From ce64a57b77c212476f4dffeebea067d577804a2d Mon Sep 17 00:00:00 2001 From: James Willis Date: Wed, 4 Mar 2026 15:07:41 +0000 Subject: [PATCH] feat: integrate publish-hostless build into deploy-integration pipeline --- .github/workflows/deploy-integration.yml | 82 +++++++++- .github/workflows/publish-hostless.yml | 200 ----------------------- 2 files changed, 73 insertions(+), 209 deletions(-) delete mode 100644 .github/workflows/publish-hostless.yml diff --git a/.github/workflows/deploy-integration.yml b/.github/workflows/deploy-integration.yml index 47b35ffff..2d89e3b17 100644 --- a/.github/workflows/deploy-integration.yml +++ b/.github/workflows/deploy-integration.yml @@ -6,6 +6,7 @@ on: - master paths: - 'platform/wab/**' + - 'platform/canvas-packages/**' - 'platform/loader-bundle-env/**' - '.github/**' workflow_dispatch: @@ -23,6 +24,20 @@ jobs: steps: - name: Checkout code uses: actions/checkout@v4 + with: + fetch-depth: 0 + + - name: Detect canvas-packages changes + id: canvas-packages-check + run: | + if [ "${{ github.event_name }}" = "workflow_dispatch" ]; then + echo "changed=true" >> $GITHUB_OUTPUT + elif git diff --name-only ${{ github.event.before }} ${{ github.sha }} \ + -- platform/canvas-packages/package.json | grep -q .; then + echo "changed=true" >> $GITHUB_OUTPUT + else + echo "changed=false" >> $GITHUB_OUTPUT + fi - name: Configure AWS credentials uses: aws-actions/configure-aws-credentials@v4 @@ -63,24 +78,73 @@ jobs: echo "Pushed image: $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG" - - name: Trigger GitLab image tag update + - name: Setup Node.js + if: steps.canvas-packages-check.outputs.changed == 'true' + uses: actions/setup-node@v4 + with: + node-version: '24' + cache: 'yarn' + cache-dependency-path: platform/canvas-packages/yarn.lock + + - name: Build canvas-packages + if: steps.canvas-packages-check.outputs.changed == 'true' + run: | + cd platform/canvas-packages + yarn install --frozen-lockfile + yarn build + + - name: Build and push publish-hostless image + id: build-publish-hostless + if: steps.canvas-packages-check.outputs.changed == 'true' + env: + ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }} + ECR_REPOSITORY: ${{ vars.ECR_REPOSITORY }} + IMAGE_TAG: publish-hostless-${{ github.run_id }} + BASE_IMAGE: ${{ steps.login-ecr.outputs.registry }}/${{ vars.ECR_REPOSITORY }}:${{ github.sha }} + run: | + echo "::add-mask::$ECR_REGISTRY" + echo "::add-mask::$ECR_REPOSITORY" + + docker build \ + --platform linux/amd64 \ + --build-arg BASE_IMAGE=$BASE_IMAGE \ + -t $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG \ + -f platform/wab/Dockerfile.publish-hostless \ + platform/ + + docker push $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG + echo "image=$ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG" >> $GITHUB_OUTPUT + echo "Pushed publish-hostless image" + + - name: Trigger GitLab deployment if: success() env: GITLAB_TOKEN: ${{ secrets.GITLAB_API_TOKEN }} GITLAB_PROJECT_ID: ${{ secrets.GITLAB_PROJECT_ID }} - IMAGE_URL: ${{ steps.login-ecr.outputs.registry }}/${{ vars.ECR_REPOSITORY }}:${{ github.sha }} + WAB_IMAGE: ${{ steps.login-ecr.outputs.registry }}/${{ vars.ECR_REPOSITORY }}:${{ github.sha }} + PH_IMAGE: ${{ steps.build-publish-hostless.outputs.image }} + CANVAS_CHANGED: ${{ steps.canvas-packages-check.outputs.changed }} run: | + VARS=$(jq -cn \ + --arg wab_image "$WAB_IMAGE" \ + --arg ph_image "$PH_IMAGE" \ + --arg canvas_changed "$CANVAS_CHANGED" \ + ' + [ + {key: "UPDATE_IMAGE_TAGS", value: "true"}, + {key: "TARGET_ENV", value: "integration"}, + {key: "CONTAINER_IMAGE", value: $wab_image} + ] + + if $canvas_changed == "true" then [ + {key: "PUBLISH_HOSTLESS_IMAGE", value: $ph_image} + ] else [] end + ') + curl --fail --request POST \ "https://gitlab.elasticpath.com/api/v4/projects/${GITLAB_PROJECT_ID}/pipeline" \ --header "PRIVATE-TOKEN: ${GITLAB_TOKEN}" \ --header "Content-Type: application/json" \ - --data "$(jq -cn \ - --arg image "${IMAGE_URL}" \ - '{ref: "main", variables: [ - {key: "UPDATE_IMAGE_TAGS", value: "true"}, - {key: "TARGET_ENV", value: "integration"}, - {key: "CONTAINER_IMAGE", value: $image} - ]}')" + --data "$(jq -cn --argjson vars "$VARS" '{ref: "main", variables: $vars}')" - name: Build summary if: success() diff --git a/.github/workflows/publish-hostless.yml b/.github/workflows/publish-hostless.yml deleted file mode 100644 index be9227143..000000000 --- a/.github/workflows/publish-hostless.yml +++ /dev/null @@ -1,200 +0,0 @@ -name: Publish Hostless Packages - -on: - workflow_dispatch: - inputs: - environment: - description: 'Target environment' - required: true - type: choice - options: - - integration - - production - default: integration - -jobs: - publish-hostless: - name: Build and Run PublishHostless - timeout-minutes: 45 - runs-on: ubuntu-latest - environment: ${{ inputs.environment }} - permissions: - contents: read - id-token: write - - steps: - - name: Checkout code - uses: actions/checkout@v4 - - - name: Configure AWS credentials - uses: aws-actions/configure-aws-credentials@v4 - with: - role-to-assume: ${{ secrets.AWS_ROLE_ARN }} - aws-region: ${{ vars.AWS_REGION }} - - - name: Login to Amazon ECR - id: login-ecr - uses: aws-actions/amazon-ecr-login@v2 - - - name: Get currently deployed WAB image - id: deployed-image - env: - CLUSTER_NAME: plasmic-${{ inputs.environment }} - SERVICE_NAME: plasmic-${{ inputs.environment }}-wab - run: | - echo "::add-mask::$CLUSTER_NAME" - echo "::add-mask::$SERVICE_NAME" - - # Get task definition from running service - TASK_DEF_ARN=$(aws ecs describe-services \ - --cluster "$CLUSTER_NAME" \ - --services "$SERVICE_NAME" \ - --query 'services[0].taskDefinition' \ - --output text) - - if [ "$TASK_DEF_ARN" = "None" ] || [ -z "$TASK_DEF_ARN" ]; then - echo "Error: Could not find running WAB service. Deploy first, then run publish-hostless." - exit 1 - fi - - # Get image from task definition - DEPLOYED_IMAGE=$(aws ecs describe-task-definition \ - --task-definition "$TASK_DEF_ARN" \ - --query 'taskDefinition.containerDefinitions[0].image' \ - --output text) - - echo "::add-mask::$DEPLOYED_IMAGE" - echo "deployed_image=$DEPLOYED_IMAGE" >> $GITHUB_OUTPUT - echo "Using deployed WAB image as base" - - - name: Setup Node.js - uses: actions/setup-node@v4 - with: - node-version: '24' - cache: 'yarn' - cache-dependency-path: platform/canvas-packages/yarn.lock - - - name: Build canvas-packages - run: | - cd platform/canvas-packages - yarn install --frozen-lockfile - yarn build - - - name: Build and push publish-hostless image - id: build-image - env: - ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }} - ECR_REPOSITORY: ${{ vars.ECR_REPOSITORY }} - IMAGE_TAG: publish-hostless-${{ github.run_id }} - BASE_IMAGE: ${{ steps.deployed-image.outputs.deployed_image }} - run: | - echo "::add-mask::$ECR_REGISTRY" - echo "::add-mask::$ECR_REPOSITORY" - - echo "Building publish-hostless image..." - - docker build \ - --platform linux/amd64 \ - --build-arg BASE_IMAGE=$BASE_IMAGE \ - -t $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG \ - -f platform/wab/Dockerfile.publish-hostless \ - platform/ - - docker push $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG - - echo "image=$ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG" >> $GITHUB_OUTPUT - echo "Pushed publish-hostless image" - - - name: Register task definition with new image - id: register-task - env: - TASK_FAMILY: plasmic-${{ inputs.environment }}-publish-hostless - NEW_IMAGE: ${{ steps.build-image.outputs.image }} - run: | - echo "::add-mask::$TASK_FAMILY" - echo "::add-mask::$NEW_IMAGE" - - # Get current task definition - TASK_DEF=$(aws ecs describe-task-definition \ - --task-definition "$TASK_FAMILY" \ - --query 'taskDefinition') - - # Update image and remove read-only fields - NEW_TASK_DEF=$(echo "$TASK_DEF" | jq \ - --arg IMAGE "$NEW_IMAGE" \ - '.containerDefinitions[0].image = $IMAGE | - del(.taskDefinitionArn, .revision, .status, .requiresAttributes, - .compatibilities, .registeredAt, .registeredBy)') - - # Register new revision - NEW_ARN=$(aws ecs register-task-definition \ - --cli-input-json "$NEW_TASK_DEF" \ - --query 'taskDefinition.taskDefinitionArn' \ - --output text) - - echo "::add-mask::$NEW_ARN" - echo "task_definition_arn=$NEW_ARN" >> $GITHUB_OUTPUT - echo "Registered new task definition revision" - - - name: Run ECS task - id: run-task - env: - CLUSTER_NAME: plasmic-${{ inputs.environment }} - TASK_DEFINITION: ${{ steps.register-task.outputs.task_definition_arn }} - SUBNETS: ${{ vars.PRIVATE_SUBNET_IDS }} - SECURITY_GROUP: ${{ vars.ECS_SECURITY_GROUP_ID }} - run: | - echo "::add-mask::$CLUSTER_NAME" - echo "::add-mask::$SUBNETS" - echo "::add-mask::$SECURITY_GROUP" - - echo "Starting PublishHostless ECS task..." - - TASK_ARN=$(aws ecs run-task \ - --cluster "$CLUSTER_NAME" \ - --task-definition "$TASK_DEFINITION" \ - --launch-type FARGATE \ - --network-configuration "awsvpcConfiguration={subnets=[$SUBNETS],securityGroups=[$SECURITY_GROUP],assignPublicIp=DISABLED}" \ - --query 'tasks[0].taskArn' \ - --output text) - - echo "::add-mask::$TASK_ARN" - echo "task_arn=$TASK_ARN" >> $GITHUB_OUTPUT - echo "Task started" - - - name: Wait for task completion - env: - CLUSTER_NAME: plasmic-${{ inputs.environment }} - TASK_ARN: ${{ steps.run-task.outputs.task_arn }} - run: | - echo "Waiting for task to complete..." - - aws ecs wait tasks-stopped \ - --cluster "$CLUSTER_NAME" \ - --tasks "$TASK_ARN" - - # Check exit code - EXIT_CODE=$(aws ecs describe-tasks \ - --cluster "$CLUSTER_NAME" \ - --tasks "$TASK_ARN" \ - --query 'tasks[0].containers[0].exitCode' \ - --output text) - - if [ "$EXIT_CODE" = "0" ]; then - echo "Task completed successfully!" - else - echo "Task failed with exit code: $EXIT_CODE" - exit 1 - fi - - - name: Task summary - if: always() - env: - TASK_ARN: ${{ steps.run-task.outputs.task_arn }} - run: | - echo "### Publish Hostless Task" >> $GITHUB_STEP_SUMMARY - echo "" >> $GITHUB_STEP_SUMMARY - echo "**Environment:** ${{ inputs.environment }}" >> $GITHUB_STEP_SUMMARY - echo "**Task ARN:** \`$TASK_ARN\`" >> $GITHUB_STEP_SUMMARY - echo "" >> $GITHUB_STEP_SUMMARY - echo "View logs in CloudWatch: \`/ecs/plasmic-${{ inputs.environment }}-publish-hostless\`" >> $GITHUB_STEP_SUMMARY