From 0eb1d106542d02c6319abc4a16e48b64c1435250 Mon Sep 17 00:00:00 2001 From: Benjamin Rasmussen Date: Fri, 13 Sep 2024 10:18:02 +0200 Subject: [PATCH] Optimizing GH actions, to use less minutes. (WIP) We can use `.lagoon.yml` to set up a GH deployment, that we can use to listen for in GH actions. This is an alternative to us spending a lot of GH minutes just waiting for the site to become available. As the `@todo`'s say, this needs some work, as I'm unsure how to use secrets and get around `set -e` as part of the deployment. **I'm looking for input for this :)** Ontop of that, also setting up `concurrency` rules to `ci-tests`, so if a second push is made, we cancel the old and unrelated workflow. --- .github/workflows/ci-tests.yml | 20 +++++ .github/workflows/lagoon-tests.yml | 16 ++++ .github/workflows/lagoon.yml | 130 ----------------------------- .lagoon.yml | 24 ++++++ 4 files changed, 60 insertions(+), 130 deletions(-) create mode 100644 .github/workflows/lagoon-tests.yml delete mode 100644 .github/workflows/lagoon.yml diff --git a/.github/workflows/ci-tests.yml b/.github/workflows/ci-tests.yml index 0ce56d467..9b4f08082 100644 --- a/.github/workflows/ci-tests.yml +++ b/.github/workflows/ci-tests.yml @@ -5,7 +5,27 @@ env: PHP_VERSION: 8.1 COMPOSER_VERSION: v2 +# Detect if this action is already running, and cancel it. +# This most likely happened because a second push has been made to a branch. +concurrency: + group: ${{ github.repository_id }}-${{ github.workflow }}-${{ github.ref }} + cancel-in-progress: true + jobs: + BranchNameLength: + name: Check branch length + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@v4 + - name: Ensure branch name length + uses: lekterable/branchlint-action@2.1.0 + if: github.ref_type == 'branch' || github.ref_type == 'pull_request' + with: + allowed: | + /^.{1,100}$/ + errorMessage: 'Branch name too long. This cannot be deployed to Lagoon.' + ValidateComposer: name: Validate Composer runs-on: ubuntu-latest diff --git a/.github/workflows/lagoon-tests.yml b/.github/workflows/lagoon-tests.yml new file mode 100644 index 000000000..4c6c0d8cf --- /dev/null +++ b/.github/workflows/lagoon-tests.yml @@ -0,0 +1,16 @@ +--- +name: "Tests of deployment" + +on: + deployment_status + +# @todo - this action does nothing useful right now, but it is to show that +# the site URL is available as part of deployment_status. +jobs: + tests: + if: github.event.deployment_status.state == 'success' + runs-on: ubuntu-latest + steps: + - run: echo "$URL" + env: + URL: ${{ github.event.deployment_status.target_url }} diff --git a/.github/workflows/lagoon.yml b/.github/workflows/lagoon.yml deleted file mode 100644 index a0641913c..000000000 --- a/.github/workflows/lagoon.yml +++ /dev/null @@ -1,130 +0,0 @@ -on: - pull_request: - # We have two groups of jobs in this workflow that reacts on actions: - # - # 1. We update the status of a Github Deployment on: - # - opened - # - synchronize - # - reopened - # - closed - # - # 2. We forward all events to lagoon via InformLagoon - types: [ opened, synchronize, reopened, closed, edited ] -name: Lagoon integration - -env: - LAGOON_HOST: "dplplat01.dpl.reload.dk" - LAGOON_PROJECT: "dpl-cms" - -jobs: - BranchNameLength: - name: Check branch length - runs-on: ubuntu-latest - steps: - - name: Checkout - uses: actions/checkout@v4 - - name: Ensure branch name length - uses: lekterable/branchlint-action@2.1.0 - if: github.ref_type == 'branch' || github.ref_type == 'pull_request' - with: - allowed: | - /^.{1,100}$/ - errorMessage: 'Branch name too long. This cannot be deployed to Lagoon.' - - CheckEnvironment: - name: Check environment - runs-on: ubuntu-latest - if: ${{ github.event.action == 'opened' || github.event.action == 'reopened' || github.event.action == 'synchronize' }} - needs: [BranchNameLength] - permissions: - # Give the default GITHUB_TOKEN permission to create and update deployments - deployments: write - steps: - - name: Generate environment data - id: environment - run: | - echo ::set-output name=id::pr-${{github.event.number}} - echo ::set-output name=url::'https://varnish.pr-${{github.event.number}}.${{ env.LAGOON_PROJECT }}.${{ env.LAGOON_HOST }}/' - echo ::set-output name=logs::'https://ui.lagoon.${{ env.LAGOON_HOST }}/projects/${{ env.LAGOON_PROJECT }}/${{ env.LAGOON_PROJECT }}-pr-${{github.event.number}}/deployments' - - name: Start deployment - uses: bobheadxi/deployments@v1.5.0 - id: deployment - with: - step: start - token: ${{ secrets.GITHUB_TOKEN }} - env: ${{ steps.environment.outputs.id }} - ref: ${{ github.head_ref }} - logs: ${{ steps.environment.outputs.logs }} - debug: ${{ runner.debug && 'true' || 'false' }} - - name: Generate wait-on config - # Retrieval of Let's Encrypt certificate sometimes fail in Lagoon. - # In this case a self-signed certificate will be used. Allow this. - run: | - echo "{\"strictSSL\": false}" > $RUNNER_TEMP/wait-on.config.json - - name: Wait for environment to become available - uses: iFaxity/wait-on-action@v1.1.0 - with: - resource: ${{ steps.environment.outputs.url }} - # Time in ms. Wait for 20 mins for deployment to complete. We have - # seen deployments taking up to 17 mins. - timeout: 1200000 - # Poll every 10 seconds. For whatever reason Lagoon environments may - # return 200 during the deployment process even though the deployment - # is not complete. Reduce polling interval to the risk of this - # happening. - interval: 10000 - config: ${{ runner.temp }}/wait-on.config.json - - name: Finish deployment - if: always() - uses: bobheadxi/deployments@v1.5.0 - with: - step: finish - token: ${{ secrets.GITHUB_TOKEN }} - status: ${{ job.status }} - deployment_id: ${{ steps.deployment.outputs.deployment_id }} - env: ${{ steps.deployment.outputs.env }} - env_url: ${{ steps.environment.outputs.url }} - logs: ${{ steps.environment.outputs.logs }} - debug: ${{ runner.debug && 'true' || 'false' }} - - CloseEnvironment: - name: Close environment - runs-on: ubuntu-latest - if: ${{ github.event.action == 'closed' }} - permissions: - # Give the default GITHUB_TOKEN permission to close deployments. - deployments: write - steps: - - name: Generate environment data - id: environment - run: | - echo ::set-output name=id::pr-${{github.event.number}} - - name: Close environment - uses: bobheadxi/deployments@v1.5.0 - with: - step: deactivate-env - token: ${{ secrets.GITHUB_TOKEN }} - env: ${{ steps.environment.outputs.id }} - debug: ${{ runner.debug && 'true' || 'false' }} - - # We only permit the integration with Lagoon to run if the user is - # authorized. This saves on resources and ensures we only spin up sites for - # legitimate contributions. - # The integration is controlled by creating synthetic events related to select - # pull-request events, and send them to Lagoon. - # - # The job expects the following secrets: - # LAGOON_WEBHOOK_URL: The url events are to be delivered to - # LAGOON_WEBHOOK_SECRET: Shared lagoon webhook secret - # - InformLagoon: - name: Send synthetic event to Lagoon - runs-on: ubuntu-latest - needs: [BranchNameLength] - steps: - - name: Send pull request event - uses: distributhor/workflow-webhook@v3 - env: - webhook_url: ${{ secrets.LAGOON_WEBHOOK_URL }} - webhook_secret: ${{ secrets.LAGOON_WEBHOOK_SECRET }} - webhook_type: 'json-extended' diff --git a/.lagoon.yml b/.lagoon.yml index 9f525fd5a..a42b5ad78 100644 --- a/.lagoon.yml +++ b/.lagoon.yml @@ -4,9 +4,21 @@ project: dpl-cms-core ssh: 20.238.147.183:22 api: https://api.lagoon.dplplat01.dpl.reload.dk/graphql +environment_variables: + git_sha: 'true' tasks: post-rollout: + - run: + name: Create new GH deployment + command: | + # @TODO Where can i place the token as a secret? + export GH_DEPLOYMENT_TOKEN = 'XXX'; + export GH_DEPLOYMENT_ID = $(curl -L \ + -X POST \ + -H "Authorization: Bearer $GH_DEPLOYMENT_TOKEN" \ + https://api.github.com/repos/danskernesdigitalebibliotek/dpl-cms/deployments \ + -d '{"ref":"$LAGOON_GIT_SHA","description":"Triggered by Lagoon"}'); - run: name: If drupal is not installed command: | @@ -92,7 +104,19 @@ tasks: set -e drush en -y dpl_example_content service: cli + # @TODO How do we run this, even if something has gone wrong? + - run: + name: Setting Deployment status + command: | + # @TODO How do we set this to 'failure', if something has gone wrong? + DEPLOYMENT_STATUS="success"; + DRUPAL_URL=$(drush browse); + export GH_DEPLOYMENT_ID = $(curl -L \ + -X POST \ + -H "Authorization: Bearer $GH_DEPLOYMENT_TOKEN" \ + https://api.github.com/repos/danskernesdigitalebibliotek/dpl-cms/deployments/$GH_DEPLOYMENT_ID/statuses \ + -d '{"environment":"$LAGOON_GIT_SHA","state":"$DEPLOYMENT_STATUS", "target_url":"$DRUPAL_URL"}'); environments: main: cronjobs: