From 1b52207c35a8ca24299ab3ee1b8fefefdf210ff7 Mon Sep 17 00:00:00 2001 From: Kevin Koech Date: Mon, 15 Jul 2024 12:28:10 +0300 Subject: [PATCH 1/6] Test deploy to prod --- .github/workflows/roboshield-deploy-prod.yml | 98 ++++++++++++++++++++ apps/roboshield/package.json | 2 +- 2 files changed, 99 insertions(+), 1 deletion(-) create mode 100644 .github/workflows/roboshield-deploy-prod.yml diff --git a/.github/workflows/roboshield-deploy-prod.yml b/.github/workflows/roboshield-deploy-prod.yml new file mode 100644 index 000000000..ecd600f32 --- /dev/null +++ b/.github/workflows/roboshield-deploy-prod.yml @@ -0,0 +1,98 @@ +name: RoboShield | Deploy | PROD + +on: + push: + branches: [roboshield/push-to-prod] + paths: + - "apps/roboshield/**" + - "Dockerfile" + - ".github/workflows/roboshield-deploy-prod.yml" + +concurrency: + group: "${{ github.workflow }} @ ${{ github.ref }}" + cancel-in-progress: true + +env: + APP_NAME: roboshield-ui + DOKKU_REMOTE_BRANCH: "master" + DOKKU_REMOTE_URL: "ssh://azureuser@ui-1.prod.codeforafrica.org" + GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} + IMAGE_NAME: "codeforafrica/roboshield" + NEXT_PUBLIC_APP_URL: "https://roboshield-ui.prod.codeforafrica.org" + SENTRY_ENVIRONMENT: "development" + +jobs: + deploy: + runs-on: ${{ matrix.os }} + strategy: + matrix: + node-version: [20] + os: [ubuntu-latest] + steps: + - name: Cloning repo + uses: actions/checkout@v3 + with: + fetch-depth: 0 + - name: Setup Node.js + uses: actions/setup-node@v4 + with: + node-version: ${{ matrix.node-version }} + + - name: Check if version is bumped + id: version-check + uses: EndBug/version-check@v2 + with: + diff-search: true + file-name: "${{ env.VERSION_FILE_NAME }}" + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v2 + + - name: Cache Docker layers + uses: actions/cache@v3 + with: + key: ${{ runner.os }}-buildx-${{ github.sha }} + path: /tmp/.buildx-cache + restore-keys: | + ${{ runner.os }}-buildx- + + - name: Login to DockerHub + uses: docker/login-action@v2 + with: + password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }} + username: ${{ secrets.DOCKER_HUB_USERNAME }} + + - name: Build Docker image + uses: docker/build-push-action@v3 + with: + build-args: | + MONGO_URL=${{ secrets.ROBOSHIELD_MONGO_URL }} + NEXT_PUBLIC_APP_URL=${{ env.NEXT_PUBLIC_APP_URL }} + NEXT_PUBLIC_SENTRY_DSN=${{ secrets.ROBOSHIELD_SENTRY_DSN }} + PAYLOAD_SECRET=${{ secrets.ROBOSHIELD_PAYLOAD_SECRET }} + SENTRY_AUTH_TOKEN=${{ secrets.SENTRY_AUTH_TOKEN }} + SENTRY_ENVIRONMENT=${{ env.SENTRY_ENVIRONMENT }} + SENTRY_ORG=${{ secrets.SENTRY_ORG }} + SENTRY_PROJECT=${{ secrets.ROBOSHIELD_SENTRY_PROJECT }} + cache-from: type=local,src=/tmp/.buildx-cache + cache-to: type=local,dest=/tmp/.buildx-cache-new + context: . + target: roboshield-runner + file: Dockerfile + push: true + tags: "${{ env.IMAGE_NAME }}:${{ steps.version-check.outputs.version }}" + + # Temp fix + # https://github.com/docker/build-push-action/issues/252 + # https://github.com/moby/buildkit/issues/1896 + - name: Move cache + run: | + rm -rf /tmp/.buildx-cache + mv /tmp/.buildx-cache-new /tmp/.buildx-cache + + - name: Push to Dokku + uses: dokku/github-action@v1.4.0 + with: + git_remote_url: ${{ env.DOKKU_REMOTE_URL }}/${{ env.APP_NAME }} + ssh_private_key: ${{ secrets.SSH_PRIVATE_KEY }} + deploy_docker_image: ${{ env.IMAGE_NAME }}:${{ github.sha }} diff --git a/apps/roboshield/package.json b/apps/roboshield/package.json index f8a5ff3d2..c5590cedd 100644 --- a/apps/roboshield/package.json +++ b/apps/roboshield/package.json @@ -1,6 +1,6 @@ { "name": "roboshield", - "version": "0.1.0", + "version": "0.1.1", "private": true, "scripts": { "build-server": "tsc --project tsconfig.server.json", From e3913f15b29310404c8d37ce13b7b69f3de93b37 Mon Sep 17 00:00:00 2001 From: Kevin Koech Date: Mon, 15 Jul 2024 12:35:17 +0300 Subject: [PATCH 2/6] Bump version --- .github/workflows/roboshield-deploy-prod.yml | 1 + apps/roboshield/package.json | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/roboshield-deploy-prod.yml b/.github/workflows/roboshield-deploy-prod.yml index ecd600f32..4f61b222c 100644 --- a/.github/workflows/roboshield-deploy-prod.yml +++ b/.github/workflows/roboshield-deploy-prod.yml @@ -20,6 +20,7 @@ env: IMAGE_NAME: "codeforafrica/roboshield" NEXT_PUBLIC_APP_URL: "https://roboshield-ui.prod.codeforafrica.org" SENTRY_ENVIRONMENT: "development" + VERSION_FILE_NAME: "./apps/roboshield/package.json" jobs: deploy: diff --git a/apps/roboshield/package.json b/apps/roboshield/package.json index c5590cedd..adb4c7b09 100644 --- a/apps/roboshield/package.json +++ b/apps/roboshield/package.json @@ -1,6 +1,6 @@ { "name": "roboshield", - "version": "0.1.1", + "version": "0.1.2", "private": true, "scripts": { "build-server": "tsc --project tsconfig.server.json", From 70a55664a4c4a5554fa932a429309fad41645394 Mon Sep 17 00:00:00 2001 From: Kevin Koech Date: Mon, 15 Jul 2024 12:55:49 +0300 Subject: [PATCH 3/6] Build Test --- .github/workflows/roboshield-deploy-prod.yml | 4 ++-- apps/roboshield/package.json | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/roboshield-deploy-prod.yml b/.github/workflows/roboshield-deploy-prod.yml index 4f61b222c..32f85667f 100644 --- a/.github/workflows/roboshield-deploy-prod.yml +++ b/.github/workflows/roboshield-deploy-prod.yml @@ -18,7 +18,7 @@ env: DOKKU_REMOTE_URL: "ssh://azureuser@ui-1.prod.codeforafrica.org" GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} IMAGE_NAME: "codeforafrica/roboshield" - NEXT_PUBLIC_APP_URL: "https://roboshield-ui.prod.codeforafrica.org" + NEXT_PUBLIC_APP_URL: "https://roboshield-ui.ui-1.prod.codeforafrica.org" SENTRY_ENVIRONMENT: "development" VERSION_FILE_NAME: "./apps/roboshield/package.json" @@ -96,4 +96,4 @@ jobs: with: git_remote_url: ${{ env.DOKKU_REMOTE_URL }}/${{ env.APP_NAME }} ssh_private_key: ${{ secrets.SSH_PRIVATE_KEY }} - deploy_docker_image: ${{ env.IMAGE_NAME }}:${{ github.sha }} + deploy_docker_image: ${{ env.IMAGE_NAME }}:${{ steps.version-check.outputs.version }} diff --git a/apps/roboshield/package.json b/apps/roboshield/package.json index adb4c7b09..913416adc 100644 --- a/apps/roboshield/package.json +++ b/apps/roboshield/package.json @@ -1,6 +1,6 @@ { "name": "roboshield", - "version": "0.1.2", + "version": "0.1.3", "private": true, "scripts": { "build-server": "tsc --project tsconfig.server.json", From 3aaaf9790df974203380386411451e104ff45c6d Mon Sep 17 00:00:00 2001 From: Kevin Koech Date: Mon, 15 Jul 2024 13:56:29 +0300 Subject: [PATCH 4/6] Build Roboshield --- .github/workflows/roboshield-deploy-prod.yml | 2 +- apps/roboshield/package.json | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/roboshield-deploy-prod.yml b/.github/workflows/roboshield-deploy-prod.yml index 32f85667f..02872f90f 100644 --- a/.github/workflows/roboshield-deploy-prod.yml +++ b/.github/workflows/roboshield-deploy-prod.yml @@ -18,7 +18,7 @@ env: DOKKU_REMOTE_URL: "ssh://azureuser@ui-1.prod.codeforafrica.org" GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} IMAGE_NAME: "codeforafrica/roboshield" - NEXT_PUBLIC_APP_URL: "https://roboshield-ui.ui-1.prod.codeforafrica.org" + NEXT_PUBLIC_APP_URL: "https://roboshield-ui.prod.codeforafrica.org" SENTRY_ENVIRONMENT: "development" VERSION_FILE_NAME: "./apps/roboshield/package.json" diff --git a/apps/roboshield/package.json b/apps/roboshield/package.json index 913416adc..79818370d 100644 --- a/apps/roboshield/package.json +++ b/apps/roboshield/package.json @@ -1,6 +1,6 @@ { "name": "roboshield", - "version": "0.1.3", + "version": "0.1.4", "private": true, "scripts": { "build-server": "tsc --project tsconfig.server.json", From ebb358f7178446cbeccac1515183a968417751a9 Mon Sep 17 00:00:00 2001 From: Kevin Koech Date: Mon, 15 Jul 2024 14:35:02 +0300 Subject: [PATCH 5/6] Deploy Roboshield to prod on main --- .github/workflows/roboshield-deploy-prod.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/roboshield-deploy-prod.yml b/.github/workflows/roboshield-deploy-prod.yml index 02872f90f..90b0b0f41 100644 --- a/.github/workflows/roboshield-deploy-prod.yml +++ b/.github/workflows/roboshield-deploy-prod.yml @@ -2,7 +2,7 @@ name: RoboShield | Deploy | PROD on: push: - branches: [roboshield/push-to-prod] + branches: [main] paths: - "apps/roboshield/**" - "Dockerfile" From 2e8da6a17f43457c76ea6d7cdee8eac0ffaea583 Mon Sep 17 00:00:00 2001 From: KEVIN KOECH Date: Tue, 16 Jul 2024 09:39:27 +0300 Subject: [PATCH 6/6] Update .github/workflows/roboshield-deploy-prod.yml Co-authored-by: Clemence Kyara --- .github/workflows/roboshield-deploy-prod.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/roboshield-deploy-prod.yml b/.github/workflows/roboshield-deploy-prod.yml index 90b0b0f41..13b8d9e90 100644 --- a/.github/workflows/roboshield-deploy-prod.yml +++ b/.github/workflows/roboshield-deploy-prod.yml @@ -19,7 +19,7 @@ env: GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} IMAGE_NAME: "codeforafrica/roboshield" NEXT_PUBLIC_APP_URL: "https://roboshield-ui.prod.codeforafrica.org" - SENTRY_ENVIRONMENT: "development" + SENTRY_ENVIRONMENT: "production" VERSION_FILE_NAME: "./apps/roboshield/package.json" jobs: