From 12a9568df38f8831bbfb703ec52bd1a17a96aa59 Mon Sep 17 00:00:00 2001 From: "Manuel Humberto Colonia Vela [NE]" Date: Tue, 23 Dec 2025 13:13:00 +0100 Subject: [PATCH 01/22] added gha --- .github/workflows/apidoc-deploy.yml | 75 +++++++++++++++++++++++++++++ 1 file changed, 75 insertions(+) create mode 100644 .github/workflows/apidoc-deploy.yml diff --git a/.github/workflows/apidoc-deploy.yml b/.github/workflows/apidoc-deploy.yml new file mode 100644 index 0000000..9c9ccf1 --- /dev/null +++ b/.github/workflows/apidoc-deploy.yml @@ -0,0 +1,75 @@ +name: CI Terraform + +on: + push: + branches: + - master + - release + - 'sc-*' + +env: + APP: "apidocs" + APP_RELEASY: "webapp-apidocs" + S3BUCKETCACHE: "aplazameshared-jenkins-cache" + BRANCH_NAME: ${{ github.head_ref || github.ref_name }} + AWS_PROFILE: "AplazameSharedServices" + AWS_REGION: "eu-west-1" + S3_BUCKET_STAGING: apidocs-staging.aplazame.org + S3_PATH_STAGING: build/staging + S3_BUCKET_PRODUCTION: aplazame.dev + S3_PATH_PRODUCTION: build/prod + +jobs: + build-and-deploy: + runs-on: ${{ (github.event_name == 'push' && github.ref == 'refs/heads/pro' || + github.event_name == 'pull_request' && github.event.pull_request.base.ref == 'pro') + && vars.AWS_RG_NAME_PRO || vars.AWS_RG_NAME_NONPRO }} + environment: ${{ github.ref_name == 'master' && 'staging' || github.ref_name == 'release' && 'produccion' || github.ref_name == 'sc-*' && 'ephemeral' }} + env: + OUT_DIR: "build/staging" # ${{ vars.BUILD_DIR }} + S3_BUCKET: ${{ vars.S3_BUCKET }} + steps: + - name: Checkout code + uses: actions/checkout@8e8c483 #v6.0.1 + with: + fetch-depth: 0 + + - uses: actions/setup-node@395ad32 #v6.1.0 + with: + node-version: 16 + cache: 'npm' + + - name: Instalar dependencias + run: make install + + - name: Configure aws credentials + uses: aws-actions/configure-aws-credentials@61815dc #v5.1.1 + with: + role-to-assume: ${{ (github.event_name == 'push' && github.ref == 'refs/heads/pro' || + github.event_name == 'pull_request' && github.event.pull_request.base.ref == 'pro') + && vars.AWS_OIDC_ROLE_TF_PRO || vars.AWS_OIDC_ROLE_TF_NONPRO }} + role-session-name: ${{ github.run_id }} + aws-region: ${{ vars.WZ_OIDC_AWS_REGION }} + + + - name: Build + run: make build + + - name: Deploy to ephemerals - SC + if: contains(github.ref, 'sc-') + run: | + aws s3 sync build/dev s3://aplazame-ephemeral-environments/sc-${{ env.BRANCH_NAME }}-${{ env.APP }}-dev --acl public-read --cache-control "private, max-age:3600" --delete + aws s3 cp build/dev s3://aplazame-ephemeral-environments/sc-${{ env.BRANCH_NAME }}-${{ env.APP }}-dev --recursive --exclude '*' --include '*.html' --acl public-read --cache-control 'no-cache, no-store' + + + - name: Deploy to ${{ github.ref_name }} + if: github.ref == 'refs/heads/master' || github.ref == 'refs/heads/release' + run: | + aws s3 sync build/staging s3://apidocs-staging.aplazame.org --acl private --cache-control 'private, max-age:3600' --delete + aws s3 cp build/staging s3://apidocs-staging.aplazame.org --recursive --exclude '*' --include '*.html' --acl private --cache-control 'no-cache, no-store' + + # - name: Deploy to Staging - Production + # if: github.ref == 'refs/heads/release' + # run: | + # aws s3 sync build/prod s3://aplazame.dev --acl private --cache-control 'private, max-age:3600' --delete + # aws s3 cp build/prod s3://aplazame.dev --recursive --exclude '*' --include '*.html' --acl private --cache-control 'no-cache, no-store' From 8e87cf87715870e303ff1a225c1938c6cf564dde Mon Sep 17 00:00:00 2001 From: "Manuel Humberto Colonia Vela [NE]" Date: Tue, 23 Dec 2025 17:27:49 +0100 Subject: [PATCH 02/22] ci: on workflow dispatch --- .github/workflows/apidoc-deploy.yml | 19 ++++++++++--------- 1 file changed, 10 insertions(+), 9 deletions(-) diff --git a/.github/workflows/apidoc-deploy.yml b/.github/workflows/apidoc-deploy.yml index 9c9ccf1..371657c 100644 --- a/.github/workflows/apidoc-deploy.yml +++ b/.github/workflows/apidoc-deploy.yml @@ -1,11 +1,12 @@ -name: CI Terraform +name: Build and Deploy on: - push: - branches: - - master - - release - - 'sc-*' + workflow_dispatch: + #push: + # branches: + # - master + # - release + # - 'sc-*' env: APP: "apidocs" @@ -30,11 +31,11 @@ jobs: S3_BUCKET: ${{ vars.S3_BUCKET }} steps: - name: Checkout code - uses: actions/checkout@8e8c483 #v6.0.1 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 #v6.0.1 with: fetch-depth: 0 - - uses: actions/setup-node@395ad32 #v6.1.0 + - uses: actions/setup-node@395ad3262231945c25e8478fd5baf05154b1d79f #v6.1.0 with: node-version: 16 cache: 'npm' @@ -43,7 +44,7 @@ jobs: run: make install - name: Configure aws credentials - uses: aws-actions/configure-aws-credentials@61815dc #v5.1.1 + uses: aws-actions/configure-aws-credentials@61815dcd50bd041e203e49132bacad1fd04d2708 #v5.1.1 with: role-to-assume: ${{ (github.event_name == 'push' && github.ref == 'refs/heads/pro' || github.event_name == 'pull_request' && github.event.pull_request.base.ref == 'pro') From f83f3c64162a8ab82061ed3a16545a71b9a27507 Mon Sep 17 00:00:00 2001 From: "Manuel Humberto Colonia Vela [NE]" Date: Thu, 15 Jan 2026 15:43:38 +0100 Subject: [PATCH 03/22] test: deploy #1 --- .github/workflows/apidoc-deploy.yml | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) diff --git a/.github/workflows/apidoc-deploy.yml b/.github/workflows/apidoc-deploy.yml index 371657c..add8fe9 100644 --- a/.github/workflows/apidoc-deploy.yml +++ b/.github/workflows/apidoc-deploy.yml @@ -22,10 +22,10 @@ env: jobs: build-and-deploy: - runs-on: ${{ (github.event_name == 'push' && github.ref == 'refs/heads/pro' || - github.event_name == 'pull_request' && github.event.pull_request.base.ref == 'pro') + #environment: ${{ github.ref_name == 'master' && 'staging' || github.ref_name == 'release' && 'produccion' || github.ref_name == 'sc-*' && 'ephemeral' }} + runs-on: ${{ (github.event_name == 'push' && github.ref == 'refs/heads/master' || + github.event_name == 'pull_request' && github.event.pull_request.base.ref == 'master') && vars.AWS_RG_NAME_PRO || vars.AWS_RG_NAME_NONPRO }} - environment: ${{ github.ref_name == 'master' && 'staging' || github.ref_name == 'release' && 'produccion' || github.ref_name == 'sc-*' && 'ephemeral' }} env: OUT_DIR: "build/staging" # ${{ vars.BUILD_DIR }} S3_BUCKET: ${{ vars.S3_BUCKET }} @@ -46,9 +46,7 @@ jobs: - name: Configure aws credentials uses: aws-actions/configure-aws-credentials@61815dcd50bd041e203e49132bacad1fd04d2708 #v5.1.1 with: - role-to-assume: ${{ (github.event_name == 'push' && github.ref == 'refs/heads/pro' || - github.event_name == 'pull_request' && github.event.pull_request.base.ref == 'pro') - && vars.AWS_OIDC_ROLE_TF_PRO || vars.AWS_OIDC_ROLE_TF_NONPRO }} + role-to-assume: ${{ vars.WZ_OIDC_AWS_ROLE_ARN }} role-session-name: ${{ github.run_id }} aws-region: ${{ vars.WZ_OIDC_AWS_REGION }} From 5d77db2c166edf4c6635affcc5cbcadcace5b6ca Mon Sep 17 00:00:00 2001 From: "Manuel Humberto Colonia Vela [NE]" Date: Thu, 15 Jan 2026 15:45:00 +0100 Subject: [PATCH 04/22] test: deploy #2 --- .github/workflows/apidoc-deploy.yml | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/.github/workflows/apidoc-deploy.yml b/.github/workflows/apidoc-deploy.yml index add8fe9..44e6e12 100644 --- a/.github/workflows/apidoc-deploy.yml +++ b/.github/workflows/apidoc-deploy.yml @@ -2,8 +2,9 @@ name: Build and Deploy on: workflow_dispatch: - #push: - # branches: + push: + branches: + - sc-ddt-gha # - master # - release # - 'sc-*' @@ -22,7 +23,7 @@ env: jobs: build-and-deploy: - #environment: ${{ github.ref_name == 'master' && 'staging' || github.ref_name == 'release' && 'produccion' || github.ref_name == 'sc-*' && 'ephemeral' }} + environment: ${{ github.ref_name == 'master' && 'staging' || github.ref_name == 'release' && 'produccion' || github.ref_name == 'sc-*' && 'ephemeral' }} runs-on: ${{ (github.event_name == 'push' && github.ref == 'refs/heads/master' || github.event_name == 'pull_request' && github.event.pull_request.base.ref == 'master') && vars.AWS_RG_NAME_PRO || vars.AWS_RG_NAME_NONPRO }} From 124b70fff6cf685f5d32fd66b91b64716df6008d Mon Sep 17 00:00:00 2001 From: "Manuel Humberto Colonia Vela [NE]" Date: Thu, 15 Jan 2026 16:01:42 +0100 Subject: [PATCH 05/22] fix error --- .../{apidoc-deploy.yml => apidoc-build.yml} | 16 +++++++++++----- 1 file changed, 11 insertions(+), 5 deletions(-) rename .github/workflows/{apidoc-deploy.yml => apidoc-build.yml} (89%) diff --git a/.github/workflows/apidoc-deploy.yml b/.github/workflows/apidoc-build.yml similarity index 89% rename from .github/workflows/apidoc-deploy.yml rename to .github/workflows/apidoc-build.yml index 44e6e12..ee4e546 100644 --- a/.github/workflows/apidoc-deploy.yml +++ b/.github/workflows/apidoc-build.yml @@ -1,4 +1,4 @@ -name: Build and Deploy +name: Build and Upload on: workflow_dispatch: @@ -22,7 +22,7 @@ env: S3_PATH_PRODUCTION: build/prod jobs: - build-and-deploy: + build-and-upload: environment: ${{ github.ref_name == 'master' && 'staging' || github.ref_name == 'release' && 'produccion' || github.ref_name == 'sc-*' && 'ephemeral' }} runs-on: ${{ (github.event_name == 'push' && github.ref == 'refs/heads/master' || github.event_name == 'pull_request' && github.event.pull_request.base.ref == 'master') @@ -41,8 +41,11 @@ jobs: node-version: 16 cache: 'npm' - - name: Instalar dependencias - run: make install + - name: Instalar dependencias make + run: | + sudo apt-get update + sudo apt-get install -y make build-essential + make install - name: Configure aws credentials uses: aws-actions/configure-aws-credentials@61815dcd50bd041e203e49132bacad1fd04d2708 #v5.1.1 @@ -52,7 +55,7 @@ jobs: aws-region: ${{ vars.WZ_OIDC_AWS_REGION }} - - name: Build + - name: Build Make run: make build - name: Deploy to ephemerals - SC @@ -63,6 +66,9 @@ jobs: - name: Deploy to ${{ github.ref_name }} + env: + S3_BUCKET: ${{ vars.S3_BUCKET }} + ENVIRONMENT: ${{ github.ref_name }} if: github.ref == 'refs/heads/master' || github.ref == 'refs/heads/release' run: | aws s3 sync build/staging s3://apidocs-staging.aplazame.org --acl private --cache-control 'private, max-age:3600' --delete From b8722be9bd7d9d6f3b144286d18a0b5bf5dbebd4 Mon Sep 17 00:00:00 2001 From: "Manuel Humberto Colonia Vela [NE]" Date: Thu, 15 Jan 2026 16:07:06 +0100 Subject: [PATCH 06/22] fix error make install --- .github/workflows/apidoc-build.yml | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/.github/workflows/apidoc-build.yml b/.github/workflows/apidoc-build.yml index ee4e546..28fbfa6 100644 --- a/.github/workflows/apidoc-build.yml +++ b/.github/workflows/apidoc-build.yml @@ -39,7 +39,10 @@ jobs: - uses: actions/setup-node@395ad3262231945c25e8478fd5baf05154b1d79f #v6.1.0 with: node-version: 16 - cache: 'npm' + cache: 'yarn' + + - name: Install Yarn + run: npm install --g yarn - name: Instalar dependencias make run: | From a48bbbb56920fef99c0f9429d324a479cb9241f8 Mon Sep 17 00:00:00 2001 From: "Manuel Humberto Colonia Vela [NE]" Date: Thu, 15 Jan 2026 16:10:04 +0100 Subject: [PATCH 07/22] fix error make install #2 --- .github/workflows/apidoc-build.yml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/.github/workflows/apidoc-build.yml b/.github/workflows/apidoc-build.yml index 28fbfa6..cb73c5e 100644 --- a/.github/workflows/apidoc-build.yml +++ b/.github/workflows/apidoc-build.yml @@ -36,10 +36,11 @@ jobs: with: fetch-depth: 0 - - uses: actions/setup-node@395ad3262231945c25e8478fd5baf05154b1d79f #v6.1.0 + - name: Setup Node.js + uses: actions/setup-node@395ad3262231945c25e8478fd5baf05154b1d79f #v6.1.0 with: node-version: 16 - cache: 'yarn' + cache: 'npm' - name: Install Yarn run: npm install --g yarn From 1d77b5ba33c9658d9e1f7334b7dd5d1f56155e78 Mon Sep 17 00:00:00 2001 From: "Manuel Humberto Colonia Vela [NE]" Date: Thu, 15 Jan 2026 16:39:47 +0100 Subject: [PATCH 08/22] fix deploy s3 and enviroment --- .github/workflows/apidoc-build.yml | 35 ++++++++++-------------------- 1 file changed, 12 insertions(+), 23 deletions(-) diff --git a/.github/workflows/apidoc-build.yml b/.github/workflows/apidoc-build.yml index cb73c5e..a4c9517 100644 --- a/.github/workflows/apidoc-build.yml +++ b/.github/workflows/apidoc-build.yml @@ -28,8 +28,9 @@ jobs: github.event_name == 'pull_request' && github.event.pull_request.base.ref == 'master') && vars.AWS_RG_NAME_PRO || vars.AWS_RG_NAME_NONPRO }} env: - OUT_DIR: "build/staging" # ${{ vars.BUILD_DIR }} - S3_BUCKET: ${{ vars.S3_BUCKET }} + ENVIRONMENT: ${{ vars.ENVIRONMENT }} + OUT_DIR: "build/staging" # ${{ vars.BUILD_DIR }} # build/prod (release) # build/staging (master>) + S3_BUCKET: ${{ vars.S3_BUCKET }} # aplazame.dev (release) # apidocs-staging.aplazame.org (master>) steps: - name: Checkout code uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 #v6.0.1 @@ -42,11 +43,9 @@ jobs: node-version: 16 cache: 'npm' - - name: Install Yarn - run: npm install --g yarn - - - name: Instalar dependencias make + - name: Instalar dependencias Make run: | + npm install --g yarn sudo apt-get update sudo apt-get install -y make build-essential make install @@ -58,28 +57,18 @@ jobs: role-session-name: ${{ github.run_id }} aws-region: ${{ vars.WZ_OIDC_AWS_REGION }} - - name: Build Make run: make build - - name: Deploy to ephemerals - SC + - name: deploy to S3 Bucket + if: github.ref == 'refs/heads/master' || github.ref == 'refs/heads/release' + run: | + aws s3 sync ${{ env.OUT_DIR }} s3://${{ env.S3_BUCKET }} --acl private --cache-control 'private, max-age:3600' --delete + aws s3 cp ${{ env.OUT_DIR }} s3://${{ env.S3_BUCKET }} --recursive --exclude '*' --include '*.html' --acl private --cache-control 'no-cache, no-store' + + - name: Deploy to ephemerals - Branch SC if: contains(github.ref, 'sc-') run: | aws s3 sync build/dev s3://aplazame-ephemeral-environments/sc-${{ env.BRANCH_NAME }}-${{ env.APP }}-dev --acl public-read --cache-control "private, max-age:3600" --delete aws s3 cp build/dev s3://aplazame-ephemeral-environments/sc-${{ env.BRANCH_NAME }}-${{ env.APP }}-dev --recursive --exclude '*' --include '*.html' --acl public-read --cache-control 'no-cache, no-store' - - - name: Deploy to ${{ github.ref_name }} - env: - S3_BUCKET: ${{ vars.S3_BUCKET }} - ENVIRONMENT: ${{ github.ref_name }} - if: github.ref == 'refs/heads/master' || github.ref == 'refs/heads/release' - run: | - aws s3 sync build/staging s3://apidocs-staging.aplazame.org --acl private --cache-control 'private, max-age:3600' --delete - aws s3 cp build/staging s3://apidocs-staging.aplazame.org --recursive --exclude '*' --include '*.html' --acl private --cache-control 'no-cache, no-store' - - # - name: Deploy to Staging - Production - # if: github.ref == 'refs/heads/release' - # run: | - # aws s3 sync build/prod s3://aplazame.dev --acl private --cache-control 'private, max-age:3600' --delete - # aws s3 cp build/prod s3://aplazame.dev --recursive --exclude '*' --include '*.html' --acl private --cache-control 'no-cache, no-store' From d97ce6d330e63fd8a3f8ec5c79a3dbfd9b7f9642 Mon Sep 17 00:00:00 2001 From: "Manuel Humberto Colonia Vela [NE]" Date: Tue, 20 Jan 2026 14:07:25 +0100 Subject: [PATCH 09/22] GHA: Testing --- .github/workflows/apidoc-build.yml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/.github/workflows/apidoc-build.yml b/.github/workflows/apidoc-build.yml index a4c9517..9ddb7eb 100644 --- a/.github/workflows/apidoc-build.yml +++ b/.github/workflows/apidoc-build.yml @@ -24,13 +24,13 @@ env: jobs: build-and-upload: environment: ${{ github.ref_name == 'master' && 'staging' || github.ref_name == 'release' && 'produccion' || github.ref_name == 'sc-*' && 'ephemeral' }} - runs-on: ${{ (github.event_name == 'push' && github.ref == 'refs/heads/master' || + runs-on: ${{ (github.event_name == 'push' && github.ref == 'refs/heads/master' || github.event_name == 'pull_request' && github.event.pull_request.base.ref == 'master') && vars.AWS_RG_NAME_PRO || vars.AWS_RG_NAME_NONPRO }} env: ENVIRONMENT: ${{ vars.ENVIRONMENT }} - OUT_DIR: "build/staging" # ${{ vars.BUILD_DIR }} # build/prod (release) # build/staging (master>) - S3_BUCKET: ${{ vars.S3_BUCKET }} # aplazame.dev (release) # apidocs-staging.aplazame.org (master>) + OUT_DIR: ${{ github.ref == 'refs/heads/master' && 'build/staging' || github.ref == 'refs/heads/release' && 'build/prod' || startsWith(github.ref, 'refs/heads/sc-') && 'build/dev' }} + S3_BUCKET: ${{ github.ref == 'refs/heads/master' && vars.S3_BUCKET_STAGING || github.ref == 'refs/heads/release' && vars.S3_BUCKET_PRODUCTION || startsWith(github.ref, 'refs/heads/sc-') && 'aplazame-ephemeral-environments' }} steps: - name: Checkout code uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 #v6.0.1 @@ -53,7 +53,7 @@ jobs: - name: Configure aws credentials uses: aws-actions/configure-aws-credentials@61815dcd50bd041e203e49132bacad1fd04d2708 #v5.1.1 with: - role-to-assume: ${{ vars.WZ_OIDC_AWS_ROLE_ARN }} + role-to-assume: ${{ github.ref == 'refs/heads/master' && vars.AWS_OIDC_ROLE_TF_PRO || vars.AWS_OIDC_ROLE_TF_NONPRO }} role-session-name: ${{ github.run_id }} aws-region: ${{ vars.WZ_OIDC_AWS_REGION }} @@ -67,7 +67,7 @@ jobs: aws s3 cp ${{ env.OUT_DIR }} s3://${{ env.S3_BUCKET }} --recursive --exclude '*' --include '*.html' --acl private --cache-control 'no-cache, no-store' - name: Deploy to ephemerals - Branch SC - if: contains(github.ref, 'sc-') + if: startsWith(github.ref, 'refs/heads/sc-') run: | aws s3 sync build/dev s3://aplazame-ephemeral-environments/sc-${{ env.BRANCH_NAME }}-${{ env.APP }}-dev --acl public-read --cache-control "private, max-age:3600" --delete aws s3 cp build/dev s3://aplazame-ephemeral-environments/sc-${{ env.BRANCH_NAME }}-${{ env.APP }}-dev --recursive --exclude '*' --include '*.html' --acl public-read --cache-control 'no-cache, no-store' From a3a0c5763c28031474d3fc6f1fa870fff48d3297 Mon Sep 17 00:00:00 2001 From: "Manuel Humberto Colonia Vela [NE]" Date: Tue, 20 Jan 2026 14:10:08 +0100 Subject: [PATCH 10/22] GHA: Testing #2 --- .github/workflows/apidoc-build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/apidoc-build.yml b/.github/workflows/apidoc-build.yml index 9ddb7eb..2fd88ec 100644 --- a/.github/workflows/apidoc-build.yml +++ b/.github/workflows/apidoc-build.yml @@ -28,7 +28,7 @@ jobs: github.event_name == 'pull_request' && github.event.pull_request.base.ref == 'master') && vars.AWS_RG_NAME_PRO || vars.AWS_RG_NAME_NONPRO }} env: - ENVIRONMENT: ${{ vars.ENVIRONMENT }} + ENVIRONMENT: ${{ github.ref_name == 'master' && 'staging' || github.ref_name == 'release' && 'prod' || github.ref_name == 'sc-*' && 'ephemeral' }} OUT_DIR: ${{ github.ref == 'refs/heads/master' && 'build/staging' || github.ref == 'refs/heads/release' && 'build/prod' || startsWith(github.ref, 'refs/heads/sc-') && 'build/dev' }} S3_BUCKET: ${{ github.ref == 'refs/heads/master' && vars.S3_BUCKET_STAGING || github.ref == 'refs/heads/release' && vars.S3_BUCKET_PRODUCTION || startsWith(github.ref, 'refs/heads/sc-') && 'aplazame-ephemeral-environments' }} steps: From 21800d60c2e40cfe7175188274de92adc1e63700 Mon Sep 17 00:00:00 2001 From: "Manuel Humberto Colonia Vela [NE]" Date: Tue, 20 Jan 2026 14:11:09 +0100 Subject: [PATCH 11/22] GHA: permission token #2 --- .github/workflows/apidoc-build.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.github/workflows/apidoc-build.yml b/.github/workflows/apidoc-build.yml index 2fd88ec..44644c8 100644 --- a/.github/workflows/apidoc-build.yml +++ b/.github/workflows/apidoc-build.yml @@ -21,6 +21,10 @@ env: S3_BUCKET_PRODUCTION: aplazame.dev S3_PATH_PRODUCTION: build/prod +permissions: + contents: read + id-token: write + jobs: build-and-upload: environment: ${{ github.ref_name == 'master' && 'staging' || github.ref_name == 'release' && 'produccion' || github.ref_name == 'sc-*' && 'ephemeral' }} From 50f43934d34e8412265f950ffc4e1a912a2db89d Mon Sep 17 00:00:00 2001 From: "Manuel Humberto Colonia Vela [NE]" Date: Tue, 20 Jan 2026 14:22:29 +0100 Subject: [PATCH 12/22] GHA: permission token #2 --- .github/workflows/apidoc-build.yml | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) diff --git a/.github/workflows/apidoc-build.yml b/.github/workflows/apidoc-build.yml index 44644c8..b51ef03 100644 --- a/.github/workflows/apidoc-build.yml +++ b/.github/workflows/apidoc-build.yml @@ -1,7 +1,6 @@ name: Build and Upload on: - workflow_dispatch: push: branches: - sc-ddt-gha @@ -24,7 +23,7 @@ env: permissions: contents: read id-token: write - + jobs: build-and-upload: environment: ${{ github.ref_name == 'master' && 'staging' || github.ref_name == 'release' && 'produccion' || github.ref_name == 'sc-*' && 'ephemeral' }} @@ -33,8 +32,8 @@ jobs: && vars.AWS_RG_NAME_PRO || vars.AWS_RG_NAME_NONPRO }} env: ENVIRONMENT: ${{ github.ref_name == 'master' && 'staging' || github.ref_name == 'release' && 'prod' || github.ref_name == 'sc-*' && 'ephemeral' }} - OUT_DIR: ${{ github.ref == 'refs/heads/master' && 'build/staging' || github.ref == 'refs/heads/release' && 'build/prod' || startsWith(github.ref, 'refs/heads/sc-') && 'build/dev' }} - S3_BUCKET: ${{ github.ref == 'refs/heads/master' && vars.S3_BUCKET_STAGING || github.ref == 'refs/heads/release' && vars.S3_BUCKET_PRODUCTION || startsWith(github.ref, 'refs/heads/sc-') && 'aplazame-ephemeral-environments' }} + OUT_DIR: ${{ github.ref == 'refs/heads/master' && 'build/staging' || github.ref == 'refs/heads/release' && 'build/prod' || startsWith(github.ref, 'refs/heads/sc-') && 'build/staging' }} + S3_BUCKET: ${{ github.ref == 'refs/heads/master' && vars.S3_BUCKET_STAGING || github.ref == 'refs/heads/release' && vars.S3_BUCKET_PRODUCTION || startsWith(github.ref, 'refs/heads/sc-') && 'ephemeral-environments' }} steps: - name: Checkout code uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 #v6.0.1 @@ -73,6 +72,6 @@ jobs: - name: Deploy to ephemerals - Branch SC if: startsWith(github.ref, 'refs/heads/sc-') run: | - aws s3 sync build/dev s3://aplazame-ephemeral-environments/sc-${{ env.BRANCH_NAME }}-${{ env.APP }}-dev --acl public-read --cache-control "private, max-age:3600" --delete - aws s3 cp build/dev s3://aplazame-ephemeral-environments/sc-${{ env.BRANCH_NAME }}-${{ env.APP }}-dev --recursive --exclude '*' --include '*.html' --acl public-read --cache-control 'no-cache, no-store' + aws s3 sync build/staging s3://ephemeral-environments/${{ env.APP }}${{ env.BRANCH_NAME }} --acl public-read --cache-control "private, max-age:3600" --delete + aws s3 cp build/staging s3://ephemeral-environments/${{ env.APP }}/${{ env.BRANCH_NAME }} --recursive --exclude '*' --include '*.html' --acl public-read --cache-control 'no-cache, no-store' From 480211160ae4e6aecb74133c1bda4a85ca7662f7 Mon Sep 17 00:00:00 2001 From: "Manuel Humberto Colonia Vela [NE]" Date: Tue, 20 Jan 2026 16:00:07 +0100 Subject: [PATCH 13/22] GHA: permission token #3 --- .github/workflows/apidoc-build.yml | 21 +++++++++++++-------- 1 file changed, 13 insertions(+), 8 deletions(-) diff --git a/.github/workflows/apidoc-build.yml b/.github/workflows/apidoc-build.yml index b51ef03..a097dd1 100644 --- a/.github/workflows/apidoc-build.yml +++ b/.github/workflows/apidoc-build.yml @@ -39,7 +39,13 @@ jobs: uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 #v6.0.1 with: fetch-depth: 0 - + - name: Install AWS CLI + run: | + sudo apt-get install unzip curl -y + curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip" + unzip awscliv2.zip + sudo ./aws/install --update + aws --version - name: Setup Node.js uses: actions/setup-node@395ad3262231945c25e8478fd5baf05154b1d79f #v6.1.0 with: @@ -62,16 +68,15 @@ jobs: - name: Build Make run: make build - - - name: deploy to S3 Bucket - if: github.ref == 'refs/heads/master' || github.ref == 'refs/heads/release' - run: | - aws s3 sync ${{ env.OUT_DIR }} s3://${{ env.S3_BUCKET }} --acl private --cache-control 'private, max-age:3600' --delete - aws s3 cp ${{ env.OUT_DIR }} s3://${{ env.S3_BUCKET }} --recursive --exclude '*' --include '*.html' --acl private --cache-control 'no-cache, no-store' - + - name: Deploy to ephemerals - Branch SC if: startsWith(github.ref, 'refs/heads/sc-') run: | aws s3 sync build/staging s3://ephemeral-environments/${{ env.APP }}${{ env.BRANCH_NAME }} --acl public-read --cache-control "private, max-age:3600" --delete aws s3 cp build/staging s3://ephemeral-environments/${{ env.APP }}/${{ env.BRANCH_NAME }} --recursive --exclude '*' --include '*.html' --acl public-read --cache-control 'no-cache, no-store' + - name: Deploy to S3 Bucket + if: github.ref == 'refs/heads/master' || github.ref == 'refs/heads/release' + run: | + aws s3 sync ${{ env.OUT_DIR }} s3://${{ env.S3_BUCKET }} --acl private --cache-control 'private, max-age:3600' --delete + aws s3 cp ${{ env.OUT_DIR }} s3://${{ env.S3_BUCKET }} --recursive --exclude '*' --include '*.html' --acl private --cache-control 'no-cache, no-store' From 156a271b5fc83c1da1d7c9900864f2f3306c44fe Mon Sep 17 00:00:00 2001 From: "Manuel Humberto Colonia Vela [NE]" Date: Wed, 21 Jan 2026 09:31:31 +0100 Subject: [PATCH 14/22] GHA: permission token #4 --- .github/workflows/apidoc-build.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/apidoc-build.yml b/.github/workflows/apidoc-build.yml index a097dd1..c2ded4f 100644 --- a/.github/workflows/apidoc-build.yml +++ b/.github/workflows/apidoc-build.yml @@ -80,3 +80,4 @@ jobs: run: | aws s3 sync ${{ env.OUT_DIR }} s3://${{ env.S3_BUCKET }} --acl private --cache-control 'private, max-age:3600' --delete aws s3 cp ${{ env.OUT_DIR }} s3://${{ env.S3_BUCKET }} --recursive --exclude '*' --include '*.html' --acl private --cache-control 'no-cache, no-store' +# \ No newline at end of file From d75bfc1264c30375e5dd5dbc71b76ff0323b81b4 Mon Sep 17 00:00:00 2001 From: "Manuel Humberto Colonia Vela [NE]" Date: Wed, 21 Jan 2026 09:44:06 +0100 Subject: [PATCH 15/22] GHA: permission token #5 --- .github/workflows/apidoc-build.yml | 17 ++++++++++------- 1 file changed, 10 insertions(+), 7 deletions(-) diff --git a/.github/workflows/apidoc-build.yml b/.github/workflows/apidoc-build.yml index c2ded4f..bca9b20 100644 --- a/.github/workflows/apidoc-build.yml +++ b/.github/workflows/apidoc-build.yml @@ -27,9 +27,7 @@ permissions: jobs: build-and-upload: environment: ${{ github.ref_name == 'master' && 'staging' || github.ref_name == 'release' && 'produccion' || github.ref_name == 'sc-*' && 'ephemeral' }} - runs-on: ${{ (github.event_name == 'push' && github.ref == 'refs/heads/master' || - github.event_name == 'pull_request' && github.event.pull_request.base.ref == 'master') - && vars.AWS_RG_NAME_PRO || vars.AWS_RG_NAME_NONPRO }} + runs-on: ${{ vars.AWS_RG_NAME_PRO }} env: ENVIRONMENT: ${{ github.ref_name == 'master' && 'staging' || github.ref_name == 'release' && 'prod' || github.ref_name == 'sc-*' && 'ephemeral' }} OUT_DIR: ${{ github.ref == 'refs/heads/master' && 'build/staging' || github.ref == 'refs/heads/release' && 'build/prod' || startsWith(github.ref, 'refs/heads/sc-') && 'build/staging' }} @@ -62,7 +60,7 @@ jobs: - name: Configure aws credentials uses: aws-actions/configure-aws-credentials@61815dcd50bd041e203e49132bacad1fd04d2708 #v5.1.1 with: - role-to-assume: ${{ github.ref == 'refs/heads/master' && vars.AWS_OIDC_ROLE_TF_PRO || vars.AWS_OIDC_ROLE_TF_NONPRO }} + role-to-assume: ${{ vars.AWS_OIDC_ROLE_TF_PRO }} role-session-name: ${{ github.run_id }} aws-region: ${{ vars.WZ_OIDC_AWS_REGION }} @@ -72,12 +70,17 @@ jobs: - name: Deploy to ephemerals - Branch SC if: startsWith(github.ref, 'refs/heads/sc-') run: | - aws s3 sync build/staging s3://ephemeral-environments/${{ env.APP }}${{ env.BRANCH_NAME }} --acl public-read --cache-control "private, max-age:3600" --delete - aws s3 cp build/staging s3://ephemeral-environments/${{ env.APP }}/${{ env.BRANCH_NAME }} --recursive --exclude '*' --include '*.html' --acl public-read --cache-control 'no-cache, no-store' + aws --profile Aplazame s3 sync build/staging s3://ephemeral-environments/${{ env.APP }}${{ env.BRANCH_NAME }} --acl public-read --cache-control "private, max-age:3600" --delete + aws --profile Aplazame s3 cp build/staging s3://ephemeral-environments/${{ env.APP }}/${{ env.BRANCH_NAME }} --recursive --exclude '*' --include '*.html' --acl public-read --cache-control 'no-cache, no-store' - name: Deploy to S3 Bucket if: github.ref == 'refs/heads/master' || github.ref == 'refs/heads/release' run: | aws s3 sync ${{ env.OUT_DIR }} s3://${{ env.S3_BUCKET }} --acl private --cache-control 'private, max-age:3600' --delete aws s3 cp ${{ env.OUT_DIR }} s3://${{ env.S3_BUCKET }} --recursive --exclude '*' --include '*.html' --acl private --cache-control 'no-cache, no-store' -# \ No newline at end of file + + + + # Aplazame prod + # AWS_PROFILE=Aplazame= ephimeral + # AWS_PROFILE=Aplazame= master From 10c81065a42bcf76c47cd2283e33b1038bc2d476 Mon Sep 17 00:00:00 2001 From: "Manuel Humberto Colonia Vela [NE]" Date: Wed, 21 Jan 2026 10:20:55 +0100 Subject: [PATCH 16/22] GHA: test deploy #5 --- .github/workflows/apidoc-build.yml | 25 ++++++++++--------------- 1 file changed, 10 insertions(+), 15 deletions(-) diff --git a/.github/workflows/apidoc-build.yml b/.github/workflows/apidoc-build.yml index bca9b20..68903f0 100644 --- a/.github/workflows/apidoc-build.yml +++ b/.github/workflows/apidoc-build.yml @@ -26,7 +26,6 @@ permissions: jobs: build-and-upload: - environment: ${{ github.ref_name == 'master' && 'staging' || github.ref_name == 'release' && 'produccion' || github.ref_name == 'sc-*' && 'ephemeral' }} runs-on: ${{ vars.AWS_RG_NAME_PRO }} env: ENVIRONMENT: ${{ github.ref_name == 'master' && 'staging' || github.ref_name == 'release' && 'prod' || github.ref_name == 'sc-*' && 'ephemeral' }} @@ -67,20 +66,16 @@ jobs: - name: Build Make run: make build - - name: Deploy to ephemerals - Branch SC - if: startsWith(github.ref, 'refs/heads/sc-') - run: | - aws --profile Aplazame s3 sync build/staging s3://ephemeral-environments/${{ env.APP }}${{ env.BRANCH_NAME }} --acl public-read --cache-control "private, max-age:3600" --delete - aws --profile Aplazame s3 cp build/staging s3://ephemeral-environments/${{ env.APP }}/${{ env.BRANCH_NAME }} --recursive --exclude '*' --include '*.html' --acl public-read --cache-control 'no-cache, no-store' - - - name: Deploy to S3 Bucket + - name: Deploy to S3 Bucket ${{ env.ENVIRONMENT }} if: github.ref == 'refs/heads/master' || github.ref == 'refs/heads/release' run: | - aws s3 sync ${{ env.OUT_DIR }} s3://${{ env.S3_BUCKET }} --acl private --cache-control 'private, max-age:3600' --delete - aws s3 cp ${{ env.OUT_DIR }} s3://${{ env.S3_BUCKET }} --recursive --exclude '*' --include '*.html' --acl private --cache-control 'no-cache, no-store' - - + if [[ "${{ github.ref_name }}" == "master" || "${{ github.ref_name }}" == "release" ]]; then + echo "Deploying to ${{ env.ENVIRONMENT }} S3 bucket: ${{ env.S3_BUCKET }}" + #aws --profile Aplazame s3 sync ${{ env.OUT_DIR }} s3://${{ env.S3_BUCKET }} --acl private --cache-control 'private, max-age:3600' --delete + #aws --profile Aplazame s3 cp ${{ env.OUT_DIR }} s3://${{ env.S3_BUCKET }} --recursive --exclude '*' --include '*.html' --acl private --cache-control 'no-cache, no-store' + elif [[ "${{ github.ref_name }}" == sc-* ]]; then + echo "Deploy to ephemeral environment for branch ${{ github.ref_name }}" + #aws --profile Aplazame s3 sync build/staging s3://ephemeral-environments/${{ env.APP }}${{ env.BRANCH_NAME }} --acl public-read --cache-control "private, max-age:3600" --delete + #aws --profile Aplazame s3 cp build/staging s3://ephemeral-environments/${{ env.APP }}/${{ env.BRANCH_NAME }} --recursive --exclude '*' --include '*.html' --acl public-read --cache-control 'no-cache, no-store' + fi - # Aplazame prod - # AWS_PROFILE=Aplazame= ephimeral - # AWS_PROFILE=Aplazame= master From 684505a55bb5c34616e6c51fe2edbdca58be31ef Mon Sep 17 00:00:00 2001 From: "Manuel Humberto Colonia Vela [NE]" Date: Wed, 21 Jan 2026 10:27:31 +0100 Subject: [PATCH 17/22] GHA: test deploy #6 --- .github/workflows/apidoc-build.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/apidoc-build.yml b/.github/workflows/apidoc-build.yml index 68903f0..84f543f 100644 --- a/.github/workflows/apidoc-build.yml +++ b/.github/workflows/apidoc-build.yml @@ -67,7 +67,6 @@ jobs: run: make build - name: Deploy to S3 Bucket ${{ env.ENVIRONMENT }} - if: github.ref == 'refs/heads/master' || github.ref == 'refs/heads/release' run: | if [[ "${{ github.ref_name }}" == "master" || "${{ github.ref_name }}" == "release" ]]; then echo "Deploying to ${{ env.ENVIRONMENT }} S3 bucket: ${{ env.S3_BUCKET }}" From 7d1077740758f2151f3667f9457800640326d00c Mon Sep 17 00:00:00 2001 From: "Manuel Humberto Colonia Vela [NE]" Date: Wed, 21 Jan 2026 10:33:05 +0100 Subject: [PATCH 18/22] GHA: test deploy #6 --- .github/workflows/apidoc-build.yml | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/.github/workflows/apidoc-build.yml b/.github/workflows/apidoc-build.yml index 84f543f..6a8fa81 100644 --- a/.github/workflows/apidoc-build.yml +++ b/.github/workflows/apidoc-build.yml @@ -3,10 +3,9 @@ name: Build and Upload on: push: branches: - - sc-ddt-gha - # - master - # - release - # - 'sc-*' + - master + - release + - 'sc-*' env: APP: "apidocs" @@ -74,7 +73,7 @@ jobs: #aws --profile Aplazame s3 cp ${{ env.OUT_DIR }} s3://${{ env.S3_BUCKET }} --recursive --exclude '*' --include '*.html' --acl private --cache-control 'no-cache, no-store' elif [[ "${{ github.ref_name }}" == sc-* ]]; then echo "Deploy to ephemeral environment for branch ${{ github.ref_name }}" - #aws --profile Aplazame s3 sync build/staging s3://ephemeral-environments/${{ env.APP }}${{ env.BRANCH_NAME }} --acl public-read --cache-control "private, max-age:3600" --delete + #aws --profile Aplazame s3 sync build/staging s3://ephemeral-environments/${{ env.APP }}/${{ env.BRANCH_NAME }} --acl public-read --cache-control "private, max-age:3600" --delete #aws --profile Aplazame s3 cp build/staging s3://ephemeral-environments/${{ env.APP }}/${{ env.BRANCH_NAME }} --recursive --exclude '*' --include '*.html' --acl public-read --cache-control 'no-cache, no-store' fi From 5f8fbe7f0f744231a3f44e5c0821b14ab2b90e93 Mon Sep 17 00:00:00 2001 From: "Manuel Humberto Colonia Vela [NE]" Date: Wed, 21 Jan 2026 10:34:50 +0100 Subject: [PATCH 19/22] GHA: test deploy #6 --- .github/workflows/apidoc-build.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/apidoc-build.yml b/.github/workflows/apidoc-build.yml index 6a8fa81..756417a 100644 --- a/.github/workflows/apidoc-build.yml +++ b/.github/workflows/apidoc-build.yml @@ -69,11 +69,11 @@ jobs: run: | if [[ "${{ github.ref_name }}" == "master" || "${{ github.ref_name }}" == "release" ]]; then echo "Deploying to ${{ env.ENVIRONMENT }} S3 bucket: ${{ env.S3_BUCKET }}" - #aws --profile Aplazame s3 sync ${{ env.OUT_DIR }} s3://${{ env.S3_BUCKET }} --acl private --cache-control 'private, max-age:3600' --delete - #aws --profile Aplazame s3 cp ${{ env.OUT_DIR }} s3://${{ env.S3_BUCKET }} --recursive --exclude '*' --include '*.html' --acl private --cache-control 'no-cache, no-store' + aws --profile Aplazame s3 sync ${{ env.OUT_DIR }} s3://${{ env.S3_BUCKET }} --acl private --cache-control 'private, max-age:3600' --delete + aws --profile Aplazame s3 cp ${{ env.OUT_DIR }} s3://${{ env.S3_BUCKET }} --recursive --exclude '*' --include '*.html' --acl private --cache-control 'no-cache, no-store' elif [[ "${{ github.ref_name }}" == sc-* ]]; then echo "Deploy to ephemeral environment for branch ${{ github.ref_name }}" - #aws --profile Aplazame s3 sync build/staging s3://ephemeral-environments/${{ env.APP }}/${{ env.BRANCH_NAME }} --acl public-read --cache-control "private, max-age:3600" --delete - #aws --profile Aplazame s3 cp build/staging s3://ephemeral-environments/${{ env.APP }}/${{ env.BRANCH_NAME }} --recursive --exclude '*' --include '*.html' --acl public-read --cache-control 'no-cache, no-store' + aws --profile Aplazame s3 sync build/staging s3://ephemeral-environments/${{ env.APP }}/${{ env.BRANCH_NAME }} --acl public-read --cache-control "private, max-age:3600" --delete + aws --profile Aplazame s3 cp build/staging s3://ephemeral-environments/${{ env.APP }}/${{ env.BRANCH_NAME }} --recursive --exclude '*' --include '*.html' --acl public-read --cache-control 'no-cache, no-store' fi From 45a178156ddf6d5644c7e96e3a649174b271d4e5 Mon Sep 17 00:00:00 2001 From: "Manuel Humberto Colonia Vela [NE]" Date: Wed, 21 Jan 2026 10:38:10 +0100 Subject: [PATCH 20/22] GHA: test deploy #6 --- .github/workflows/apidoc-build.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/apidoc-build.yml b/.github/workflows/apidoc-build.yml index 756417a..fe939ce 100644 --- a/.github/workflows/apidoc-build.yml +++ b/.github/workflows/apidoc-build.yml @@ -76,4 +76,3 @@ jobs: aws --profile Aplazame s3 sync build/staging s3://ephemeral-environments/${{ env.APP }}/${{ env.BRANCH_NAME }} --acl public-read --cache-control "private, max-age:3600" --delete aws --profile Aplazame s3 cp build/staging s3://ephemeral-environments/${{ env.APP }}/${{ env.BRANCH_NAME }} --recursive --exclude '*' --include '*.html' --acl public-read --cache-control 'no-cache, no-store' fi - From c9f2f3915e1e4399e72d9c6a3beb3fbaf8c657ba Mon Sep 17 00:00:00 2001 From: "Manuel Humberto Colonia Vela [NE]" Date: Wed, 21 Jan 2026 10:39:23 +0100 Subject: [PATCH 21/22] GHA: removed jenkinsfile #6 --- Jenkinsfile | 276 ------------------------------------- jenkins/jenkins-sonar.yaml | 20 --- jenkins/node.yaml | 21 --- 3 files changed, 317 deletions(-) delete mode 100644 Jenkinsfile delete mode 100644 jenkins/jenkins-sonar.yaml delete mode 100644 jenkins/node.yaml diff --git a/Jenkinsfile b/Jenkinsfile deleted file mode 100644 index 814a6b9..0000000 --- a/Jenkinsfile +++ /dev/null @@ -1,276 +0,0 @@ - -library 'aplazame-shared-library' - -app = "apidocs" -repoName = scm.getUserRemoteConfigs()[0].getUrl().tokenize('/').last().split("\\.")[0] -githubBranch = env.CHANGE_BRANCH ? env.CHANGE_BRANCH : env.BRANCH_NAME -githubRepo = "https://github.com/aplazame/" + repoName + "/tree/" + githubBranch - -// GIT_COMMIT_HASH = sh (script: "git log -n 1 --pretty=format:'%H'", returnStdout: true) - -foldersCache = '"node_modules/"' -s3BucketCache = "aplazameshared-jenkins-cache" - -branch_like_master = 'only/master-is-master-πŸš€' -branch_like_release = 'only/release-is-release-πŸš€' - -aws_profile_by_env = [ - pre: 'AplazameStaging', - default: 'Aplazame', -] - -ephe_suffix_by_env = [ - squad: '-squad', - dev: '-dev', - default: '', -] - -ephe_bucket_name_by_env = [ - // squad: 'aplazame-ephemeral-environments', - default: 'ephemeral-environments', -] - -bucket_name_by_env = [ - // pre: 'apidocs-pre.aplazame.org', - // prod: <- ⚠️ IS VERY DANGEROUS TO PUT IT HERE ⚠️ - default: 'apidocs-staging.aplazame.org', // `staging` by default 'checkout-staging.aplazame.org' -] -PROD_bucket_name = 'aplazame.dev' // 'checkout.aplazame.com' - -envs_by_branch = [ - master: ['staging'], - release: ['prod'], - default: ['staging'], -] - -envs_by_branch[branch_like_master] = envs_by_branch.master -envs_by_branch[branch_like_release] = envs_by_branch.release - -branch_envs = getKey(envs_by_branch, githubBranch) - -sc_story = getStoryIdFromBranchName(githubBranch) - -def getKey (from = [:], key = 'default') { - return from[key] ?: from.default -} - -def getEphemeralsDeployMessage () { - def msg = [ - "πŸš€ *EfΓ­mero desplegado* πŸš€", - "", - "Github: " + repoName + "/" + githubBranch, - "\t${githubRepo}", - ]; - - if (sc_story) { - msg.push("\nShortcut: https://app.shortcut.com/aplazame/story/${sc_story}") - } else { - msg.push("⚠️ rama sin HU de Shortcut") - } - - msg.push("\nDemos:\n") - - branch_envs - .each({env -> - def ephe_subdomain = 'sc-' + sc_story + '-' + app + '-' + env - msg.push("- https://${ephe_subdomain}.demo.aplazame.org/") - }) - - return msg.join('\n') -} - -pipeline { - options { - skipDefaultCheckout() - disableConcurrentBuilds() - ansiColor('xterm') - } - - agent { - kubernetes { - yamlFile "jenkins/node.yaml" - } - } - - environment { - SHORTCUT_API_TOKEN = credentials('CLUBHOUSE_API_TOKEN') - APP_RELEASY = "webapp-apidocs" - SLACK_TOKEN = credentials('SLACK_TOKEN_FRONTEND') - SLACK_HOOK = "https://hooks.slack.com/services/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" - } - - stages { - stage('⭐') { - when { - anyOf { - changeRequest(target: 'master') - expression { githubBranch == 'master' } - expression { githubBranch == 'release' } - // branch 'master' // not working propertly when a PR is opened from this branch - // branch 'release' // not working propertly when a PR is opened from this branch - } - // not { - // tag "*" - // } - beforeAgent true - } - - stages { - - stage('Install βš™') { - environment { - AWS_PROFILE = "AplazameSharedServices" - } - - steps { - checkout scm - - container('node') { - sshagent(['ssh-github']) { - logEnvVars() - - sh "ssh-keyscan -t rsa github.com >> ~/.ssh/known_hosts" - - sh "make install" - } - } - } - } - - // stage('βœ… & πŸ“Š') { - // steps { - // container('node') { - // sshagent(['ssh-github']) { - // sh "npm run tests" - // } - // } - // } - // } - - stage('Build 🍳') { - environment { - AWS_PROFILE = "AplazameSharedServices" - } - - steps { - container('node') { - script { - branch_envs.each{env -> - sh "OUT_DIR=build/${env} make build" - } - } - } - } - } - - stage('Ephemerals πŸͺ£ S3') { - when { not { anyOf { - // { branch 'master' } not working propertly in PRs - expression { githubBranch == 'master' } - expression { githubBranch == branch_like_master } - expression { githubBranch == 'release' } - expression { githubBranch == branch_like_release } - } } } - steps { - container('node') { - script { - sh """ - load-config - export AWS_PROFILE=Aplazame - """ - - def first_deploy = !folderExistsInS3( - 's3://' + getKey(ephe_bucket_name_by_env, 'staging') + getKey(ephe_suffix_by_env, 'staging') + '/' + app + '/sc-' + sc_story - ) - - branch_envs.each { env -> - def s3_path = 's3://' + getKey(ephe_bucket_name_by_env, env) + getKey(ephe_suffix_by_env, env) + '/' + app + '/sc-' + sc_story - - echo "πŸš€ [[ deploying 'build/${env}' to '${s3_path}' ]] πŸͺ£" - uploadFolderToS3('build/' + env, s3_path, - acl: 'public-read', - files_no_cache: '*.html', - ) - } - - def message = getEphemeralsDeployMessage() - def curl_message = message.replaceAll('\\n', '\\\\n') - - if (first_deploy) { - sh (returnStdout: true, script: """ - curl -X POST https://api.app.shortcut.com/api/v3/stories/${sc_story}/comments \ - -H "Shortcut-Token: \$SHORTCUT_API_TOKEN" \ - -H "Content-Type: application/json" \ - -d '{ "text": "${curl_message}" }' - """.stripIndent()) - } - - if (first_deploy) { - slackSend( - failOnError: true, - color: '#8000FF', - channel: '#frontend-environments', - message: message, - username: "Jenkins CI", - ) - } - } - } - } - } - - stage('[master] πŸͺ£ S3') { - when { anyOf { - // { branch 'master' } not working propertly in PRs - expression { githubBranch == 'master' } - expression { githubBranch == branch_like_master } - } } - steps { - container('node') { - script { - branch_envs.each { env -> - def s3_path = 's3://' + getKey(bucket_name_by_env, env) - - echo "πŸš€ [[ deploying 'build/${env}' to '${s3_path}' ]] πŸͺ£" - def result = uploadFolderToS3('build/' + env, s3_path, - aws_profile: getKey(aws_profile_by_env, env), - files_no_cache: '*.html', - ) - } - } - } - } - } - - stage('[PROD] πŸͺ£ S3') { - when { anyOf { - // { branch 'release' } not working propertly in PRs - expression { githubBranch == 'release' } - expression { githubBranch == branch_like_release } - } } - steps { - container('node') { - script { - branch_envs.each { env -> - def s3_path = 's3://' + PROD_bucket_name - - echo "πŸš€ [[ deploying 'build/${env}' to '${s3_path}' ]] πŸͺ£" - def result = uploadFolderToS3('build/' + env, s3_path, - aws_profile: getKey(aws_profile_by_env, env), - files_no_cache: '*.html', - ) - } - } - } - } - } - - stage('Done 🀘') { - steps { - echo "That's all folks!!" - } - } - } - } - } -} diff --git a/jenkins/jenkins-sonar.yaml b/jenkins/jenkins-sonar.yaml deleted file mode 100644 index f1ca81e..0000000 --- a/jenkins/jenkins-sonar.yaml +++ /dev/null @@ -1,20 +0,0 @@ ---- -apiVersion: v1 -kind: Pod -metadata: - name: apptest -spec: - serviceAccountName: aplazame-appdeployer - serviceAccount: aplazame-appdeployer - securityContext: - fsGroup: 1000 - containers: - - name: sonar - image: 666356151544.dkr.ecr.eu-central-1.amazonaws.com/tools/sonar-scanner:4.6.2.2472_2 - imagePullPolicy: Always - tty: true - resources: - limits: - cpu: 1 - memory: 3Gi - restartPolicy: Never \ No newline at end of file diff --git a/jenkins/node.yaml b/jenkins/node.yaml deleted file mode 100644 index ac38dc0..0000000 --- a/jenkins/node.yaml +++ /dev/null @@ -1,21 +0,0 @@ -apiVersion: v1 -kind: Pod -metadata: -spec: - serviceAccount: aplazame-frontdeployer - securityContext: - fsGroup: 1000 - containers: - - name: node - image: 666356151544.dkr.ecr.eu-central-1.amazonaws.com/tools/node:16.14.0_v1 - imagePullPolicy: Always - command: - - cat - tty: true - resources: - requests: - memory: 4Gi - cpu: 2 - limits: - memory: 4Gi - cpu: 2 From bb39f106f9e16f7e0e1fa6bd193349f3baa0421b Mon Sep 17 00:00:00 2001 From: "Manuel Humberto Colonia Vela [NE]" Date: Wed, 21 Jan 2026 12:41:08 +0100 Subject: [PATCH 22/22] GHA: removed jenkinsfile #6 --- .github/workflows/apidoc-build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/apidoc-build.yml b/.github/workflows/apidoc-build.yml index fe939ce..20ee5c1 100644 --- a/.github/workflows/apidoc-build.yml +++ b/.github/workflows/apidoc-build.yml @@ -65,7 +65,7 @@ jobs: - name: Build Make run: make build - - name: Deploy to S3 Bucket ${{ env.ENVIRONMENT }} + - name: Deploy to S3 Bucket - ${{ github.ref_name }} run: | if [[ "${{ github.ref_name }}" == "master" || "${{ github.ref_name }}" == "release" ]]; then echo "Deploying to ${{ env.ENVIRONMENT }} S3 bucket: ${{ env.S3_BUCKET }}"