-
-
Notifications
You must be signed in to change notification settings - Fork 10
255 lines (209 loc) · 9.87 KB
/
deploy.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
name: CD Azure
on:
push:
branches:
- main
pull_request_target:
types: [opened, synchronize, reopened, closed, labeled]
branches:
- main
permissions:
pull-requests: write
id-token: write
jobs:
pr_preview:
name: Build & Deploy to PR preview
runs-on: windows-latest
if: github.event_name == 'pull_request_target' && github.event.action != 'closed'
env:
DATABASE_URL: ${{ format(secrets.AZURE_PR_DATABASE_URL, github.event.pull_request.number) }}
GITHUB_REPO_TOKEN: ${{ secrets.GITHUBS_REPO_TOKEN }}
steps:
# We could also add these checks to the above if condition, to skip the workflow if its unsecure to run.
# However, Github views skipped workflows as "successful" and thus one could merge a PR without running this workflow first.
- name: Fail if unsecure
if: "!contains(github.event.pull_request.labels.*.name, 'status: safe to test') && github.actor != 'tobiasdiez'"
run: exit 1
- name: Checkout
uses: actions/[email protected]
with:
ref: ${{ github.event.pull_request.head.sha }}
- name: Setup Node.js
uses: actions/[email protected]
with:
node-version: 18
cache: 'yarn'
- name: Build
run: |
yarn install
yarn build:azure
- name: Login to Azure
uses: Azure/login@v1
with:
client-id: ${{ secrets.AZURE_CLIENT_ID }}
tenant-id: ${{ secrets.AZURE_TENANT_ID }}
subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
- name: Deploy Web App
id: deploy_web
run: |
# Delete old deployment (otherwise we get a spawn EBUSY error when running the workflow again)
az staticwebapp environment delete --name jabref-online --environment-name ${{ github.event.pull_request.number }} --yes || true
# Workaround for https://github.com/Azure/static-web-apps-cli/issues/557 and https://github.com/Azure/static-web-apps-cli/issues/565
$output = yarn swa deploy .output\public --env ${{ github.event.pull_request.number }} --verbose=silly 2>&1 | Out-String
Write-Host $output
$match = $output | Select-String -Pattern 'Project deployed to (?<url>.*) '
if ($match -eq $null) { exit 1 }
$url = $match.Matches[0].Groups['url'].Value
echo "url=$url" >> $env:GITHUB_OUTPUT
env:
SWA_CLI_DEPLOYMENT_TOKEN: ${{ secrets.AZURE_STATIC_WEB_APPS_API_TOKEN_MANGO_PEBBLE_0224C3803 }}
- name: Install Python
uses: actions/setup-python@v4
with:
python-version: '3.10'
- name: Create test database on Azure
run: |
$name = "postgres_test_${{ github.event.pull_request.number }}"
az postgres flexible-server db create --server-name jabrefdb --resource-group JabRefOnline --database-name $name --charset utf8 --collation en_US.utf8
$pwd = az account get-access-token --resource-type oss-rdbms --output tsv --query accessToken
# For some reason the public schema is not created automatically, so we need to do it manually
# We also need to manually install an old version of rdbms due to https://github.com/Azure/azure-cli/issues/25067
az extension add --name rdbms-connect --version 1.0.3 --debug
az postgres flexible-server execute --name jabrefdb -u "Github" -p "$pwd" --database-name $name -q "GRANT CREATE ON DATABASE $name TO azure_pg_admin; create schema public;" --output table
yarn prisma:migrate:reset --force
- name: Create & Link Function App
run: |
pip install azure-identity azure-mgmt-web azure-mgmt-storage azure-mgmt-applicationinsights azure-mgmt-redis azure-mgmt-communication
python .github\scripts\deploy.py --env ${{ github.event.pull_request.number }}
env:
SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
AZURE_SESSION_SECRET: ${{ secrets.AZURE_SESSION_SECRET }}
- name: Deploy Function App
run: |
Compress-Archive -Path .output\server\* -DestinationPath .output\server.zip
az functionapp deployment source config-zip -g JabRefOnline -n jabref-function-${{ github.event.pull_request.number }} --src .output\server.zip
- name: Check HTTP status
run: |
Start-Sleep -Seconds 30
curl -s -w 'Establish Connection: %{time_connect}s\nTTFB: %{time_starttransfer}s\nTotal: %{time_total}s\n' ${{ steps.deploy_web.outputs.url }} || true
curl -s -w 'Establish Connection: %{time_connect}s\nTTFB: %{time_starttransfer}s\nTotal: %{time_total}s\n' ${{ steps.deploy_web.outputs.url }}/api || true
# The api returns 400 status code for some reason
# uses: gerdemann/[email protected]
# with:
# url: ${{ steps.deploy_web.outputs.url }}/api
# code: 200
# timeout: 300 # initial warm up can take quite some time
# interval: 30
- name: Report URL as PR comment
uses: marocchino/sticky-pull-request-comment@v2
with:
message: |
Deployed ${{ github.sha }} to ${{ steps.deploy_web.outputs.url }}
- name: Run API tests
run: yarn test:api
env:
TEST_URL: ${{ steps.deploy_web.outputs.url }}
build_and_deploy:
name: Build & Deploy to ${{ matrix.environment }}
runs-on: windows-latest
if: github.event_name == 'push'
strategy:
fail-fast: false
matrix:
include:
- environment: Test
url: https://dev.www.jabref.org
deployment_environment: dev
- environment: Staging
url: https://staging.www.jabref.org
deployment_environment: staging
- environment: Production
url: https://www.jabref.org
deployment_environment: default
environment:
name: ${{ matrix.environment }}
url: ${{ matrix.url }}
env:
DATABASE_URL: ${{ matrix.environment == 'Test' && secrets.AZURE_TEST_DATABASE_URL || secrets.AZURE_DATABASE_URL }}
GITHUB_REPO_TOKEN: ${{ secrets.GITHUBS_REPO_TOKEN }}
steps:
- name: Checkout
uses: actions/[email protected]
- name: Setup Node.js
uses: actions/[email protected]
with:
node-version: 18
cache: 'yarn'
- name: Install dependencies
run: yarn install
- name: Reset Test database on Azure
if: matrix.environment == 'Test'
run: yarn prisma:migrate:reset --force
- name: Update Production database on Azure
if: matrix.environment == 'Staging'
run: yarn prisma:migrate:deploy
- name: Build
run: yarn build:azure
- name: Login to Azure
uses: Azure/login@v1
with:
client-id: ${{ secrets.AZURE_CLIENT_ID }}
tenant-id: ${{ secrets.AZURE_TENANT_ID }}
subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
- name: Deploy Web App
run: |
# Delete old deployment (otherwise we get a spawn EBUSY error when running the workflow again)
az staticwebapp environment delete --name jabref-online --environment-name ${{ matrix.deployment_environment }} --yes || true
yarn swa deploy .output\public --env ${{ matrix.deployment_environment }}
env:
SWA_CLI_DEPLOYMENT_TOKEN: ${{ secrets.AZURE_STATIC_WEB_APPS_API_TOKEN_MANGO_PEBBLE_0224C3803 }}
- name: Install Python
uses: actions/setup-python@v4
with:
python-version: '3.10'
- name: Create & Link Function App
run: |
pip install azure-identity azure-mgmt-web azure-mgmt-storage azure-mgmt-applicationinsights azure-mgmt-redis azure-mgmt-communication
python .github\scripts\deploy.py --env ${{ matrix.deployment_environment }}
env:
SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
AZURE_SESSION_SECRET: ${{ secrets.AZURE_SESSION_SECRET }}
- name: Deploy Function App
run: |
Compress-Archive -Path .output\server\* -DestinationPath .output\server.zip
az functionapp deployment source config-zip -g JabRefOnline -n jabref-function-${{ matrix.deployment_environment }} --src .output\server.zip
- name: Check HTTP status
run: |
Start-Sleep -Seconds 30
curl -s -w 'Establish Connection: %{time_connect}s\nTTFB: %{time_starttransfer}s\nTotal: %{time_total}s\n' ${{ matrix.url }} || true
curl -s -w 'Establish Connection: %{time_connect}s\nTTFB: %{time_starttransfer}s\nTotal: %{time_total}s\n' ${{ matrix.url }}/api || true
# The api returns 400 status code for some reason
# with:
# url: ${{ matrix.url }}/api
# code: 200
# timeout: 300 # initial warm up can take quite some time
# interval: 30
- name: Run API tests
run: yarn test:api
env:
TEST_URL: ${{ matrix.url }}
close_pr_preview:
name: Close PR preview
if: github.event_name == 'pull_request_target' && github.event.action == 'closed'
runs-on: ubuntu-latest
steps:
- name: Delete WebApp environment
uses: Azure/static-web-apps-deploy@v1
with:
azure_static_web_apps_api_token: ${{ secrets.AZURE_STATIC_WEB_APPS_API_TOKEN_MANGO_PEBBLE_0224C3803 }}
action: 'close'
- name: Login to Azure
uses: Azure/login@v1
with:
client-id: ${{ secrets.AZURE_CLIENT_ID }}
tenant-id: ${{ secrets.AZURE_TENANT_ID }}
subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
- name: Delete Function App
run: az functionapp delete --name jabref-function-${{ github.event.pull_request.number }} --resource-group JabRefOnline
- name: Delete test database
run: az postgres flexible-server db delete --server-name jabrefdb --resource-group JabRefOnline --database-name postgres_test_${{ github.event.pull_request.number }} -y