624..00000000 --- a/.github/workflows/template.deploy-services.yml +++ /dev/null @@ -1,108 +0,0 @@ -name: TEMPLATE | Deploy services -on: - workflow_call: - inputs: - deploy_env: - description: Environment to deploy to. Valid values are `staging | production` - type: string - required: true - deploy_shared_stack: - type: boolean - required: false - default: true - deploy_server_stack: - type: boolean - required: false - default: false - deploy_workers_stack: - type: boolean - required: false - default: false - deploy_tools_stack: - type: boolean - required: false - default: false - deploy_vercel_client: - type: boolean - required: false - default: false - -jobs: - deploy_services: - name: Deploy services - runs-on: [self-hosted, aws] - - env: - CDK_ENV: ${{ inputs.deploy_env }} # Determines which AWS account resources are deployed to - AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} - AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} - AWS_DEFAULT_REGION: us-west-2 - - steps: - - name: Checkout repo - uses: actions/checkout@v3 - - - name: Print deploy targets - run: | - echo "Env: ${{ inputs.deploy_env }}" - echo "Shared: ${{ inputs.deploy_shared_stack }}" - echo "Server: ${{ inputs.deploy_server_stack }}" - echo "Workers: ${{ inputs.deploy_workers_stack }}" - echo "Client: ${{ inputs.deploy_vercel_client }}" - echo "Tools: ${{ inputs.deploy_tools_stack }}" - - # If either server/workers need to be built, install node_modules - - name: Install node_modules - if: ${{ inputs.deploy_server_stack || inputs.deploy_workers_stack }} - run: yarn install --frozen-lockfile - - # If server affected, build to /dist - - name: Build server - if: ${{ inputs.deploy_server_stack }} - run: yarn nx run server:build:production - - # If workers affected, build to /dist - - name: Build workers - if: ${{ inputs.deploy_workers_stack }} - run: yarn nx run workers:build:production - - - name: Initialize and test CDK - working-directory: aws/maybe-app - run: yarn install && ./node_modules/.bin/cdk ls && yarn test - - - name: Deploy shared infrastructure - if: ${{ inputs.deploy_shared_stack }} - working-directory: aws/maybe-app - run: ./node_modules/.bin/cdk deploy SharedStack --require-approval never - - - name: Deploy server and workers in parallel - if: ${{ inputs.deploy_server_stack && inputs.deploy_workers_stack }} - working-directory: aws/maybe-app - run: ./node_modules/.bin/cdk deploy ServerStack WorkersStack --concurrency 2 --require-approval never - - - name: Deploy server only - if: ${{ inputs.deploy_server_stack && !inputs.deploy_workers_stack }} - working-directory: aws/maybe-app - run: ./node_modules/.bin/cdk deploy ServerStack --require-approval never - - - name: Deploy workers only - if: ${{ inputs.deploy_workers_stack && !inputs.deploy_server_stack }} - working-directory: aws/maybe-app - run: ./node_modules/.bin/cdk deploy WorkersStack --require-approval never - - - name: Deploy client - env: - VERCEL_DEPLOY_HOOK_URL: ${{ inputs.deploy_env == 'production' && secrets.VERCEL_DEPLOY_HOOK_URL || secrets.STAGING_VERCEL_DEPLOY_HOOK_URL }} - if: ${{ inputs.deploy_vercel_client }} - run: curl -X POST $VERCEL_DEPLOY_HOOK_URL - - # This stack contains the github runner and other CI/CD tools on AWS - - name: Deploy tools - if: ${{ inputs.deploy_tools_stack }} - working-directory: aws/maybe-app - run: CDK_ENV=tools ./node_modules/.bin/cdk deploy ToolsStack --require-approval never - - # Removes all Docker assets older than 1 day (leave recent images on machine to utilize Docker cache) - - name: Cleanup Docker - if: ${{ always() }} - run: docker system prune --all --filter "until=24h" --force diff --git a/.github/workflows/validate-pull-request.yml b/.github/workflows/validate-pull-request.yml deleted file mode 100644 index 989f6d97..00000000 --- a/.github/workflows/validate-pull-request.yml +++ /dev/null @@ -1,101 +0,0 @@ -name: Validate Pull Request - -on: [pull_request] - -concurrency: - group: ${{ github.ref }}-validate-pr-group - cancel-in-progress: true - -jobs: - # Builds affected apps and runs unit tests - build_test: - name: Build and Test - runs-on: ubuntu-latest - - services: - redis: - image: redis:6-alpine - options: >- - --health-cmd "redis-cli ping" - --health-interval 10s - --health-timeout 5s - --health-retries 5 - ports: - - 6379:6379 - - postgres: - image: timescale/timescaledb:latest-pg14 - env: - POSTGRES_USER: maybe - POSTGRES_PASSWORD: maybe - POSTGRES_DB: maybe_local - options: >- - --health-cmd pg_isready - --health-interval 10s - --health-timeout 5s - --health-retries 5 - ports: - - 5432:5432 - - steps: - - name: Checkout repo - uses: actions/checkout@v2 - with: - fetch-depth: 0 - - - name: Set NX commit SHAs for affected commands - uses: nrwl/nx-set-shas@v2 # derive appropriate SHAs for base and head for `nx affected` commands - - - name: Setup Node - uses: actions/setup-node@v2 - with: - node-version: '18' - cache: 'yarn' - - - name: Install node_modules - run: yarn install --frozen-lockfile - - - name: Run unit tests - run: yarn nx affected --target=test --parallel=5 --testPathPattern='^(?!.*integration).*$' - - - name: Build affected apps - run: yarn nx affected --target=build --parallel=5 - - - name: Setup env - run: | - cat << EOF > .env - NX_AUTH0_CLIENT_SECRET=${{ secrets.NX_AUTH0_CLIENT_SECRET }} - NX_AUTH0_MGMT_CLIENT_SECRET=${{ secrets.NX_AUTH0_MGMT_CLIENT_SECRET }} - NX_DATABASE_SECRET=${{ secrets.NX_DATABASE_SECRET }} - NX_SESSION_SECRET=${{ secrets.NX_SESSION_SECRET }} - NX_PLAID_SECRET=${{ secrets.NX_PLAID_SECRET }} - NX_POLYGON_API_KEY=${{ secrets.NX_POLYGON_API_KEY }} - NX_FINICITY_APP_KEY=${{ secrets.NX_FINICITY_APP_KEY }} - NX_FINICITY_PARTNER_SECRET=${{ secrets.NX_FINICITY_PARTNER_SECRET }} - NX_STRIPE_SECRET_KEY=${{ secrets.NX_STRIPE_SECRET_KEY }} - NX_STRIPE_WEBHOOK_SECRET=${{ secrets.NX_STRIPE_WEBHOOK_SECRET }} - NX_PLAID_WEBHOOK_URL=none - NX_DATABASE_URL=postgresql://maybe:maybe@localhost:5432/maybe_local?connection_limit=32&pool_timeout=20 - NX_REDIS_URL=redis://localhost:6379 - EOF - - name: Run local DB migration for testing - run: yarn prisma:migrate:deploy - - - name: Run integration tests - run: sudo yarn dev:ci:test --testPathPattern='^.*\.integration\.spec\.ts$' - - - name: Start apps - run: yarn nx run-many --parallel --target=serve --projects=client,server,workers & - - - name: Run end-to-end tests - if: "!contains(github.event.head_commit.message, 'skip-e2e')" - run: | - sudo yarn cypress install - yarn wait-on -t 120000 http://localhost:4200 - sudo yarn dev:ci:e2e --env.WEBHOOK_TYPE 'mock' - - name: Upload test artifacts - if: failure() - uses: actions/upload-artifact@v2 - with: - name: cypress-artifacts - path: dist/cypress/apps/e2e