From 854b0b7a56f93bce58c5ad22a4db710879d988fb Mon Sep 17 00:00:00 2001 From: Chris Alfano Date: Tue, 14 Mar 2023 14:58:56 -0400 Subject: [PATCH 1/6] chore(deps): bump skeleton-v2 to v2.12.3 --- .holo/sources/skeleton-v2.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.holo/sources/skeleton-v2.toml b/.holo/sources/skeleton-v2.toml index e7d13b2a..4f505fe3 100644 --- a/.holo/sources/skeleton-v2.toml +++ b/.holo/sources/skeleton-v2.toml @@ -1,3 +1,3 @@ [holosource] url = "https://github.com/JarvusInnovations/emergence-skeleton-v2" -ref = "refs/tags/v2.12.2" +ref = "refs/tags/v2.12.3" From f1e1113b2f771b0c96b02b1d153376ae56a92585 Mon Sep 17 00:00:00 2001 From: Chris Alfano Date: Tue, 14 Mar 2023 18:31:49 -0400 Subject: [PATCH 2/6] chore(dev): update studio script --- script/studio | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/script/studio b/script/studio index a9656976..842f58c6 100755 --- a/script/studio +++ b/script/studio @@ -9,8 +9,13 @@ cd "$(dirname "$0")/.." script/-studio-bootstrap -unset DEBUG -[ -n "${1}" ] && cd "${1}" +# switch to alternative target directory if desired +if [ -n "${1}" ]; then + echo + echo "==> studio: changing into directory ${1}" + echo " Be sure to manually source .studiorc under the desired primary workspace" + cd "${1}" +fi echo From a5f59a629dae67b91aad94925bd13dc8d594279d Mon Sep 17 00:00:00 2001 From: Chris Alfano Date: Sat, 29 Apr 2023 14:47:05 -0400 Subject: [PATCH 3/6] refactor(ci): use upstream release workflows --- .github/workflows/release-deploy.yml | 43 ---------- .github/workflows/release-prepare.yml | 107 ++----------------------- .github/workflows/release-publish.yml | 16 ++++ .github/workflows/release-validate.yml | 28 ++----- 4 files changed, 28 insertions(+), 166 deletions(-) delete mode 100644 .github/workflows/release-deploy.yml create mode 100644 .github/workflows/release-publish.yml diff --git a/.github/workflows/release-deploy.yml b/.github/workflows/release-deploy.yml deleted file mode 100644 index 146536f9..00000000 --- a/.github/workflows/release-deploy.yml +++ /dev/null @@ -1,43 +0,0 @@ -name: 'Release: Deploy PR' - -on: - pull_request: - branches: ['releases/v*'] - types: [closed] - -jobs: - release-deploy: - - if: github.event.pull_request.merged == true # only run on PR merge - runs-on: ubuntu-latest - steps: - - - name: Configure release - run: | - PR_TITLE=$(jq -r ".pull_request.title" $GITHUB_EVENT_PATH) - PR_BODY=$(jq -r ".pull_request.body" $GITHUB_EVENT_PATH) - RELEASE_TAG=$(echo "${PR_TITLE}" | grep -oP "(?<=^Release: )v\d+\.\d+\.\d+(-rc\.\d+)?$") - - if [[ "${RELEASE_TAG}" =~ -rc\.[0-9]+$ ]]; then - RELEASE_PRERELEASE=true - else - RELEASE_PRERELEASE=false - fi - - echo "PR_TITLE=${PR_TITLE}" >> $GITHUB_ENV - echo "RELEASE_TAG=${RELEASE_TAG}" >> $GITHUB_ENV - echo "RELEASE_PRERELEASE=${RELEASE_PRERELEASE}" >> $GITHUB_ENV - - echo 'PR_BODY<> $GITHUB_ENV - echo "${PR_BODY}" >> $GITHUB_ENV - echo 'END_OF_PR_BODY' >> $GITHUB_ENV - - - name: Create release - uses: ncipollo/release-action@v1 - with: - token: ${{ secrets.BOT_GITHUB_TOKEN }} - commit: '${{ github.sha }}' - tag: '${{ env.RELEASE_TAG }}' - body: '${{ env.PR_BODY }}' - draft: false - prerelease: ${{ env.RELEASE_PRERELEASE }} diff --git a/.github/workflows/release-prepare.yml b/.github/workflows/release-prepare.yml index 307ab90a..aaf601c2 100644 --- a/.github/workflows/release-prepare.yml +++ b/.github/workflows/release-prepare.yml @@ -2,11 +2,11 @@ name: 'Release: Prepare PR' on: push: - branches: [develop] + branches: [ develop ] -env: - GITHUB_TOKEN: ${{ secrets.BOT_GITHUB_TOKEN }} - RELEASE_BRANCH: releases/v2 +permissions: + contents: read + pull-requests: write jobs: release-prepare: @@ -14,100 +14,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 + - uses: JarvusInnovations/infra-components@channels/github-actions/release-prepare/latest with: - fetch-depth: 0 - - # - uses: mxschmitt/action-tmate@v3 - - - name: Create/update pull request - run: | - # get latest release tag - latest_release=$(git describe --tags --abbrev=0 origin/${{ env.RELEASE_BRANCH }}) - latest_release_bumped=$(echo $latest_release | awk -F. -v OFS=. '{$NF++;print}') - - - # create or update PR - pr_body="$(cat < /tmp/pr.json - pr_number=$(hub pr list -h develop -f '%I') - echo "Opened PR #${pr_number}" - fi - - - # build changelog - commits=$( - git log \ - --first-parent \ - --reverse \ - --format="%H" \ - "origin/${RELEASE_BRANCH}..develop" - ) - - changelog=() - - while read -r commit; do - subject="$(git show -s --format=%s "${commit}")" - line="" - - if [[ "${subject}" =~ Merge\ pull\ request\ \#([0-9]+) ]]; then - line="$(hub pr show -f '%t [%i] @%au' "${BASH_REMATCH[1]}" || true)" - fi - - if [ -z "${line}" ]; then - author="$(hub api "/repos/${GITHUB_REPOSITORY}/commits/${commit}" -H Accept:application/vnd.github.v3+json | jq -r '.author.login')" - if [ -n "${author}" ]; then - author="@${author}" - else - author="$(git show -s --format=%ae "${commit}")" - fi - - line="${subject} ${author}" - fi - - # move ticket number prefix into to existing square brackets at end - line="$(echo "${line}" | perl -pe 's/^([A-Z]+-[0-9]+):?\s*(.*?)\s*\[([^]]+)\]\s*(\S+)$/\2 [\3, \1] \4/')" - - # move ticket number prefix into to new square brackets at end - line="$(echo "${line}" | perl -pe 's/^([A-Z]+-[0-9]+):?\s*(.*?)\s*(\S+)$/\2 [\1] \3/')" - - # combine doubled square brackets at the end - line="$(echo "${line}" | perl -pe 's/^\s*(.*?)\s*\[([A-Z]+-[0-9]+)\]\s*\[([^]]+)\]\s*(\S+)$/\1 [\3, \2] \4/')" - - changelog+=("- ${line}") - done <<< "${commits}" - - - # create or update comment - comment_body="$(cat <> $GITHUB_ENV - else - echo 'PR title must match format "Release: vX.Y.Z(-rc.#)?"' - exit 1 - fi - - # check that tag doesn't exist - if git ls-remote --exit-code "https://${GITHUB_ACTOR}:${GITHUB_TOKEN}@github.com/${GITHUB_REPOSITORY}" "refs/tags/${RELEASE_TAG}"; then - echo "The PR title's version exists already" - exit 1 - fi + - uses: JarvusInnovations/infra-components@channels/github-actions/release-validate/latest + with: + github-token: ${{ secrets.GITHUB_TOKEN }} From 019f922b34477895939acdd62ad1def299fe5970 Mon Sep 17 00:00:00 2001 From: Chris Alfano Date: Sat, 29 Apr 2023 14:51:29 -0400 Subject: [PATCH 4/6] chore(deps): bump skeleton-v2 to v2.12.5 --- .holo/sources/skeleton-v2.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.holo/sources/skeleton-v2.toml b/.holo/sources/skeleton-v2.toml index 4f505fe3..0da2a022 100644 --- a/.holo/sources/skeleton-v2.toml +++ b/.holo/sources/skeleton-v2.toml @@ -1,3 +1,3 @@ [holosource] url = "https://github.com/JarvusInnovations/emergence-skeleton-v2" -ref = "refs/tags/v2.12.3" +ref = "refs/tags/v2.12.5" From eb67c31ab722d62af35bd0593cf7717e0a1a1eb5 Mon Sep 17 00:00:00 2001 From: Chris Alfano Date: Sat, 29 Apr 2023 15:01:10 -0400 Subject: [PATCH 5/6] refactor(dev): use studio base image container --- .studiorc | 3 +-- script/studio | 1 + 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.studiorc b/.studiorc index 5c2c298f..e7b0f63a 100644 --- a/.studiorc +++ b/.studiorc @@ -1,7 +1,7 @@ #!/bin/bash # install dependent studios -hab pkg install emergence/studio chakijs/studio jarvus/mkdocs-studio +hab pkg install chakijs/studio jarvus/mkdocs-studio # disable studios printing their own help @@ -9,7 +9,6 @@ export STUDIO_NOHELP="yes" # load emergence studio -source "$(hab pkg path emergence/studio)/studio.sh" source "$(hab pkg path chakijs/studio)/studio.sh" # load mkdocs studio diff --git a/script/studio b/script/studio index 842f58c6..c5b246d0 100755 --- a/script/studio +++ b/script/studio @@ -63,6 +63,7 @@ if [ "$(docker ps -aq -f name="${STUDIO_NAME}")" ]; then fi if [ $launch_studio = true ]; then + export HAB_DOCKER_STUDIO_IMAGE="ghcr.io/emergenceplatform/studio:latest" echo echo "==> studio: launching Docker-powered Chef Habitat studio…" set +e From a129c77c98c802ca0a19d9ac80eb6c7820de007f Mon Sep 17 00:00:00 2001 From: Chris Alfano Date: Sat, 29 Apr 2023 15:08:28 -0400 Subject: [PATCH 6/6] refactor(ci): use upstream container and preview workflows --- .github/workflows/container-publish.yml | 19 ++ .github/workflows/k8s-deploy.yml | 235 ------------------------ .github/workflows/k8s-destroy.yml | 38 ---- .github/workflows/preview-deploy.yml | 30 +++ .github/workflows/preview-destroy.yml | 25 +++ 5 files changed, 74 insertions(+), 273 deletions(-) create mode 100644 .github/workflows/container-publish.yml delete mode 100644 .github/workflows/k8s-deploy.yml delete mode 100644 .github/workflows/k8s-destroy.yml create mode 100644 .github/workflows/preview-deploy.yml create mode 100644 .github/workflows/preview-destroy.yml diff --git a/.github/workflows/container-publish.yml b/.github/workflows/container-publish.yml new file mode 100644 index 00000000..9182e34d --- /dev/null +++ b/.github/workflows/container-publish.yml @@ -0,0 +1,19 @@ +name: 'Container: Publish Image' + +on: + push: + tags: [ 'v*' ] + +permissions: + contents: write + packages: write + +jobs: + container-publish: + + runs-on: ubuntu-latest + steps: + + - uses: EmergencePlatform/php-runtime@github-actions/build-site-container/v1 + with: + github-token: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/k8s-deploy.yml b/.github/workflows/k8s-deploy.yml deleted file mode 100644 index 7b44c643..00000000 --- a/.github/workflows/k8s-deploy.yml +++ /dev/null @@ -1,235 +0,0 @@ -name: Deploy K8s Preview - -on: - pull_request: - branches: [ develop ] - types: [ opened, reopened, synchronize ] - push: - branches: [ develop ] - -env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - - DOCKER_REGISTRY: ghcr.io - DOCKER_PACKAGE: site-composite - - KUBE_CONFIG_DATA: ${{ secrets.KUBECONFIG_BASE64 }} - KUBE_NAMESPACE: slate - KUBE_HOSTNAME: slate.sandbox.k8s.jarv.us - - DATABASE_NAME: slate - - HAB_LICENSE: accept-no-persist - HAB_ORIGIN: slate - -jobs: - - k8s-deploy: - runs-on: ubuntu-latest - steps: - - - name: Cancel superseded runs - uses: styfle/cancel-workflow-action@0.7.0 - with: - access_token: ${{ secrets.GITHUB_TOKEN }} - - - name: Configure environment - run: | - if [ "${GITHUB_EVENT_NAME}" == "pull_request" ]; then - RELEASE_NAME="pr-$(jq --raw-output .pull_request.number "${GITHUB_EVENT_PATH}")" - RELEASE_TRANSIENT='true' - else - RELEASE_NAME="latest" - RELEASE_TRANSIENT='false' - fi - - echo "Using RELEASE_NAME=${RELEASE_NAME}" - echo "RELEASE_NAME=${RELEASE_NAME}" >> $GITHUB_ENV - - echo "Using RELEASE_TRANSIENT=${RELEASE_TRANSIENT}" - echo "RELEASE_TRANSIENT=${RELEASE_TRANSIENT}" >> $GITHUB_ENV - - DOCKER_REPOSITORY="${GITHUB_REPOSITORY,,}" - - echo "Using DOCKER_REPOSITORY=${DOCKER_REPOSITORY}" - echo "DOCKER_REPOSITORY=${DOCKER_REPOSITORY}" >> $GITHUB_ENV - - - name: Create Github Deployment - uses: bobheadxi/deployments@v0.4.3 - id: deployment - with: - step: start - token: ${{ secrets.GITHUB_TOKEN }} - env: '${{ env.RELEASE_NAME }}' - ref: '${{ github.head_ref }}' - transient: ${{ env.RELEASE_TRANSIENT }} - logs: 'https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}' - no_override: false - - - uses: actions/checkout@v2 - - - name: 'Initialize Chef Habitat environment' - uses: JarvusInnovations/habitat-action@action/v1 - with: - deps: | - jarvus/hologit - - - id: site-projection - name: 'Project holobranch: emergence-site' - uses: JarvusInnovations/hologit@actions/projector/v1 - with: - # use HEAD checked out above by checkout action - ref: HEAD - fetch: false - holobranch: emergence-site - - - id: fixtures-projection - name: 'Project holobranch: fixtures' - uses: JarvusInnovations/hologit@actions/projector/v1 - with: - # use HEAD checked out above by checkout action - ref: HEAD - fetch: false - holobranch: fixtures - - - id: helm-projection - name: 'Project holobranch: helm-chart' - uses: JarvusInnovations/hologit@actions/projector/v1 - with: - # use HEAD checked out above by checkout action - ref: HEAD - fetch: false - holobranch: helm-chart - - - name: Build & push Docker image - uses: whoan/docker-build-with-cache-action@v5 - with: - dockerfile: Dockerfile - username: ${{ github.actor }} - password: ${{ env.GITHUB_TOKEN }} - registry: ${{ env.DOCKER_REGISTRY }} - image_name: ${{ env.DOCKER_REPOSITORY }}/${{ env.DOCKER_PACKAGE }} - image_tag: ${{ env.RELEASE_NAME }} - build_extra_args: | - --build-arg=SITE_TREE=${{ steps.site-projection.outputs.tree }} - --build-arg=SITE_VERSION=0.0.0-${{ env.RELEASE_NAME }} - --build-arg=SOURCE_COMMIT=${{ github.sha }} - --build-arg=SOURCE_TAG=${{ env.RELEASE_NAME }} - --build-arg=HAB_LICENSE=${{ env.HAB_LICENSE }} - - - name: Configure kubectl - run: | - set -e - test -e ~/.kube || mkdir ~/.kube - printf '%s' "$KUBE_CONFIG_DATA" | base64 -d > ~/.kube/config - - - name: Deploy instance via Helm template - run: | - release_hostname="${RELEASE_NAME}.${KUBE_HOSTNAME}" - - echo "Ensuring current context is namespace ${KUBE_NAMESPACE}" - kubectl config set-context --current --namespace="${KUBE_NAMESPACE}" - - echo "Listing pods existing before deploy" - kubectl get pods \ - -l app.kubernetes.io/instance="${RELEASE_NAME}" \ - --template '{{range .items}}{{.metadata.name}}{{"\n"}}{{end}}' \ - | sort \ - | tee ./.pods-before - - echo "Extracting projected helm-chart to temporary directory" - temp_dir=$(mktemp -d) - git archive --format=tar "${{ steps.helm-projection.outputs.tree }}" | ( cd "${temp_dir}" && tar -xf - ) - - echo "Using helm upgrade to apply helm-chart to release ${RELEASE_NAME}" - helm upgrade "${RELEASE_NAME}" "${temp_dir}" \ - --install \ - --namespace "${KUBE_NAMESPACE}" \ - --set site.name="${RELEASE_NAME}" \ - --set site.title="slate/${RELEASE_NAME}" \ - --set site.image.repository="${DOCKER_REGISTRY}/${DOCKER_REPOSITORY}/${DOCKER_PACKAGE}" \ - --set site.image.tag="${RELEASE_NAME}" \ - --set ingress.enabled=true \ - --set site.canonicalHostname="${release_hostname}" \ - --set site.displayErrors=true \ - --set site.corsOrigins="*" \ - --set hab.license=accept-no-persist - - echo "Listing pods existing after deploy" - kubectl get pods \ - -l app.kubernetes.io/instance="${RELEASE_NAME}" \ - --template '{{range .items}}{{.metadata.name}}{{"\n"}}{{end}}' \ - | sort \ - | tee ./.pods-after - - echo "Deleting stale pods to force image refresh" - comm -12 ./.pods-before ./.pods-after \ - | xargs --no-run-if-empty kubectl delete pod - - - name: Wait for Deployment to be ready - timeout-minutes: 10 - run: | - until kubectl rollout status deployment "${RELEASE_NAME}" 2>/dev/null >/dev/null; do - echo -n "." - sleep .5 - done - - - name: Find new Pod - run: | - POD_NAME=$( - kubectl get pod \ - -l app.kubernetes.io/instance="${RELEASE_NAME}" \ - -o jsonpath='{.items[0].metadata.name}' - ) - - echo "Using POD_NAME=${POD_NAME}" - echo "POD_NAME=${POD_NAME}" >> $GITHUB_ENV - - - name: Wait For Pod to be ready - timeout-minutes: 5 - run: kubectl wait --for condition=ready "pod/${POD_NAME}" --timeout=30s - - - name: Wait for MySQL to be Ready - timeout-minutes: 5 - run: | - until kubectl exec "${POD_NAME}" -- hab pkg exec "${HAB_ORIGIN}/${DOCKER_PACKAGE}" mysqladmin ping; do - sleep .5 - done - - - name: Load fixtures into database - run: | - echo "Dropping any existing database..." - kubectl exec "${POD_NAME}" -- \ - hab pkg exec "${HAB_ORIGIN}/${DOCKER_PACKAGE}" \ - mysqladmin drop "${DATABASE_NAME}" --force \ - || true - - echo "Creating an empty database..." - kubectl exec "${POD_NAME}" -- \ - hab pkg exec "${HAB_ORIGIN}/${DOCKER_PACKAGE}" \ - mysqladmin create "${DATABASE_NAME}" - - echo "Loading fixtures..." - ( - for fixture_file in $(git ls-tree -r --name-only ${{ steps.fixtures-projection.outputs.tree }}); do - git cat-file -p "${{ steps.fixtures-projection.outputs.tree }}:${fixture_file}" - done - ) | kubectl exec -i "${POD_NAME}" -- \ - hab pkg exec "${HAB_ORIGIN}/${DOCKER_PACKAGE}" \ - mysql "${DATABASE_NAME}" - - echo "Running migrations..." - kubectl exec "${POD_NAME}" -- \ - hab pkg exec "${HAB_ORIGIN}/${DOCKER_PACKAGE}" \ - emergence-console-run migrations:execute --all - - - name: Update Github Deployment - uses: bobheadxi/deployments@v0.4.3 - if: ${{ always() }} - with: - step: finish - token: ${{ secrets.GITHUB_TOKEN }} - status: ${{ job.status }} - deployment_id: ${{ steps.deployment.outputs.deployment_id }} - env_url: 'https://${{ env.RELEASE_NAME}}.${{ env.KUBE_HOSTNAME }}/' - logs: 'https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}' diff --git a/.github/workflows/k8s-destroy.yml b/.github/workflows/k8s-destroy.yml deleted file mode 100644 index a4f5d747..00000000 --- a/.github/workflows/k8s-destroy.yml +++ /dev/null @@ -1,38 +0,0 @@ -name: Destroy K8s Preview - -on: - pull_request: - branches: [ develop ] - types: [ closed ] - -env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - - KUBE_CONFIG_DATA: ${{ secrets.KUBECONFIG_BASE64 }} - KUBE_NAMESPACE: slate - - RELEASE_NAME: pr-${{ github.event.number }} - -jobs: - - k8s-destroy: - runs-on: ubuntu-latest - steps: - - - name: Configure kubectl - run: | - test -e ~/.kube || mkdir ~/.kube - printf '%s' "$KUBE_CONFIG_DATA" | base64 -d > ~/.kube/config - - - name: Delete PR Deployment - run: | - kubectl config set-context --current --namespace="${KUBE_NAMESPACE}" - helm uninstall "${RELEASE_NAME}" - kubectl delete secret "${RELEASE_NAME}-tls" - - - name: Deactivate Github Deployment - uses: bobheadxi/deployments@v0.4.3 - with: - step: deactivate-env - token: ${{ secrets.GITHUB_TOKEN }} - env: '${{ env.RELEASE_NAME }}' diff --git a/.github/workflows/preview-deploy.yml b/.github/workflows/preview-deploy.yml new file mode 100644 index 00000000..b8725514 --- /dev/null +++ b/.github/workflows/preview-deploy.yml @@ -0,0 +1,30 @@ +name: 'Preview: Deploy' + +on: + pull_request: + branches: [ develop ] + types: [ opened, reopened, synchronize ] + push: + branches: [ develop ] + +concurrency: + group: preview-${{ github.head_ref }} + cancel-in-progress: true + +permissions: + contents: write + packages: write + deployments: write + +jobs: + preview-deploy: + runs-on: ubuntu-latest + steps: + + - uses: EmergencePlatform/php-runtime@github-actions/deploy-site-preview/v1 + id: deploy-site-preview + with: + github-token: ${{ secrets.GITHUB_TOKEN }} + kube-config: ${{ secrets.KUBECONFIG_BASE64 }} + kube-namespace: slate + kube-hostname: slate.sandbox.k8s.jarv.us diff --git a/.github/workflows/preview-destroy.yml b/.github/workflows/preview-destroy.yml new file mode 100644 index 00000000..f12f1ebc --- /dev/null +++ b/.github/workflows/preview-destroy.yml @@ -0,0 +1,25 @@ +name: 'Preview: Destroy' + +on: + pull_request: + branches: [ develop ] + types: [ closed ] + +concurrency: + group: preview-${{ github.head_ref }} + cancel-in-progress: true + +permissions: + deployments: write + +jobs: + preview-destroy: + runs-on: ubuntu-latest + steps: + + - uses: EmergencePlatform/php-runtime@github-actions/destroy-site-preview/v1 + id: destroy-site-preview + with: + github-token: ${{ secrets.GITHUB_TOKEN }} + kube-config: ${{ secrets.KUBECONFIG_BASE64 }} + kube-namespace: slate