-
Notifications
You must be signed in to change notification settings - Fork 859
146 lines (139 loc) · 6.21 KB
/
ci-cd.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
name: CI/CD
on:
pull_request: # Runs whenever a pull request is created or updated
push: # Runs whenever a commit is pushed to the repository
branches: [master, develop, beta, hotfix/*] # ...on any of these branches
workflow_dispatch: # Allows you to run this workflow manually from the Actions tab
concurrency:
group: '${{ github.workflow }} @ ${{ github.event.pull_request.head.label || github.head_ref || github.ref }}'
cancel-in-progress: true
env:
CXX: g++-4.8
FASTLY_ACTIVATE_CHANGES: true
FASTLY_PURGE_ALL: true
NODE_ENV: production
SKIP_CLEANUP: true
jobs:
build-and-test-and-maybe-deploy:
runs-on: ubuntu-latest
environment: >-
${{
(
(github.ref == 'refs/heads/master') && 'production'
) ||
(
(
(github.ref == 'refs/heads/develop') ||
(github.ref == 'refs/heads/beta') ||
startsWith(github.ref, 'refs/heads/hotfix/') ||
startsWith(github.ref, 'refs/heads/release/')
) && 'staging'
) ||
''
}}
env:
# SCRATCH_ENV comes from the GitHub Environment
# See https://github.com/scratchfoundation/scratch-www/settings/variables/actions
SCRATCH_SHOULD_DEPLOY: ${{ vars.SCRATCH_ENV != '' }}
steps:
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4
- uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 # v4
with:
cache: 'npm'
node-version-file: '.nvmrc'
- name: info
run: |
echo "Scratch environment: ${{ vars.SCRATCH_ENV }}"
echo "Node version: $(node --version)"
echo "NPM version: $(npm --version)"
- name: setup
run: |
npm --production=false ci
mkdir -p ./test/results
- name: lint
run: npm run test:lint:ci
- name: build
run: WWW_VERSION=${GITHUB_SHA:0:5} npm run build
env:
# webpack.config.js uses these with `DefinePlugin`
API_HOST: ${{ secrets.API_HOST }}
RECAPTCHA_SITE_KEY: ${{ secrets.RECAPTCHA_SITE_KEY }}
ASSET_HOST: ${{ secrets.ASSET_HOST }}
BACKPACK_HOST: ${{ secrets.BACKPACK_HOST }}
CLOUDDATA_HOST: ${{ secrets.CLOUDDATA_HOST }}
PROJECT_HOST: ${{ secrets.PROJECT_HOST }}
STATIC_HOST: ${{ secrets.STATIC_HOST }}
SCRATCH_ENV: ${{ vars.SCRATCH_ENV }}
# used by src/template-config.js
GTM_ID: ${{ secrets.GTM_ID }}
GTM_ENV_AUTH: ${{ secrets.GTM_ENV_AUTH }}
- name: unit tests
run: |
JEST_JUNIT_OUTPUT_NAME=unit-jest-results.xml npm run test:unit:jest:unit -- --reporters=jest-junit
JEST_JUNIT_OUTPUT_NAME=localization-jest-results.xml npm run test:unit:jest:localization -- --reporters=jest-junit
npm run test:unit:tap -- --output-file ./test/results/unit-raw.tap
npm run test:unit:convertReportToXunit
- name: setup Python
if: ${{ env.SCRATCH_SHOULD_DEPLOY == 'true' }}
run: |
curl https://bootstrap.pypa.io/pip/3.5/get-pip.py -o get-pip.py
python3 get-pip.py pip==21.0.1
pip install s3cmd==2.3.0
- name: deploy
if: ${{ env.SCRATCH_SHOULD_DEPLOY == 'true' }}
run: npm run deploy
env:
S3_LOCAL_DIR: build
S3_BUCKET_NAME: ${{ secrets.S3_BUCKET_NAME }}
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
FASTLY_API_KEY: ${{ secrets.FASTLY_API_KEY }}
FASTLY_SERVICE_ID: ${{ secrets.FASTLY_SERVICE_ID }}
SCRATCH_BRANCH: ${{ github.ref_name }}
SCRATCH_ENV: ${{ vars.SCRATCH_ENV }}
SLACK_WEBHOOK_CIRCLECI_NOTIFICATIONS: ${{ secrets.SLACK_WEBHOOK_CIRCLECI_NOTIFICATIONS }} # TODO: rename or replace
SLACK_WEBHOOK_ENGINEERING: ${{ secrets.SLACK_WEBHOOK_ENGINEERING }}
SLACK_WEBHOOK_MODS: ${{ secrets.SLACK_WEBHOOK_MODS }}
RADISH_URL: ${{ vars.RADISH_URL }}
- name: integration tests
if: ${{ env.SCRATCH_SHOULD_DEPLOY == 'true' }}
run: |
if [ '${{ vars.SCRATCH_ENV }}' == 'production' ]; then
# if the health test fails, there's no point in trying to run the integration tests
npm run test:health
# health test succeeded, so proceed with integration tests
JEST_JUNIT_OUTPUT_NAME=integration-jest-results.xml npm run test:integration -- --reporters=jest-junit
else
echo "Skipping integration tests for non-production environment"
echo "Please run the integration tests manually if necessary"
fi
env:
ROOT_URL: ${{ secrets.ROOT_URL }}
# test/integration-legacy/selenium-helpers.js
CI: "true"
CIRCLECI: "true" # TODO
CIRCLE_BUILD_NUM: ${{ github.run_id }} # TODO
SAUCE_ACCESS_KEY: ${{ secrets.SAUCE_ACCESS_KEY }}
SAUCE_USERNAME: ${{ secrets.SAUCE_USERNAME }}
SMOKE_REMOTE: "true" # use Sauce Labs
# test/integration/*
SMOKE_USERNAME: ${{ secrets.SMOKE_USERNAME }}
SMOKE_PASSWORD: ${{ secrets.SMOKE_PASSWORD }}
COMMENT_PROJECT_ID: ${{ secrets.COMMENT_PROJECT_ID }}
COMMENT_STUDIO_ID: ${{ secrets.COMMENT_STUDIO_ID }}
UNOWNED_SHARED_PROJECT_ID: ${{ secrets.UNOWNED_SHARED_PROJECT_ID }}
OWNED_SHARED_PROJECT_ID: ${{ secrets.OWNED_SHARED_PROJECT_ID }}
OWNED_UNSHARED_PROJECT_ID: ${{ secrets.OWNED_UNSHARED_PROJECT_ID }}
UNOWNED_UNSHARED_PROJECT_ID: ${{ secrets.UNOWNED_UNSHARED_PROJECT_ID }}
UNOWNED_SHARED_SCRATCH2_PROJECT_ID: ${{ secrets.UNOWNED_SHARED_SCRATCH2_PROJECT_ID }}
OWNED_UNSHARED_SCRATCH2_PROJECT_ID: ${{ secrets.OWNED_UNSHARED_SCRATCH2_PROJECT_ID }}
TEST_STUDIO_ID: ${{ secrets.TEST_STUDIO_ID }}
RATE_LIMIT_CHECK: ${{ secrets.RATE_LIMIT_CHECK }}
- name: compress artifact
if: ${{ env.SCRATCH_SHOULD_DEPLOY == 'true' }}
run: tar -czvf build.tgz build
- name: upload artifact
if: ${{ env.SCRATCH_SHOULD_DEPLOY == 'true' }}
uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4
with:
path: build.tgz