Skip to content
This repository has been archived by the owner on Jan 10, 2024. It is now read-only.

nix flake update

nix flake update #213

Workflow file for this run

---
name: Continuous Integration
env:
SLACK_CHANNEL_ID: "${{ secrets.SLACK_CHANNEL_ID }}"
on:
push:
branches-ignore:
- refs/tags/*_staging
- refs/tags/*_production
jobs:
build:
runs-on: ubuntu-20.04
steps:
- name: Checkout branch
# Pin to v3.1.0 SHA
uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8
- name: Extract branch name
shell: bash
run: echo "branch=${GITHUB_REF#refs/heads/}" >> $GITHUB_OUTPUT
id: extract_branch
- name: Cache gems
# Pin to 3.0.11 SHA
uses: actions/cache@9b0c1fce7a93df8e3bb8926b0d6e9d89e92f20a7
env:
nix-hash: |
${{ hashFiles('default.nix', 'shell.nix', 'nix/sources.*') }}
dependencies-hash: |
${{ hashFiles('Gemfile', 'Gemfile.lock') }}
with:
path: |
vendor/bundle
key: |
${{ runner.OS }}-gem-cache-${{ env.nix-hash }}-${{ env.dependencies-hash }}
restore-keys: |
${{ runner.OS }}-gem-cache-${{ env.nix-hash }}-
# Pin to the v18 SHA
- uses: "cachix/install-nix-action@daddc62a2e67d1decb56e028c9fa68344b9b7c2a"
with:
install_url: "https://releases.nixos.org/nix/nix-2.7.0/install"
nix_path: nixpkgs=channel:nixos-22.05
- name: Run CI through nix-shell
run: nix develop -c ./run_ci.sh
- name: Post to Slack if build fails
if: failure() && (github.ref == 'refs/heads/master' || github.ref == 'refs/heads/main' || github.ref == 'refs/heads/stable')
# Pin to the v1.23.0 SHA
uses: slackapi/slack-github-action@007b2c3c751a190b6f0f040e47ed024deaa72844
env:
SLACK_BOT_TOKEN: "${{ secrets.BELLROY_SLACK_TOKEN }}"
with:
channel-id: "${{ env.SLACK_CHANNEL_ID }}"
payload: |
{
"text": "* ${{ github.repository }} BUILD FAILURE*",
"attachments": [
{
"fallback": "Failure summary",
"color": "ff0000",
"fields": [
{
"title": "Branch",
"value": "${{ steps.extract_branch.outputs.branch}}"
},
{
"title": "Who broke it",
"value": "${{ github.actor }}"
},
{
"title": "Build output",
"value": "https://github.com/${{ github.repository }}/commit/${{ github.sha }}/checks",
"short": false
}
]
}
]
}
services:
postgres:
image: postgres:12.12
env:
POSTGRES_USER: runner
POSTGRES_DB: postgres
POSTGRES_PASSWORD: postgres
ports:
- 5432:5432
options:
"--health-cmd pg_isready --health-interval 10s --health-timeout 5s
--health-retries 5"
env:
PGHOST: localhost
PGPORT: 5432
PGPASSWORD: postgres
RAILS_ENV: test
deploy:
if: github.ref == 'refs/heads/master' || github.ref == 'refs/heads/stable'
needs:
- build
defaults:
run:
shell: bash -leo pipefail {0}
runs-on: self-hosted
steps:
- name: Checkout branch
# Pin to v3.1.0 SHA
uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8
with:
submodules: true
token: ${{ secrets.ACTIONS_TOKEN }}
fetch-depth: 10
- name: Extract branch name and stage
shell: bash
id: extract_branch
run: |
STAGE=staging
if [[ "${GITHUB_REF#refs/heads/}" == "stable" ]]; then
STAGE=production
fi
echo "STAGE=$STAGE" >> $GITHUB_ENV
echo "BRANCH=${GITHUB_REF#refs/heads/}" >> $GITHUB_ENV
- name: Set secrets to environment variables
shell: bash
id: set_secrets_to_environment_variables
run: |
echo "SLACK_WEBHOOK_URL=${{ secrets.SLACK_WEBHOOK_URL }}" >> $GITHUB_ENV
if [[ "${GITHUB_REF#refs/heads/}" == "stable" ]]; then
echo "PRODUCTION_SERVER_HOSTNAME=${{ secrets.PRODUCTION_SERVER_HOSTNAME }}" >> $GITHUB_ENV
echo "PRODUCTION_SERVER_USERNAME=${{ secrets.PRODUCTION_SERVER_USERNAME }}" >> $GITHUB_ENV
echo "RAILS_PRODUCTION_KEY=${{ secrets.RAILS_PRODUCTION_KEY }}" >> $GITHUB_ENV
else
echo "STAGING_SERVER_HOSTNAME=${{ secrets.STAGING_SERVER_HOSTNAME }}" >> $GITHUB_ENV
echo "STAGING_SERVER_USERNAME=${{ secrets.STAGING_SERVER_USERNAME }}" >> $GITHUB_ENV
echo "RAILS_STAGING_KEY=${{ secrets.RAILS_STAGING_KEY }}" >> $GITHUB_ENV
fi
- name: Deploy with capistrano
id: cap_deploy
run: |
echo "Start ssh agent if required"
if [ -z "$SSH_AUTH_SOCK" ] ; then
eval "$(ssh-agent -s)"
ssh-add
fi
echo "SSH_AGENT_PID=$SSH_AGENT_PID" >> $GITHUB_OUTPUT
LAST_DEPLOY_TAG=$(git tag -l [0-9]*_$STAGE | tail -n 1)
AUTHORS=$(git log --oneline --format="%an" $LAST_DEPLOY_TAG..origin/$BRANCH | sort -u | tr '\n' ',' | sed 's/trike-deploy,//;s/,$//g')
if [ -z "$AUTHORS" ]; then
AUTHORS=$(git log --oneline --format="%an" | sed -n '1p')
fi
git config user.name "$AUTHORS"
echo "AUTHORS=$AUTHORS" >> $GITHUB_ENV
nix develop -c ./run_deploy.sh
- name: Kill ssh-agent
if: always()
run: |
SSH_AGENT_PID=${{ steps.cap_deploy.outputs.SSH_AGENT_PID }}
kill $SSH_AGENT_PID
- name: Open PR to stable
if: github.ref == 'refs/heads/master'
run: |
curl -X POST -H "Accept: application/vnd.github.v3+json" -H "Authorization: token ${{ secrets.ACTIONS_TOKEN }}" https://api.github.com/repos/${{ github.repository }}/pulls -d '{"head":"master","base":"stable","title":"Merge branch master into stable","body":"This PR is automatically generated by CI."}'
PR_URL=$(curl -sX GET -H "Accept: application/vnd.github.v3+json" -H "Authorization: token ${{ secrets.ACTIONS_TOKEN }}" https://api.github.com/repos/${{ github.repository }}/pulls\?head\=bellroy:master\&base\=stable | jq -r '.[0].html_url | select(length>0)')
echo "PR_URL=$PR_URL" >> $GITHUB_ENV
- name: Post to Slack if deploy succeeds
if: github.ref == 'refs/heads/master'
# Pin to the v1.23.0 SHA
uses: slackapi/slack-github-action@007b2c3c751a190b6f0f040e47ed024deaa72844
env:
SLACK_BOT_TOKEN: "${{ secrets.BELLROY_SLACK_TOKEN }}"
with:
channel-id: "${{ env.SLACK_CHANNEL_ID }}"
payload: |
{
"text": ":loudspeaker: *${{ env.AUTHORS }}* succesfully deployed to `staging`. Open PR: ${{ env.PR_URL }}"
}