From 8a293f5b0def5d66f02434dd11d4bf1d29c3c555 Mon Sep 17 00:00:00 2001 From: Callum Morris Date: Mon, 12 May 2025 09:46:26 +1200 Subject: [PATCH 1/3] feat: split up workflow into dev and prod Includes adding pushing to dev ECR --- .github/workflows/build.yml | 22 ++++++++++++++-------- .github/workflows/dev.yml | 17 +++++++++++++++++ .github/workflows/prod.yml | 12 ++++++++++++ 3 files changed, 43 insertions(+), 8 deletions(-) create mode 100644 .github/workflows/dev.yml create mode 100644 .github/workflows/prod.yml diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index db97513..76e9f45 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -1,9 +1,15 @@ -name: fdsn +name: build on: - push: {} - release: - types: [published] - workflow_dispatch: {} + workflow_call: + inputs: + ecr-registry: + description: the ECR registry to push to. + type: string + required: true + role-arn-push: + description: role to assume to push to ECR. + type: string + required: true permissions: packages: write contents: write @@ -87,10 +93,10 @@ jobs: dockerfile: ${{ fromJSON(toJSON(matrix)).folder }}/${{ fromJSON(toJSON(matrix)).target }}.Dockerfile imageName: ${{ fromJSON(toJSON(matrix)).target }} platforms: linux/amd64 - push: ${{ github.ref == 'refs/heads/main' }} + push: true tags: latest,git-${{ needs.prepare.outputs.git-rev }} - registryOverride: 862640294325.dkr.ecr.ap-southeast-2.amazonaws.com + registryOverride: ${{ inputs.ecr-registry }} aws-region: ap-southeast-2 - aws-role-arn-to-assume: arn:aws:iam::862640294325:role/github-actions-geonet-ecr-push + aws-role-arn-to-assume: ${{ inputs.role-arn-push }} aws-role-duration-seconds: "3600" diff --git a/.github/workflows/dev.yml b/.github/workflows/dev.yml new file mode 100644 index 0000000..dea6953 --- /dev/null +++ b/.github/workflows/dev.yml @@ -0,0 +1,17 @@ +name: fdsn-dev +on: + pull_request: + types: + - opened + - reopened + - synchronize + - ready_for_review + branches: + - main + workflow_dispatch: {} +jobs: + build: + uses: ./.github/workflows/build.yml + with: + ecr-registry: 615890063537.dkr.ecr.ap-southeast-2.amazonaws.com + role-arn-push: arn:aws:iam::615890063537:role/github-actions-geonet-ecr-fdsn \ No newline at end of file diff --git a/.github/workflows/prod.yml b/.github/workflows/prod.yml new file mode 100644 index 0000000..d7ddae2 --- /dev/null +++ b/.github/workflows/prod.yml @@ -0,0 +1,12 @@ +name: fdsn-prod +on: + push: + branches: + - main + workflow_dispatch: {} +jobs: + build: + uses: ./.github/workflows/build.yml + with: + ecr-registry: 862640294325.dkr.ecr.ap-southeast-2.amazonaws.com + role-arn-push: arn:aws:iam::862640294325:role/github-actions-geonet-ecr-push \ No newline at end of file From 6b00c8840ca2e1c45d6d6cc0e7faf9bbf637df35 Mon Sep 17 00:00:00 2001 From: Callum Morris Date: Mon, 12 May 2025 09:49:19 +1200 Subject: [PATCH 2/3] feat: add test coverage upload --- .github/workflows/build.yml | 10 ++++++++++ .github/workflows/prod.yml | 4 +++- 2 files changed, 13 insertions(+), 1 deletion(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 76e9f45..8a7ea7c 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -10,6 +10,14 @@ on: description: role to assume to push to ECR. type: string required: true + test-coverage-upload-role: + description: role to assume to upload test coverage results to S3. + type: string + required: false + test-coverage-upload-bucket: + description: S3 bucket to upload test coverage results to. + type: string + required: false permissions: packages: write contents: write @@ -65,6 +73,8 @@ jobs: psql postgresql://fdsn_w:test@127.0.0.1/fdsn --file=./etc/ddl/drop-create.ddl psql postgresql://fdsn_w:test@127.0.0.1/fdsn --file=./etc/ddl/create-users.ddl goTestExtraArgs: -p 1 + test-coverage-upload-role: ${{ inputs.test-coverage-upload-role }} + test-coverage-upload-bucket: ${{ inputs.test-coverage-upload-bucket }} build: needs: [prepare, build-app] strategy: diff --git a/.github/workflows/prod.yml b/.github/workflows/prod.yml index d7ddae2..406bd65 100644 --- a/.github/workflows/prod.yml +++ b/.github/workflows/prod.yml @@ -9,4 +9,6 @@ jobs: uses: ./.github/workflows/build.yml with: ecr-registry: 862640294325.dkr.ecr.ap-southeast-2.amazonaws.com - role-arn-push: arn:aws:iam::862640294325:role/github-actions-geonet-ecr-push \ No newline at end of file + role-arn-push: arn:aws:iam::862640294325:role/github-actions-geonet-ecr-push + test-coverage-upload-role: arn:aws:iam::615890063537:role/tf-dev-github-actions-geonet-s3-coverage-fdsn + test-coverage-upload-bucket: dev-geonet-webscan \ No newline at end of file From bd83cea7799bd18c04f1a50b0b2c8c7e461af8a7 Mon Sep 17 00:00:00 2001 From: Callum Morris Date: Mon, 12 May 2025 09:50:49 +1200 Subject: [PATCH 3/3] feat: add success step to use as a catch-all branch check --- .github/workflows/dev.yml | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/.github/workflows/dev.yml b/.github/workflows/dev.yml index dea6953..ebd9e1b 100644 --- a/.github/workflows/dev.yml +++ b/.github/workflows/dev.yml @@ -14,4 +14,10 @@ jobs: uses: ./.github/workflows/build.yml with: ecr-registry: 615890063537.dkr.ecr.ap-southeast-2.amazonaws.com - role-arn-push: arn:aws:iam::615890063537:role/github-actions-geonet-ecr-fdsn \ No newline at end of file + role-arn-push: arn:aws:iam::615890063537:role/github-actions-geonet-ecr-fdsn + success: + runs-on: ubuntu-latest + if: success() + needs: [build] + steps: + - run: echo "workflow was successful" \ No newline at end of file