introduce ApiPlaceholder #2094
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Build and deploy | |
permissions: | |
id-token: write | |
deployments: write | |
packages: write | |
contents: write | |
actions: read | |
checks: read | |
pull-requests: write | |
statuses: read | |
on: | |
push: | |
branches: | |
- main | |
pull_request: | |
types: [opened, synchronize, reopened, closed] | |
branches: | |
- main | |
jobs: | |
build_and_test: | |
if: github.event_name == 'push' || (github.event_name == 'pull_request' && github.event.action != 'closed') | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v3 | |
- uses: pnpm/action-setup@v4 | |
with: | |
version: 9 | |
- name: Install dependencies | |
run: pnpm install | |
- name: Run linters | |
run: pnpm lint | |
- name: Test and create coverage | |
run: pnpm coverage | |
- name: Upload coverage reports to Codecov | |
uses: codecov/codecov-action@v3 | |
- name: Build for production | |
run: pnpm build:server | |
env: | |
NUXT_PUBLIC_APPLICATION_INSIGHTS: ${{ vars.NUXT_PUBLIC_APPLICATION_INSIGHTS }} | |
NUXT_PUBLIC_SENTRY_DSN: ${{ vars.NUXT_PUBLIC_SENTRY_DSN }} | |
- name: E2E testing | |
uses: cypress-io/github-action@v6 | |
env: | |
CYPRESS_LOGIN_USERNAME: ${{ secrets.CYPRESS_LOGIN_USERNAME }} | |
CYPRESS_LOGIN_PASSWORD: ${{ secrets.CYPRESS_LOGIN_PASSWORD }} | |
with: | |
start: pnpm preview | |
wait-on: "http://localhost:9001" | |
- name: Upload cypress-videos | |
uses: actions/upload-artifact@v4 | |
if: always() | |
with: | |
name: cypress-videos | |
path: cypress/videos | |
- name: Upload cypress-screenshots | |
uses: actions/upload-artifact@v4 | |
if: always() | |
with: | |
name: cypress-screenshots | |
path: cypress/screenshots | |
- name: Archive production artifacts 'dist' | |
uses: actions/upload-artifact@v4 | |
with: | |
name: dist | |
path: .output/public | |
include-hidden-files: true | |
- name: Archive code coverage results | |
uses: actions/upload-artifact@v4 | |
with: | |
name: code-coverage-report | |
path: coverage | |
build_dotnet: | |
runs-on: ubuntu-latest | |
needs: | |
- build_and_test | |
steps: | |
- uses: actions/checkout@v3 | |
- uses: actions/download-artifact@v4 | |
with: | |
name: dist | |
path: dist | |
- name: Set up .NET Core | |
uses: actions/setup-dotnet@v1 | |
with: | |
dotnet-version: "7.x" | |
include-prerelease: true | |
- name: dotnet build Release | |
run: dotnet build --configuration Release | |
- name: dotnet publish | |
run: dotnet publish -c Release -o ${{env.DOTNET_ROOT}}/myapp | |
- name: copy dist files | |
run: cp -r '${{ github.workspace }}/dist/.' '${{env.DOTNET_ROOT}}/myapp/wwwroot' | |
- uses: actions/upload-artifact@v4 | |
with: | |
path: ${{env.DOTNET_ROOT}}/myapp | |
name: WebApp | |
include-hidden-files: true | |
deploy_azure_static_web_apps: | |
runs-on: ubuntu-latest | |
needs: build_and_test | |
name: Deploy to Azure Static Web Apps | |
environment: prod | |
env: | |
swa_id: /subscriptions/${{ vars.AZURE_SUBSCRIPTION_ID }}/resourceGroups/${{ vars.APP_SLUG }}-${{ vars.APP_ENV }}/providers/Microsoft.Web/staticSites/swa-${{ vars.APP_SLUG }}-frontend-${{ vars.APP_ENV }} | |
steps: | |
- name: Download production artifacts | |
uses: actions/download-artifact@v4 | |
with: | |
name: dist | |
- name: Azure Login | |
uses: azure/login@v1 | |
with: | |
client-id: ${{ vars.AZURE_CLIENT_ID }} | |
tenant-id: ${{ vars.AZURE_TENANT_ID }} | |
subscription-id: ${{ vars.AZURE_SUBSCRIPTION_ID }} | |
- name: Get Azure Token | |
uses: Azure/[email protected] | |
id: az_token | |
with: | |
inlineScript: | | |
AZ_TOKEN=$(az account get-access-token -o tsv --query 'accessToken') | |
echo "::add-mask::$AZ_TOKEN" | |
echo "token=$AZ_TOKEN" >> $GITHUB_OUTPUT | |
- name: Get Static Web App Token | |
id: swa_token | |
run: | | |
SWA_TOKEN=$(curl -H "Authorization: Bearer ${{ steps.az_token.outputs.token }}" -X POST https://management.azure.com${{ env.swa_id }}/listsecrets?api-version=2019-08-01 -d "" -s -S -f | jq -r '.properties.apiKey') | |
echo "::add-mask::$SWA_TOKEN" | |
echo "token=$SWA_TOKEN" >> $GITHUB_OUTPUT | |
- name: Deploy | |
uses: Azure/static-web-apps-deploy@v1 | |
with: | |
azure_static_web_apps_api_token: ${{ steps.swa_token.outputs.token }} | |
repo_token: ${{ secrets.GITHUB_TOKEN }} | |
action: "upload" | |
###### Repository/Build Configurations - These values can be configured to match your app requirements. ###### | |
# For more information regarding Static Web App workflow configurations, please visit: https://aka.ms/swaworkflowconfig | |
skip_app_build: true | |
app_location: "/" | |
output_location: "" | |
###### End of Repository/Build Configurations ###### | |
env: | |
SKIP_DEPLOY_ON_MISSING_SECRETS: true | |
- name: Rotate Static Web App Token | |
if: always() | |
run: | | |
curl -H "Authorization: Bearer ${{ steps.az_token.outputs.token }}" -X POST https://management.azure.com${{ env.swa_id }}/resetapikey?api-version=2019-08-01 -d "" -s -S -f | |
remove_azure_static_web_apps_when_pr_closed: | |
if: github.event_name == 'pull_request' && github.event.action == 'closed' | |
runs-on: ubuntu-latest | |
name: Remove Azure Static Web App | |
environment: prod | |
env: | |
swa_id: /subscriptions/${{ vars.AZURE_SUBSCRIPTION_ID }}/resourceGroups/${{ vars.APP_SLUG }}-${{ vars.APP_ENV }}/providers/Microsoft.Web/staticSites/swa-${{ vars.APP_SLUG }}-frontend-${{ vars.APP_ENV }} | |
steps: | |
- name: Azure Login | |
uses: azure/login@v1 | |
with: | |
client-id: ${{ vars.AZURE_CLIENT_ID }} | |
tenant-id: ${{ vars.AZURE_TENANT_ID }} | |
subscription-id: ${{ vars.AZURE_SUBSCRIPTION_ID }} | |
- name: Get Azure Token | |
uses: Azure/[email protected] | |
id: az_token | |
with: | |
inlineScript: | | |
AZ_TOKEN=$(az account get-access-token -o tsv --query 'accessToken') | |
echo "::add-mask::$AZ_TOKEN" | |
echo "token=$AZ_TOKEN" >> $GITHUB_OUTPUT | |
- name: Get Static Web App Token | |
id: swa_token | |
run: | | |
SWA_TOKEN=$(curl -H "Authorization: Bearer ${{ steps.az_token.outputs.token }}" -X POST https://management.azure.com${{ env.swa_id }}/listsecrets?api-version=2019-08-01 -d "" -s -S -f | jq -r '.properties.apiKey') | |
echo "::add-mask::$SWA_TOKEN" | |
echo "token=$SWA_TOKEN" >> $GITHUB_OUTPUT | |
- name: Remove the Azure Static Web App | |
uses: Azure/static-web-apps-deploy@v1 | |
with: | |
azure_static_web_apps_api_token: ${{ steps.swa_token.outputs.token }} | |
repo_token: ${{ secrets.GITHUB_TOKEN }} | |
app_location: "/" | |
action: "close" | |
- name: Rotate Static Web App Token | |
if: always() | |
run: | | |
curl -H "Authorization: Bearer ${{ steps.az_token.outputs.token }}" -X POST https://management.azure.com${{ env.swa_id }}/resetapikey?api-version=2019-08-01 -d "" -s -S -f | |
build-electron-app: | |
if: github.event.action != 'closed' | |
uses: ./.github/workflows/electron.yml | |
secrets: inherit | |
deploy_prod: | |
if: github.ref == 'refs/heads/main' | |
runs-on: ubuntu-latest | |
needs: build_dotnet | |
environment: | |
name: "prod" | |
url: ${{ steps.deploy-to-webapp.outputs.webapp-url }} | |
permissions: | |
id-token: write #This is required for requesting the JWT | |
env: | |
Api.BaseUrl: https://bmm-api.brunstad.org | |
steps: | |
- name: Download artifact from build job | |
uses: actions/download-artifact@v4 | |
with: | |
name: WebApp | |
- name: Login to Azure | |
uses: azure/login@v1 | |
with: | |
client-id: ${{ secrets.AZUREAPPSERVICE_CLIENTID_C590D9739DEB48E7BA41625D66F27E36 }} | |
tenant-id: ${{ secrets.AZUREAPPSERVICE_TENANTID_A32CD6483CB445F297444070FE5EF919 }} | |
subscription-id: ${{ secrets.AZUREAPPSERVICE_SUBSCRIPTIONID_DB4176995538469B9FA4C19882AD1779 }} | |
- name: debug | |
run: ls -la | |
- uses: microsoft/variable-substitution@v1 | |
with: | |
files: "appsettings.json" | |
- name: Deploy to Azure Web App | |
id: deploy-to-webapp | |
uses: azure/webapps-deploy@v2 | |
with: | |
app-name: "PROD-BMM-Web" | |
slot-name: "Production" | |
package: . | |
deploy_int: | |
if: github.ref == 'refs/heads/main' | |
runs-on: ubuntu-latest | |
needs: build_dotnet | |
environment: | |
name: "Production" | |
url: ${{ steps.deploy-to-webapp-int.outputs.webapp-url }} | |
permissions: | |
id-token: write #This is required for requesting the JWT | |
env: | |
Api.BaseUrl: https://int-bmm-api.brunstad.org | |
steps: | |
- name: Download artifact from build job | |
uses: actions/download-artifact@v4 | |
with: | |
name: WebApp | |
- name: Login to Azure | |
uses: azure/login@v2 | |
with: | |
client-id: ${{ secrets.AZUREAPPSERVICE_CLIENTID_FC3514582EAC4AA58F660DDED58E18CD }} | |
tenant-id: ${{ secrets.AZUREAPPSERVICE_TENANTID_79CAD2F981C94DA0AF6A512047D4235F }} | |
subscription-id: ${{ secrets.AZUREAPPSERVICE_SUBSCRIPTIONID_261A68B4000D4EECBCBFF4E3FF3C84F9 }} | |
- uses: microsoft/variable-substitution@v1 | |
with: | |
files: "appsettings.json" | |
- name: Deploy to Azure Web App | |
id: deploy-to-webapp-int | |
uses: azure/webapps-deploy@v3 | |
with: | |
app-name: "INT-BMM-Web" | |
slot-name: "Production" | |
package: . |