diff --git a/.github/workflows/apidoc-build.yml b/.github/workflows/apidoc-build.yml new file mode 100644 index 0000000..20ee5c1 --- /dev/null +++ b/.github/workflows/apidoc-build.yml @@ -0,0 +1,78 @@ +name: Build and Upload + +on: + push: + branches: + - master + - release + - 'sc-*' + +env: + APP: "apidocs" + APP_RELEASY: "webapp-apidocs" + S3BUCKETCACHE: "aplazameshared-jenkins-cache" + BRANCH_NAME: ${{ github.head_ref || github.ref_name }} + AWS_PROFILE: "AplazameSharedServices" + AWS_REGION: "eu-west-1" + S3_BUCKET_STAGING: apidocs-staging.aplazame.org + S3_PATH_STAGING: build/staging + S3_BUCKET_PRODUCTION: aplazame.dev + S3_PATH_PRODUCTION: build/prod + +permissions: + contents: read + id-token: write + +jobs: + build-and-upload: + runs-on: ${{ vars.AWS_RG_NAME_PRO }} + env: + ENVIRONMENT: ${{ github.ref_name == 'master' && 'staging' || github.ref_name == 'release' && 'prod' || github.ref_name == 'sc-*' && 'ephemeral' }} + OUT_DIR: ${{ github.ref == 'refs/heads/master' && 'build/staging' || github.ref == 'refs/heads/release' && 'build/prod' || startsWith(github.ref, 'refs/heads/sc-') && 'build/staging' }} + S3_BUCKET: ${{ github.ref == 'refs/heads/master' && vars.S3_BUCKET_STAGING || github.ref == 'refs/heads/release' && vars.S3_BUCKET_PRODUCTION || startsWith(github.ref, 'refs/heads/sc-') && 'ephemeral-environments' }} + steps: + - name: Checkout code + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 #v6.0.1 + with: + fetch-depth: 0 + - name: Install AWS CLI + run: | + sudo apt-get install unzip curl -y + curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip" + unzip awscliv2.zip + sudo ./aws/install --update + aws --version + - name: Setup Node.js + uses: actions/setup-node@395ad3262231945c25e8478fd5baf05154b1d79f #v6.1.0 + with: + node-version: 16 + cache: 'npm' + + - name: Instalar dependencias Make + run: | + npm install --g yarn + sudo apt-get update + sudo apt-get install -y make build-essential + make install + + - name: Configure aws credentials + uses: aws-actions/configure-aws-credentials@61815dcd50bd041e203e49132bacad1fd04d2708 #v5.1.1 + with: + role-to-assume: ${{ vars.AWS_OIDC_ROLE_TF_PRO }} + role-session-name: ${{ github.run_id }} + aws-region: ${{ vars.WZ_OIDC_AWS_REGION }} + + - name: Build Make + run: make build + + - name: Deploy to S3 Bucket - ${{ github.ref_name }} + run: | + if [[ "${{ github.ref_name }}" == "master" || "${{ github.ref_name }}" == "release" ]]; then + echo "Deploying to ${{ env.ENVIRONMENT }} S3 bucket: ${{ env.S3_BUCKET }}" + aws --profile Aplazame s3 sync ${{ env.OUT_DIR }} s3://${{ env.S3_BUCKET }} --acl private --cache-control 'private, max-age:3600' --delete + aws --profile Aplazame s3 cp ${{ env.OUT_DIR }} s3://${{ env.S3_BUCKET }} --recursive --exclude '*' --include '*.html' --acl private --cache-control 'no-cache, no-store' + elif [[ "${{ github.ref_name }}" == sc-* ]]; then + echo "Deploy to ephemeral environment for branch ${{ github.ref_name }}" + aws --profile Aplazame s3 sync build/staging s3://ephemeral-environments/${{ env.APP }}/${{ env.BRANCH_NAME }} --acl public-read --cache-control "private, max-age:3600" --delete + aws --profile Aplazame s3 cp build/staging s3://ephemeral-environments/${{ env.APP }}/${{ env.BRANCH_NAME }} --recursive --exclude '*' --include '*.html' --acl public-read --cache-control 'no-cache, no-store' + fi diff --git a/Jenkinsfile b/Jenkinsfile deleted file mode 100644 index 814a6b9..0000000 --- a/Jenkinsfile +++ /dev/null @@ -1,276 +0,0 @@ - -library 'aplazame-shared-library' - -app = "apidocs" -repoName = scm.getUserRemoteConfigs()[0].getUrl().tokenize('/').last().split("\\.")[0] -githubBranch = env.CHANGE_BRANCH ? env.CHANGE_BRANCH : env.BRANCH_NAME -githubRepo = "https://github.com/aplazame/" + repoName + "/tree/" + githubBranch - -// GIT_COMMIT_HASH = sh (script: "git log -n 1 --pretty=format:'%H'", returnStdout: true) - -foldersCache = '"node_modules/"' -s3BucketCache = "aplazameshared-jenkins-cache" - -branch_like_master = 'only/master-is-master-πŸš€' -branch_like_release = 'only/release-is-release-πŸš€' - -aws_profile_by_env = [ - pre: 'AplazameStaging', - default: 'Aplazame', -] - -ephe_suffix_by_env = [ - squad: '-squad', - dev: '-dev', - default: '', -] - -ephe_bucket_name_by_env = [ - // squad: 'aplazame-ephemeral-environments', - default: 'ephemeral-environments', -] - -bucket_name_by_env = [ - // pre: 'apidocs-pre.aplazame.org', - // prod: <- ⚠️ IS VERY DANGEROUS TO PUT IT HERE ⚠️ - default: 'apidocs-staging.aplazame.org', // `staging` by default 'checkout-staging.aplazame.org' -] -PROD_bucket_name = 'aplazame.dev' // 'checkout.aplazame.com' - -envs_by_branch = [ - master: ['staging'], - release: ['prod'], - default: ['staging'], -] - -envs_by_branch[branch_like_master] = envs_by_branch.master -envs_by_branch[branch_like_release] = envs_by_branch.release - -branch_envs = getKey(envs_by_branch, githubBranch) - -sc_story = getStoryIdFromBranchName(githubBranch) - -def getKey (from = [:], key = 'default') { - return from[key] ?: from.default -} - -def getEphemeralsDeployMessage () { - def msg = [ - "πŸš€ *EfΓ­mero desplegado* πŸš€", - "", - "Github: " + repoName + "/" + githubBranch, - "\t${githubRepo}", - ]; - - if (sc_story) { - msg.push("\nShortcut: https://app.shortcut.com/aplazame/story/${sc_story}") - } else { - msg.push("⚠️ rama sin HU de Shortcut") - } - - msg.push("\nDemos:\n") - - branch_envs - .each({env -> - def ephe_subdomain = 'sc-' + sc_story + '-' + app + '-' + env - msg.push("- https://${ephe_subdomain}.demo.aplazame.org/") - }) - - return msg.join('\n') -} - -pipeline { - options { - skipDefaultCheckout() - disableConcurrentBuilds() - ansiColor('xterm') - } - - agent { - kubernetes { - yamlFile "jenkins/node.yaml" - } - } - - environment { - SHORTCUT_API_TOKEN = credentials('CLUBHOUSE_API_TOKEN') - APP_RELEASY = "webapp-apidocs" - SLACK_TOKEN = credentials('SLACK_TOKEN_FRONTEND') - SLACK_HOOK = "https://hooks.slack.com/services/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" - } - - stages { - stage('⭐') { - when { - anyOf { - changeRequest(target: 'master') - expression { githubBranch == 'master' } - expression { githubBranch == 'release' } - // branch 'master' // not working propertly when a PR is opened from this branch - // branch 'release' // not working propertly when a PR is opened from this branch - } - // not { - // tag "*" - // } - beforeAgent true - } - - stages { - - stage('Install βš™') { - environment { - AWS_PROFILE = "AplazameSharedServices" - } - - steps { - checkout scm - - container('node') { - sshagent(['ssh-github']) { - logEnvVars() - - sh "ssh-keyscan -t rsa github.com >> ~/.ssh/known_hosts" - - sh "make install" - } - } - } - } - - // stage('βœ… & πŸ“Š') { - // steps { - // container('node') { - // sshagent(['ssh-github']) { - // sh "npm run tests" - // } - // } - // } - // } - - stage('Build 🍳') { - environment { - AWS_PROFILE = "AplazameSharedServices" - } - - steps { - container('node') { - script { - branch_envs.each{env -> - sh "OUT_DIR=build/${env} make build" - } - } - } - } - } - - stage('Ephemerals πŸͺ£ S3') { - when { not { anyOf { - // { branch 'master' } not working propertly in PRs - expression { githubBranch == 'master' } - expression { githubBranch == branch_like_master } - expression { githubBranch == 'release' } - expression { githubBranch == branch_like_release } - } } } - steps { - container('node') { - script { - sh """ - load-config - export AWS_PROFILE=Aplazame - """ - - def first_deploy = !folderExistsInS3( - 's3://' + getKey(ephe_bucket_name_by_env, 'staging') + getKey(ephe_suffix_by_env, 'staging') + '/' + app + '/sc-' + sc_story - ) - - branch_envs.each { env -> - def s3_path = 's3://' + getKey(ephe_bucket_name_by_env, env) + getKey(ephe_suffix_by_env, env) + '/' + app + '/sc-' + sc_story - - echo "πŸš€ [[ deploying 'build/${env}' to '${s3_path}' ]] πŸͺ£" - uploadFolderToS3('build/' + env, s3_path, - acl: 'public-read', - files_no_cache: '*.html', - ) - } - - def message = getEphemeralsDeployMessage() - def curl_message = message.replaceAll('\\n', '\\\\n') - - if (first_deploy) { - sh (returnStdout: true, script: """ - curl -X POST https://api.app.shortcut.com/api/v3/stories/${sc_story}/comments \ - -H "Shortcut-Token: \$SHORTCUT_API_TOKEN" \ - -H "Content-Type: application/json" \ - -d '{ "text": "${curl_message}" }' - """.stripIndent()) - } - - if (first_deploy) { - slackSend( - failOnError: true, - color: '#8000FF', - channel: '#frontend-environments', - message: message, - username: "Jenkins CI", - ) - } - } - } - } - } - - stage('[master] πŸͺ£ S3') { - when { anyOf { - // { branch 'master' } not working propertly in PRs - expression { githubBranch == 'master' } - expression { githubBranch == branch_like_master } - } } - steps { - container('node') { - script { - branch_envs.each { env -> - def s3_path = 's3://' + getKey(bucket_name_by_env, env) - - echo "πŸš€ [[ deploying 'build/${env}' to '${s3_path}' ]] πŸͺ£" - def result = uploadFolderToS3('build/' + env, s3_path, - aws_profile: getKey(aws_profile_by_env, env), - files_no_cache: '*.html', - ) - } - } - } - } - } - - stage('[PROD] πŸͺ£ S3') { - when { anyOf { - // { branch 'release' } not working propertly in PRs - expression { githubBranch == 'release' } - expression { githubBranch == branch_like_release } - } } - steps { - container('node') { - script { - branch_envs.each { env -> - def s3_path = 's3://' + PROD_bucket_name - - echo "πŸš€ [[ deploying 'build/${env}' to '${s3_path}' ]] πŸͺ£" - def result = uploadFolderToS3('build/' + env, s3_path, - aws_profile: getKey(aws_profile_by_env, env), - files_no_cache: '*.html', - ) - } - } - } - } - } - - stage('Done 🀘') { - steps { - echo "That's all folks!!" - } - } - } - } - } -} diff --git a/jenkins/jenkins-sonar.yaml b/jenkins/jenkins-sonar.yaml deleted file mode 100644 index f1ca81e..0000000 --- a/jenkins/jenkins-sonar.yaml +++ /dev/null @@ -1,20 +0,0 @@ ---- -apiVersion: v1 -kind: Pod -metadata: - name: apptest -spec: - serviceAccountName: aplazame-appdeployer - serviceAccount: aplazame-appdeployer - securityContext: - fsGroup: 1000 - containers: - - name: sonar - image: 666356151544.dkr.ecr.eu-central-1.amazonaws.com/tools/sonar-scanner:4.6.2.2472_2 - imagePullPolicy: Always - tty: true - resources: - limits: - cpu: 1 - memory: 3Gi - restartPolicy: Never \ No newline at end of file diff --git a/jenkins/node.yaml b/jenkins/node.yaml deleted file mode 100644 index ac38dc0..0000000 --- a/jenkins/node.yaml +++ /dev/null @@ -1,21 +0,0 @@ -apiVersion: v1 -kind: Pod -metadata: -spec: - serviceAccount: aplazame-frontdeployer - securityContext: - fsGroup: 1000 - containers: - - name: node - image: 666356151544.dkr.ecr.eu-central-1.amazonaws.com/tools/node:16.14.0_v1 - imagePullPolicy: Always - command: - - cat - tty: true - resources: - requests: - memory: 4Gi - cpu: 2 - limits: - memory: 4Gi - cpu: 2