Skip to content

introduce ApiPlaceholder #2094

introduce ApiPlaceholder

introduce ApiPlaceholder #2094

name: Build and deploy
permissions:
id-token: write
deployments: write
packages: write
contents: write
actions: read
checks: read
pull-requests: write
statuses: read
on:
push:
branches:
- main
pull_request:
types: [opened, synchronize, reopened, closed]
branches:
- main
jobs:
build_and_test:
if: github.event_name == 'push' || (github.event_name == 'pull_request' && github.event.action != 'closed')
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: pnpm/action-setup@v4
with:
version: 9
- name: Install dependencies
run: pnpm install
- name: Run linters
run: pnpm lint
- name: Test and create coverage
run: pnpm coverage
- name: Upload coverage reports to Codecov
uses: codecov/codecov-action@v3
- name: Build for production
run: pnpm build:server
env:
NUXT_PUBLIC_APPLICATION_INSIGHTS: ${{ vars.NUXT_PUBLIC_APPLICATION_INSIGHTS }}
NUXT_PUBLIC_SENTRY_DSN: ${{ vars.NUXT_PUBLIC_SENTRY_DSN }}
- name: E2E testing
uses: cypress-io/github-action@v6
env:
CYPRESS_LOGIN_USERNAME: ${{ secrets.CYPRESS_LOGIN_USERNAME }}
CYPRESS_LOGIN_PASSWORD: ${{ secrets.CYPRESS_LOGIN_PASSWORD }}
with:
start: pnpm preview
wait-on: "http://localhost:9001"
- name: Upload cypress-videos
uses: actions/upload-artifact@v4
if: always()
with:
name: cypress-videos
path: cypress/videos
- name: Upload cypress-screenshots
uses: actions/upload-artifact@v4
if: always()
with:
name: cypress-screenshots
path: cypress/screenshots
- name: Archive production artifacts 'dist'
uses: actions/upload-artifact@v4
with:
name: dist
path: .output/public
include-hidden-files: true
- name: Archive code coverage results
uses: actions/upload-artifact@v4
with:
name: code-coverage-report
path: coverage
build_dotnet:
runs-on: ubuntu-latest
needs:
- build_and_test
steps:
- uses: actions/checkout@v3
- uses: actions/download-artifact@v4
with:
name: dist
path: dist
- name: Set up .NET Core
uses: actions/setup-dotnet@v1
with:
dotnet-version: "7.x"
include-prerelease: true
- name: dotnet build Release
run: dotnet build --configuration Release
- name: dotnet publish
run: dotnet publish -c Release -o ${{env.DOTNET_ROOT}}/myapp
- name: copy dist files
run: cp -r '${{ github.workspace }}/dist/.' '${{env.DOTNET_ROOT}}/myapp/wwwroot'
- uses: actions/upload-artifact@v4
with:
path: ${{env.DOTNET_ROOT}}/myapp
name: WebApp
include-hidden-files: true
deploy_azure_static_web_apps:
runs-on: ubuntu-latest
needs: build_and_test
name: Deploy to Azure Static Web Apps
environment: prod
env:
swa_id: /subscriptions/${{ vars.AZURE_SUBSCRIPTION_ID }}/resourceGroups/${{ vars.APP_SLUG }}-${{ vars.APP_ENV }}/providers/Microsoft.Web/staticSites/swa-${{ vars.APP_SLUG }}-frontend-${{ vars.APP_ENV }}
steps:
- name: Download production artifacts
uses: actions/download-artifact@v4
with:
name: dist
- name: Azure Login
uses: azure/login@v1
with:
client-id: ${{ vars.AZURE_CLIENT_ID }}
tenant-id: ${{ vars.AZURE_TENANT_ID }}
subscription-id: ${{ vars.AZURE_SUBSCRIPTION_ID }}
- name: Get Azure Token
uses: Azure/[email protected]
id: az_token
with:
inlineScript: |
AZ_TOKEN=$(az account get-access-token -o tsv --query 'accessToken')
echo "::add-mask::$AZ_TOKEN"
echo "token=$AZ_TOKEN" >> $GITHUB_OUTPUT
- name: Get Static Web App Token
id: swa_token
run: |
SWA_TOKEN=$(curl -H "Authorization: Bearer ${{ steps.az_token.outputs.token }}" -X POST https://management.azure.com${{ env.swa_id }}/listsecrets?api-version=2019-08-01 -d "" -s -S -f | jq -r '.properties.apiKey')
echo "::add-mask::$SWA_TOKEN"
echo "token=$SWA_TOKEN" >> $GITHUB_OUTPUT
- name: Deploy
uses: Azure/static-web-apps-deploy@v1
with:
azure_static_web_apps_api_token: ${{ steps.swa_token.outputs.token }}
repo_token: ${{ secrets.GITHUB_TOKEN }}
action: "upload"
###### Repository/Build Configurations - These values can be configured to match your app requirements. ######
# For more information regarding Static Web App workflow configurations, please visit: https://aka.ms/swaworkflowconfig
skip_app_build: true
app_location: "/"
output_location: ""
###### End of Repository/Build Configurations ######
env:
SKIP_DEPLOY_ON_MISSING_SECRETS: true
- name: Rotate Static Web App Token
if: always()
run: |
curl -H "Authorization: Bearer ${{ steps.az_token.outputs.token }}" -X POST https://management.azure.com${{ env.swa_id }}/resetapikey?api-version=2019-08-01 -d "" -s -S -f
remove_azure_static_web_apps_when_pr_closed:
if: github.event_name == 'pull_request' && github.event.action == 'closed'
runs-on: ubuntu-latest
name: Remove Azure Static Web App
environment: prod
env:
swa_id: /subscriptions/${{ vars.AZURE_SUBSCRIPTION_ID }}/resourceGroups/${{ vars.APP_SLUG }}-${{ vars.APP_ENV }}/providers/Microsoft.Web/staticSites/swa-${{ vars.APP_SLUG }}-frontend-${{ vars.APP_ENV }}
steps:
- name: Azure Login
uses: azure/login@v1
with:
client-id: ${{ vars.AZURE_CLIENT_ID }}
tenant-id: ${{ vars.AZURE_TENANT_ID }}
subscription-id: ${{ vars.AZURE_SUBSCRIPTION_ID }}
- name: Get Azure Token
uses: Azure/[email protected]
id: az_token
with:
inlineScript: |
AZ_TOKEN=$(az account get-access-token -o tsv --query 'accessToken')
echo "::add-mask::$AZ_TOKEN"
echo "token=$AZ_TOKEN" >> $GITHUB_OUTPUT
- name: Get Static Web App Token
id: swa_token
run: |
SWA_TOKEN=$(curl -H "Authorization: Bearer ${{ steps.az_token.outputs.token }}" -X POST https://management.azure.com${{ env.swa_id }}/listsecrets?api-version=2019-08-01 -d "" -s -S -f | jq -r '.properties.apiKey')
echo "::add-mask::$SWA_TOKEN"
echo "token=$SWA_TOKEN" >> $GITHUB_OUTPUT
- name: Remove the Azure Static Web App
uses: Azure/static-web-apps-deploy@v1
with:
azure_static_web_apps_api_token: ${{ steps.swa_token.outputs.token }}
repo_token: ${{ secrets.GITHUB_TOKEN }}
app_location: "/"
action: "close"
- name: Rotate Static Web App Token
if: always()
run: |
curl -H "Authorization: Bearer ${{ steps.az_token.outputs.token }}" -X POST https://management.azure.com${{ env.swa_id }}/resetapikey?api-version=2019-08-01 -d "" -s -S -f
build-electron-app:
if: github.event.action != 'closed'
uses: ./.github/workflows/electron.yml
secrets: inherit
deploy_prod:
if: github.ref == 'refs/heads/main'
runs-on: ubuntu-latest
needs: build_dotnet
environment:
name: "prod"
url: ${{ steps.deploy-to-webapp.outputs.webapp-url }}
permissions:
id-token: write #This is required for requesting the JWT
env:
Api.BaseUrl: https://bmm-api.brunstad.org
steps:
- name: Download artifact from build job
uses: actions/download-artifact@v4
with:
name: WebApp
- name: Login to Azure
uses: azure/login@v1
with:
client-id: ${{ secrets.AZUREAPPSERVICE_CLIENTID_C590D9739DEB48E7BA41625D66F27E36 }}
tenant-id: ${{ secrets.AZUREAPPSERVICE_TENANTID_A32CD6483CB445F297444070FE5EF919 }}
subscription-id: ${{ secrets.AZUREAPPSERVICE_SUBSCRIPTIONID_DB4176995538469B9FA4C19882AD1779 }}
- name: debug
run: ls -la
- uses: microsoft/variable-substitution@v1
with:
files: "appsettings.json"
- name: Deploy to Azure Web App
id: deploy-to-webapp
uses: azure/webapps-deploy@v2
with:
app-name: "PROD-BMM-Web"
slot-name: "Production"
package: .
deploy_int:
if: github.ref == 'refs/heads/main'
runs-on: ubuntu-latest
needs: build_dotnet
environment:
name: "Production"
url: ${{ steps.deploy-to-webapp-int.outputs.webapp-url }}
permissions:
id-token: write #This is required for requesting the JWT
env:
Api.BaseUrl: https://int-bmm-api.brunstad.org
steps:
- name: Download artifact from build job
uses: actions/download-artifact@v4
with:
name: WebApp
- name: Login to Azure
uses: azure/login@v2
with:
client-id: ${{ secrets.AZUREAPPSERVICE_CLIENTID_FC3514582EAC4AA58F660DDED58E18CD }}
tenant-id: ${{ secrets.AZUREAPPSERVICE_TENANTID_79CAD2F981C94DA0AF6A512047D4235F }}
subscription-id: ${{ secrets.AZUREAPPSERVICE_SUBSCRIPTIONID_261A68B4000D4EECBCBFF4E3FF3C84F9 }}
- uses: microsoft/variable-substitution@v1
with:
files: "appsettings.json"
- name: Deploy to Azure Web App
id: deploy-to-webapp-int
uses: azure/webapps-deploy@v3
with:
app-name: "INT-BMM-Web"
slot-name: "Production"
package: .