Docker/Maybe
Docker/Maybe
1
0
Fork 0
mirror of https://github.com/maybe-finance/maybe.git synced 2025-08-09 07:25:19 +02:00
Code Issues Releases Activity Actions

Removing github workflows

Browse source 
Will re-add once we've got a more stable foundation
This commit is contained in:
Josh Pigford 2024-01-12 10:14:55 -06:00
parent 6b498cdbca
commit f40b72552f
6 changed files with 0 additions and 388 deletions
Download patch file Download diff file Expand all files Collapse all files

23
.github/workflows/deploy-auth0.yml vendored
View file

@ -1,23 +0,0 @@
# Deploys the configuration stored in /auth0/tenant.yaml
name: Deploy Auth0
on:
workflow_dispatch:
inputs:
deploy_env:
required: true
description: The environment to deploy to
type: choice
options:
- staging
- production
default: staging
jobs:
deploy:
uses: ./.github/workflows/template.auth0-deploy.yml
with:
auth0_env: ${{ github.event.inputs.deploy_env }}
secrets:
client_secret: ${{ (github.event.inputs.deploy_env == 'production' && secrets.PROD_AUTH0_CLIENT_SECRET) || (github.event.inputs.deploy_env == 'staging' && secrets.STAGING_AUTH0_CLIENT_SECRET) }}
postmark_secret: ${{ secrets.POSTMARK_SMTP_PASS }}
apple_secret: ${{ secrets.APPLE_SIGN_IN_SECRET_KEY }}

58
.github/workflows/deploy-services-manual.yml vendored
View file

@ -1,58 +0,0 @@
# This workflow serves two purposes:
# 1. Allows us to deploy a specific PR to staging for testing
# 2. Allows us to re-deploy production off the `main` branch
name: MANUAL | Deploy services
on:
workflow_dispatch:
inputs:
deploy_env:
description: The environment to deploy to
type: choice
options:
- staging
- production
default: staging
required: true
deploy_shared_stack:
description: Deploy shared AWS resources?
type: boolean
required: false
default: true
deploy_server_stack:
description: Deploy server to ECS Fargate?
type: boolean
required: false
default: false
deploy_workers_stack:
description: Deploy Bull workers to ECS Fargate?
type: boolean
required: false
default: false
deploy_tools_stack:
description: Deploy tools stack? (CI/CD resources)
type: boolean
required: false
default: false
deploy_vercel_client:
description: Deploy Vercel client?
type: boolean
required: false
default: false
concurrency:
group: deployments
cancel-in-progress: false
jobs:
deploy:
uses: ./.github/workflows/template.deploy-services.yml
# Production can only be deployed from `main` manually, while staging can be deployed from any branch
if: ${{ (github.event.inputs.deploy_env == 'production' && github.ref == 'refs/heads/main') || github.event.inputs.deploy_env == 'staging' }}
with:
deploy_env: ${{ github.event.inputs.deploy_env }}
deploy_shared_stack: ${{ github.event.inputs.deploy_shared_stack == 'true' }}
deploy_server_stack: ${{ github.event.inputs.deploy_server_stack == 'true' }}
deploy_workers_stack: ${{ github.event.inputs.deploy_workers_stack == 'true' }}
deploy_tools_stack: ${{ github.event.inputs.deploy_tools_stack == 'true' }}
deploy_vercel_client: ${{ github.event.inputs.deploy_vercel_client == 'true' }}
secrets: inherit

61
.github/workflows/deploy-services.yml vendored
View file

@ -1,61 +0,0 @@
name: Deploy services
on:
push:
branches:
- 'main'
concurrency:
group: deployments
cancel-in-progress: false
jobs:
get_affected_apps:
name: Get affected apps
runs-on: ubuntu-latest
steps:
- name: Checkout repo
uses: actions/checkout@v3
with:
fetch-depth: 0 # NX needs the entire repo history to run affected commands
- name: Set NX commit SHAs for affected commands
uses: nrwl/nx-set-shas@v2 # derive appropriate SHAs for base and head for `nx affected` commands
# Only install nx affected command requirements, no need for a full dependency install
- name: Install requirements for nx
run: |
NX_REPO_VERSION=$(node -e "console.log(require('./package.json').devDependencies['@nrwl/workspace'])")
TS_REPO_VERSION=$(node -e "console.log(require('./package.json').devDependencies['typescript'])")
yarn add -D @nrwl/workspace@$NX_REPO_VERSION --prefer-offline
yarn add -D typescript@$TS_VERSION --prefer-offline
./node_modules/.bin/nx affected:apps --plain
- name: Set affected outputs
id: set_affected_outputs
shell: bash
run: ./tools/scripts/getAffectedApps.sh
- name: Verify outputs
run: |
echo "Will deploy client? ${{ steps.set_affected_outputs.outputs.client_affected == 'true' && 'yes' || 'no' }}"
echo "Will deploy server? ${{ steps.set_affected_outputs.outputs.server_affected == 'true' && 'yes' || 'no' }}"
echo "Will deploy workers? ${{ steps.set_affected_outputs.outputs.workers_affected == 'true' && 'yes' || 'no' }}"
outputs:
should_deploy_client: ${{ steps.set_affected_outputs.outputs.client_affected }}
should_deploy_server: ${{ steps.set_affected_outputs.outputs.server_affected }}
should_deploy_workers: ${{ steps.set_affected_outputs.outputs.workers_affected }}
deploy_production:
name: Deploy production services
needs: [get_affected_apps]
uses: ./.github/workflows/template.deploy-services.yml
with:
deploy_env: production
deploy_shared_stack: true
deploy_vercel_client: ${{ needs.get_affected_apps.outputs.should_deploy_client == 'true' }}
deploy_server_stack: ${{ needs.get_affected_apps.outputs.should_deploy_server == 'true' }}
deploy_workers_stack: ${{ needs.get_affected_apps.outputs.should_deploy_workers == 'true' }}
secrets: inherit

37
.github/workflows/template.auth0-deploy.yml vendored
View file

@ -1,37 +0,0 @@
# Deploys the configuration stored in /auth0/tenant.yaml
name: TEMPLATE | Deploy Auth0
on:
workflow_call:
inputs:
auth0_env:
description: Tenant to deploy to. Valid values are `staging | production`
type: string
required: true
secrets:
client_secret:
required: true
postmark_secret:
required: true
apple_secret:
required: true
concurrency:
group: auth0_deployments
cancel-in-progress: false
jobs:
deploy:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- uses: actions/setup-node@v2
with:
node-version: '18'
- run: yarn install --frozen-lockfile
- name: Deploy Auth0 resources
env:
AUTH0_DEPLOY_CLIENT_SECRET: ${{ secrets.client_secret }}
POSTMARK_SMTP_PASS: ${{ secrets.postmark_secret }}
APPLE_SIGN_IN_SECRET_KEY: ${{ secrets.apple_secret }}
AUTH0_ENV: ${{ inputs.auth0_env }}
run: yarn auth0:deploy

108
.github/workflows/template.deploy-services.yml vendored
View file

@ -1,108 +0,0 @@
name: TEMPLATE | Deploy services
on:
workflow_call:
inputs:
deploy_env:
description: Environment to deploy to. Valid values are `staging | production`
type: string
required: true
deploy_shared_stack:
type: boolean
required: false
default: true
deploy_server_stack:
type: boolean
required: false
default: false
deploy_workers_stack:
type: boolean
required: false
default: false
deploy_tools_stack:
type: boolean
required: false
default: false
deploy_vercel_client:
type: boolean
required: false
default: false
jobs:
deploy_services:
name: Deploy services
runs-on: [self-hosted, aws]
env:
CDK_ENV: ${{ inputs.deploy_env }} # Determines which AWS account resources are deployed to
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
AWS_DEFAULT_REGION: us-west-2
steps:
- name: Checkout repo
uses: actions/checkout@v3
- name: Print deploy targets
run: |
echo "Env: ${{ inputs.deploy_env }}"
echo "Shared: ${{ inputs.deploy_shared_stack }}"
echo "Server: ${{ inputs.deploy_server_stack }}"
echo "Workers: ${{ inputs.deploy_workers_stack }}"
echo "Client: ${{ inputs.deploy_vercel_client }}"
echo "Tools: ${{ inputs.deploy_tools_stack }}"
# If either server/workers need to be built, install node_modules
- name: Install node_modules
if: ${{ inputs.deploy_server_stack || inputs.deploy_workers_stack }}
run: yarn install --frozen-lockfile
# If server affected, build to /dist
- name: Build server
if: ${{ inputs.deploy_server_stack }}
run: yarn nx run server:build:production
# If workers affected, build to /dist
- name: Build workers
if: ${{ inputs.deploy_workers_stack }}
run: yarn nx run workers:build:production
- name: Initialize and test CDK
working-directory: aws/maybe-app
run: yarn install && ./node_modules/.bin/cdk ls && yarn test
- name: Deploy shared infrastructure
if: ${{ inputs.deploy_shared_stack }}
working-directory: aws/maybe-app
run: ./node_modules/.bin/cdk deploy SharedStack --require-approval never
- name: Deploy server and workers in parallel
if: ${{ inputs.deploy_server_stack && inputs.deploy_workers_stack }}
working-directory: aws/maybe-app
run: ./node_modules/.bin/cdk deploy ServerStack WorkersStack --concurrency 2 --require-approval never
- name: Deploy server only
if: ${{ inputs.deploy_server_stack && !inputs.deploy_workers_stack }}
working-directory: aws/maybe-app
run: ./node_modules/.bin/cdk deploy ServerStack --require-approval never
- name: Deploy workers only
if: ${{ inputs.deploy_workers_stack && !inputs.deploy_server_stack }}
working-directory: aws/maybe-app
run: ./node_modules/.bin/cdk deploy WorkersStack --require-approval never
- name: Deploy client
env:
VERCEL_DEPLOY_HOOK_URL: ${{ inputs.deploy_env == 'production' && secrets.VERCEL_DEPLOY_HOOK_URL || secrets.STAGING_VERCEL_DEPLOY_HOOK_URL }}
if: ${{ inputs.deploy_vercel_client }}
run: curl -X POST $VERCEL_DEPLOY_HOOK_URL
# This stack contains the github runner and other CI/CD tools on AWS
- name: Deploy tools
if: ${{ inputs.deploy_tools_stack }}
working-directory: aws/maybe-app
run: CDK_ENV=tools ./node_modules/.bin/cdk deploy ToolsStack --require-approval never
# Removes all Docker assets older than 1 day (leave recent images on machine to utilize Docker cache)
- name: Cleanup Docker
if: ${{ always() }}
run: docker system prune --all --filter "until=24h" --force

101
.github/workflows/validate-pull-request.yml vendored
View file

@ -1,101 +0,0 @@
name: Validate Pull Request
on: [pull_request]
concurrency:
group: ${{ github.ref }}-validate-pr-group
cancel-in-progress: true
jobs:
# Builds affected apps and runs unit tests
build_test:
name: Build and Test
runs-on: ubuntu-latest
services:
redis:
image: redis:6-alpine
options: >-
--health-cmd "redis-cli ping"
--health-interval 10s
--health-timeout 5s
--health-retries 5
ports:
- 6379:6379
postgres:
image: timescale/timescaledb:latest-pg14
env:
POSTGRES_USER: maybe
POSTGRES_PASSWORD: maybe
POSTGRES_DB: maybe_local
options: >-
--health-cmd pg_isready
--health-interval 10s
--health-timeout 5s
--health-retries 5
ports:
- 5432:5432
steps:
- name: Checkout repo
uses: actions/checkout@v2
with:
fetch-depth: 0
- name: Set NX commit SHAs for affected commands
uses: nrwl/nx-set-shas@v2 # derive appropriate SHAs for base and head for `nx affected` commands
- name: Setup Node
uses: actions/setup-node@v2
with:
node-version: '18'
cache: 'yarn'
- name: Install node_modules
run: yarn install --frozen-lockfile
- name: Run unit tests
run: yarn nx affected --target=test --parallel=5 --testPathPattern='^(?!.*integration).*$'
- name: Build affected apps
run: yarn nx affected --target=build --parallel=5
- name: Setup env
run: |
cat << EOF > .env
NX_AUTH0_CLIENT_SECRET=${{ secrets.NX_AUTH0_CLIENT_SECRET }}
NX_AUTH0_MGMT_CLIENT_SECRET=${{ secrets.NX_AUTH0_MGMT_CLIENT_SECRET }}
NX_DATABASE_SECRET=${{ secrets.NX_DATABASE_SECRET }}
NX_SESSION_SECRET=${{ secrets.NX_SESSION_SECRET }}
NX_PLAID_SECRET=${{ secrets.NX_PLAID_SECRET }}
NX_POLYGON_API_KEY=${{ secrets.NX_POLYGON_API_KEY }}
NX_FINICITY_APP_KEY=${{ secrets.NX_FINICITY_APP_KEY }}
NX_FINICITY_PARTNER_SECRET=${{ secrets.NX_FINICITY_PARTNER_SECRET }}
NX_STRIPE_SECRET_KEY=${{ secrets.NX_STRIPE_SECRET_KEY }}
NX_STRIPE_WEBHOOK_SECRET=${{ secrets.NX_STRIPE_WEBHOOK_SECRET }}
NX_PLAID_WEBHOOK_URL=none
NX_DATABASE_URL=postgresql://maybe:maybe@localhost:5432/maybe_local?connection_limit=32&pool_timeout=20
NX_REDIS_URL=redis://localhost:6379
EOF
- name: Run local DB migration for testing
run: yarn prisma:migrate:deploy
- name: Run integration tests
run: sudo yarn dev:ci:test --testPathPattern='^.*\.integration\.spec\.ts$'
- name: Start apps
run: yarn nx run-many --parallel --target=serve --projects=client,server,workers &
- name: Run end-to-end tests
if: "!contains(github.event.head_commit.message, 'skip-e2e')"
run: |
sudo yarn cypress install
yarn wait-on -t 120000 http://localhost:4200
sudo yarn dev:ci:e2e --env.WEBHOOK_TYPE 'mock'
- name: Upload test artifacts
if: failure()
uses: actions/upload-artifact@v2
with:
name: cypress-artifacts
path: dist/cypress/apps/e2e