Skip to content

Deployment triggered by push / asottile-sentry #537

Deployment triggered by push / asottile-sentry

Deployment triggered by push / asottile-sentry #537

Workflow file for this run

name: Deploy to Google App Engine upon commit to master branch and on schedule at midnight UTC
run-name: Deployment triggered by ${{ github.event_name }} / ${{ github.actor }}
on:
push:
branches:
- 'master'
schedule:
- cron: '40 3 * * *' # every day at 8:40pm PDT / 5:40am GMT+2
# see https://docs.github.com/en/actions/using-workflows/events-that-trigger-workflows#schedule
workflow_dispatch:
# Only run 1 workflow at a time. If new one starts abort any that are already running.
concurrency:
group: ${{ github.workflow }}
cancel-in-progress: true
jobs:
default-job:
if: github.repository_owner == 'sentry-demos' # don't run in forks
permissions:
contents: 'read'
id-token: 'write'
runs-on: ubuntu-22.04
steps:
- run: |
SENTRY_CRON='https://o87286.ingest.sentry.io/api/4505620224540672/cron/auto-deploy/21b95d7975af21218dd7c14f1e48e193/'
curl "$SENTRY_CRON?status=in_progress"
echo "SENTRY_CRON=$SENTRY_CRON" >> "$GITHUB_ENV"
- run: echo "Triggered by ${{ github.event_name }} event."
- run: echo "Branch is ${{ github.ref }}"
- name: Check out this repository code
uses: actions/checkout@v3
with:
path: empower
fetch-depth: 0
- name: Check out `empower-config` to get env-config
uses: actions/checkout@v3
with:
repository: sentry-demos/empower-config
path: empower-config
token: ${{ secrets.KOSTY_PERSONAL_ACCESS_TOKEN_FOR_SYNC_DEPLOY_FORK }}
- name: Install Node
uses: actions/setup-node@v3
with:
node-version: '16'
- name: Setup Sentry CLI
uses: mathieu-bour/[email protected]
with:
version: 2.17.4
token: ${{ SECRETS.SENTRY_AUTH_TOKEN }} # from GitHub secrets
- name: Get commit SHA that was last successfully deployed
uses: nrwl/[email protected]
with:
main-branch-name: master
error-on-no-successful-workflow: false
working-directory: ./empower
# Test previous step worked
- run: |
echo "BASE: ${{ env.NX_BASE }}"
echo "HEAD: ${{ env.NX_HEAD }}"
- name: Run tests
run: |
npm install
npm test -- --coverage
working-directory: ./empower/react
- name: Run Python Tests
run: |
pip install -U pytest
pip install pytest-codecov
pytest --cov=. --cov-report=xml
working-directory: ./empower/flask/src
- name: Upload coverage reports to Codecov
uses: codecov/codecov-action@v3
with:
token: ${{ secrets.CODECOV_TOKEN }}
- name: Get GCP_ env variables from empower-config/.gcloudrc
run: |
source empower-config/.gcloudrc
echo "GCP_WORKLOAD_IDENTITY_PROVIDER=$GCP_WORKLOAD_IDENTITY_PROVIDER" >> $GITHUB_OUTPUT
echo "GCP_SERVICE_ACCOUNT=$GCP_SERVICE_ACCOUNT" >> $GITHUB_OUTPUT
id: gcloudrc
- id: 'auth'
name: 'Authenticate Google Cloud'
uses: 'google-github-actions/auth@v0'
with:
workload_identity_provider: ${{ steps.gcloudrc.outputs.GCP_WORKLOAD_IDENTITY_PROVIDER }}
service_account: ${{ steps.gcloudrc.outputs.GCP_SERVICE_ACCOUNT }}
- name: 'Set up Google Cloud SDK'
uses: 'google-github-actions/setup-gcloud@v0'
- name: Get env-config/production.env from empower-config
run: cp empower-config/production.env empower/env-config/
- name: Deploy to production
run: |
CHANGED_PROJECTS=$(./bin/projects_changed_bw_commits.sh "${{ env.NX_BASE }}" "${{ env.NX_HEAD }}")
if [[ ! -z "$CHANGED_PROJECTS" ]]; then
./deploy.sh $CHANGED_PROJECTS --env=production
elif [[ `./bin/release.sh` != `./bin/release.sh 1` ]]; then # different release than yesterday
# currently we create regular calendar releases only for React
./deploy.sh react --env=production
else
echo "No deployable projects have been changed since last successful deployment. New calendar release is not due either. Nothing to do."
fi
working-directory: ./empower
- run: echo "Job status is ${{ job.status }}."
- name: Report success to Cron monitor (demo/empower-github-workflows)
run: curl "${{ env.SENTRY_CRON }}?status=ok"
# 'if: always()' ensures step is run even if earlier step failed
- name: Report error to Cron monitor (demo/empower-github-workflows)
if: always() && job.status == 'failure'
run: curl "${{ env.SENTRY_CRON }}?status=error"