More deploy changes #944
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Deploy | |
| on: | |
| push: | |
| branches: | |
| - main | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.ref }} | |
| jobs: | |
| build-app: | |
| name: Build app π | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 10 | |
| steps: | |
| - uses: actions/checkout@v3 | |
| - uses: ./.github/workflows/actions/prepare | |
| - run: pnpm exec prisma generate --no-engine | |
| - uses: ./.github/workflows/actions/type-check-with-cache | |
| - run: pnpm --filter app run build | |
| - uses: actions/upload-artifact@v3 | |
| with: | |
| name: build-app | |
| path: app/build | |
| deploy-packages: | |
| name: Deploy updated packages π¦ | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 5 | |
| steps: | |
| - uses: actions/checkout@v3 | |
| - uses: ./.github/workflows/actions/prepare | |
| - uses: ./.github/workflows/actions/type-check-with-cache | |
| - run: pnpm --filter "@watching/*" run build | |
| - name: Deploy updated packages | |
| run: | | |
| echo //registry.npmjs.org/:_authToken=${NPM_TOKEN} > .npmrc | |
| pnpm run packages.deploy --no-git-checks | |
| env: | |
| NPM_TOKEN: ${{ secrets.NPM_TOKEN }} | |
| deploy-cloudflare-assets: | |
| name: Deploy assets to Cloudflare π₯ | |
| needs: [build-app] | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 5 | |
| steps: | |
| - uses: actions/checkout@v3 | |
| - uses: actions/download-artifact@v3 | |
| with: | |
| name: build-app | |
| path: app/build | |
| - run: ls -R | |
| - name: Configure R2 credentials for AWS CLI | |
| run: | | |
| aws configure set region us-east-1 | |
| aws configure set aws_access_key_id ${{ secrets.CLOUDFLARE_R2_ACCESS_KEY_ID }} | |
| aws configure set aws_secret_access_key ${{ secrets.CLOUDFLARE_R2_ACCESS_KEY_SECRET }} | |
| - name: Sync app assets to R2 | |
| run: | | |
| aws s3 sync ./app/build/assets/ s3://watch-assets/assets/ --endpoint-url https://9bfdb755def60e50760e33036c6f1624.r2.cloudflarestorage.com --cache-control "public, max-age=31536000, immutable" | |
| deploy-cloudflare-workers: | |
| name: Deploy to Cloudflare π₯ | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 5 | |
| strategy: | |
| matrix: | |
| worker: | |
| - images | |
| - clips-upload | |
| - metrics | |
| - stripe | |
| - tmdb-refresher | |
| - tmdb-refresher-scheduler | |
| steps: | |
| - uses: actions/checkout@v3 | |
| - uses: ./.github/workflows/actions/prepare | |
| - run: pnpm exec prisma generate --no-engine | |
| - uses: ./.github/workflows/actions/type-check-with-cache | |
| - run: pnpm --filter ${{ matrix.worker }} run build | |
| - run: pnpm --filter ${{ matrix.worker }} run deploy | |
| env: | |
| CLOUDFLARE_API_TOKEN: ${{ secrets.CLOUDFLARE_API_TOKEN }} | |
| deploy-fly: | |
| name: Deploy to Fly.io π¦ | |
| needs: [build-app] | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 10 | |
| steps: | |
| - uses: actions/checkout@v3 | |
| - uses: ./.github/workflows/actions/prepare | |
| - uses: actions/download-artifact@v3 | |
| with: | |
| name: build-app | |
| path: app/build | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v2 | |
| with: | |
| version: v0.9.1 | |
| - name: Cache Docker layers | |
| uses: actions/cache@v3 | |
| with: | |
| path: /tmp/.buildx-cache | |
| key: ${{ runner.os }}-buildx-${{ github.sha }} | |
| restore-keys: | | |
| ${{ runner.os }}-buildx- | |
| - name: Authenticate with Fly container registry | |
| uses: docker/login-action@v2 | |
| with: | |
| registry: registry.fly.io | |
| username: x | |
| password: ${{ secrets.FLY_API_TOKEN }} | |
| - name: Docker build | |
| uses: docker/build-push-action@v3 | |
| with: | |
| context: . | |
| file: app/Dockerfile | |
| push: true | |
| tags: registry.fly.io/watch-test-app:${{ github.ref_name }}-${{ github.sha }} | |
| build-args: | | |
| COMMIT_SHA=${{ github.sha }} | |
| cache-from: type=local,src=/tmp/.buildx-cache | |
| cache-to: type=local,mode=max,dest=/tmp/.buildx-cache-new | |
| # This ugly bit is necessary if you don't want your cache to grow forever | |
| # till it hits GitHub's limit of 5GB. | |
| # Temp fix | |
| # https://github.com/docker/build-push-action/issues/252 | |
| # https://github.com/moby/buildkit/issues/1896 | |
| - name: Move Docker cache | |
| run: | | |
| rm -rf /tmp/.buildx-cache | |
| mv /tmp/.buildx-cache-new /tmp/.buildx-cache | |
| - name: Deploy application code to Fly.io | |
| uses: superfly/[email protected] | |
| with: | |
| args: 'deploy --config app/configuration/fly.toml --image registry.fly.io/watch-test-app:${{ github.ref_name }}-${{ github.sha }}' | |
| env: | |
| FLY_API_TOKEN: ${{ secrets.FLY_API_TOKEN }} | |
| deploy-cloudflare-router: | |
| name: Deploy router to Cloudflare π₯ | |
| needs: | |
| - deploy-fly | |
| - deploy-cloudflare-assets | |
| - deploy-cloudflare-workers | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 5 | |
| steps: | |
| - uses: actions/checkout@v3 | |
| - uses: ./.github/workflows/actions/prepare | |
| - uses: actions/download-artifact@v3 | |
| with: | |
| name: build-app | |
| path: app/build | |
| - run: pnpm --filter router run build | |
| # TODO: you can get in a weird state where the app server might send pages with | |
| # new queries before the router is updated, and before we do this push. Going to | |
| # just leave it in place until I can bring persisted queries into the app server. | |
| - run: pnpm run typescript.run ./scripts/cloudflare/put-graphql-persisted-operations.ts | |
| env: | |
| CLOUDFLARE_API_TOKEN: ${{ secrets.CLOUDFLARE_API_TOKEN }} | |
| - run: pnpm --filter router run deploy | |
| env: | |
| CLOUDFLARE_API_TOKEN: ${{ secrets.CLOUDFLARE_API_TOKEN }} |