Actionsのバージョンをコミットハッシュで固定する #14052
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
--- | |
name: release | |
on: | |
push: | |
branches: | |
- master | |
pull_request: | |
types: | |
- opened | |
- synchronize | |
- reopened | |
- closed | |
merge_group: | |
env: | |
GCP_WORKLOAD_IDENTITY_PROVIDER: "projects/765091727073/locations/global/workloadIdentityPools/hato-atama-workload-identity/providers/github" | |
GCP_SERVICE_ACCOUNT: "[email protected]" | |
jobs: | |
# App Engineにデプロイされるファイルの差分の有無を判定する | |
check-deploy-diff: | |
runs-on: ubuntu-latest | |
outputs: | |
deploy-files: ${{ steps.changes.outputs.deploy-files }} | |
if: github.event_name != 'pull_request' || github.event.action != 'closed' | |
steps: | |
- uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 | |
- uses: dorny/paths-filter@de90cc6fb38fc0963ad72b210f1f284cd68cea36 # v3.0.2 | |
id: changes | |
with: | |
filters: | | |
deploy-files: | |
- '.github/workflows/release.yml' | |
- 'frontend/**' | |
- 'server/**' | |
- 'scripts/release/**' | |
- 'test/**' | |
- 'app.yaml' | |
- 'go.mod' | |
- 'go.sum' | |
- '.gcloudignore' | |
build-frontend: | |
runs-on: ubuntu-latest | |
needs: check-deploy-diff | |
if: needs.check-deploy-diff.outputs.deploy-files == 'true' | |
defaults: | |
run: | |
working-directory: frontend | |
steps: | |
- uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 | |
- uses: actions/setup-node@0a44ba7841725637a19e28fa30b79a866c81b0a6 # v4.0.4 | |
with: | |
node-version-file: frontend/.node-version | |
cache: npm | |
cache-dependency-path: frontend/package-lock.json | |
- name: Build | |
run: bash "${GITHUB_WORKSPACE}/scripts/release/build_frontend/build.sh" | |
- uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 | |
with: | |
name: frontend | |
path: frontend/dist | |
docker-compose-build-base: | |
runs-on: ubuntu-latest | |
env: | |
DOCKER_BUILDKIT: 1 | |
COMPOSE_DOCKER_CLI_BUILD: 1 | |
REPOSITORY: ${{github.repository}} | |
permissions: | |
contents: read | |
packages: write | |
if: github.event_name == 'push' || (github.event_name == 'pull_request' && github.event.action != 'closed' && github.repository == github.event.pull_request.head.repo.full_name) || github.event_name == 'merge_group' | |
steps: | |
- uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 | |
- name: Login to GitHub Container Registry | |
uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0 | |
with: | |
registry: ghcr.io | |
username: ${{ github.actor }} | |
password: ${{ secrets.GITHUB_TOKEN }} | |
- name: Set up QEMU | |
uses: docker/setup-qemu-action@49b3bc8e6bdd4a60e6116a5414239cba5943d3cf # v3.2.0 | |
- name: Set up Docker Buildx | |
id: buildx | |
uses: docker/setup-buildx-action@c47758b77c9736f4b2ef4073d4d51994fabfe349 # v3.7.1 | |
- run: cat .env >>"$GITHUB_ENV" | |
- run: echo "TAG_NAME=${HEAD_REF//\//-}" >> "$GITHUB_ENV" | |
env: | |
HEAD_REF: ${{github.head_ref || github.event.merge_group.head_ref}} | |
if: github.event_name == 'pull_request' || github.event_name == 'merge_group' | |
- name: Build and push | |
uses: docker/bake-action@2e3d19baedb14545e5d41222653874f25d5b4dfb # v5.10.0 | |
env: | |
DOCKER_CONTENT_TRUST: 1 | |
with: | |
push: true | |
targets: server,frontend | |
files: compose.yml,base.compose.yml | |
docker-compose-build: | |
runs-on: ubuntu-latest | |
needs: docker-compose-build-base | |
env: | |
DOCKER_BUILDKIT: 1 | |
COMPOSE_DOCKER_CLI_BUILD: 1 | |
REPOSITORY: ${{github.repository}} | |
permissions: | |
contents: read | |
packages: write | |
steps: | |
- uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 | |
- name: Login to GitHub Container Registry | |
uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0 | |
with: | |
registry: ghcr.io | |
username: ${{ github.actor }} | |
password: ${{ secrets.GITHUB_TOKEN }} | |
- name: Set up QEMU | |
uses: docker/setup-qemu-action@49b3bc8e6bdd4a60e6116a5414239cba5943d3cf # v3.2.0 | |
- name: Set up Docker Buildx | |
id: buildx | |
uses: docker/setup-buildx-action@c47758b77c9736f4b2ef4073d4d51994fabfe349 # v3.7.1 | |
- run: cat .env >>"$GITHUB_ENV" | |
- run: echo "TAG_NAME=${HEAD_REF//\//-}" >> "$GITHUB_ENV" | |
env: | |
HEAD_REF: ${{github.head_ref || github.event.merge_group.head_ref}} | |
if: github.event_name == 'pull_request' || github.event_name == 'merge_group' | |
- name: Build and push (dev) | |
uses: docker/bake-action@2e3d19baedb14545e5d41222653874f25d5b4dfb # v5.10.0 | |
env: | |
DOCKER_CONTENT_TRUST: 1 | |
with: | |
push: true | |
files: compose.yml,dev.base.compose.yml | |
- name: Build and push (staging) | |
uses: docker/bake-action@2e3d19baedb14545e5d41222653874f25d5b4dfb # v5.10.0 | |
env: | |
DOCKER_CONTENT_TRUST: 1 | |
with: | |
push: true | |
files: compose.yml,staging.compose.yml | |
format-go: | |
runs-on: ubuntu-latest | |
needs: docker-compose-build-base | |
if: always() && (needs.docker-compose-build-base.result == 'success' || (github.event_name == 'pull_request' && github.event.action == 'closed') || github.event_name == 'merge_group') | |
permissions: | |
contents: write | |
pull-requests: write | |
env: | |
DOCKER_CONTENT_TRUST: 1 | |
REPOSITORY: ${{github.repository}} | |
steps: | |
- uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 | |
if: github.event_name != 'pull_request' || github.event.action != 'closed' | |
with: | |
fetch-depth: 0 | |
ref: ${{ github.event.pull_request.head.sha || github.event.merge_group.head_sha }} | |
- if: github.event_name != 'pull_request' || github.event.action != 'closed' | |
run: bash "${GITHUB_WORKSPACE}/scripts/release/change_file_and_env.sh" | |
- run: echo "TAG_NAME=${HEAD_REF//\//-}" >> "$GITHUB_ENV" | |
env: | |
HEAD_REF: ${{github.head_ref || github.event.merge_group.head_ref}} | |
if: github.event_name == 'pull_request' && github.event.action != 'closed' | |
- name: Get Go version | |
id: get_go_version | |
if: github.event_name != 'pull_request' || github.event.action != 'closed' | |
run: bash "${GITHUB_WORKSPACE}/scripts/get_go_version.sh" | |
- name: Set up Go | |
uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2 | |
if: github.event_name != 'pull_request' || github.event.action != 'closed' | |
with: | |
go-version: ${{steps.get_go_version.outputs.go_version}} | |
- name: Install goimports | |
if: github.event_name != 'pull_request' || github.event.action != 'closed' | |
run: bash "${GITHUB_WORKSPACE}/scripts/release/format_go/run_goimports.sh" | |
- uses: dev-hato/actions-diff-pr-management@e5c78b251a69f44f93b2f1398e06b129bcf151ec # v1.2.0 | |
with: | |
github-token: ${{secrets.GITHUB_TOKEN}} | |
branch-name-prefix: fix-format | |
pr-title-prefix: formatが間違ってたので直してあげたよ! | |
# .node-version や package.json のNode.js・npmのバージョンをDockerイメージと同期させ、npm installを実行した結果、差分があればPRを作る | |
update-package: | |
runs-on: ubuntu-latest | |
needs: docker-compose-build-base | |
if: always() && (needs.docker-compose-build-base.result == 'success' || (github.event_name == 'pull_request' && github.event.action == 'closed') || github.event_name == 'merge_group') | |
permissions: | |
contents: write | |
pull-requests: write | |
env: | |
DOCKER_CMD: "node --version && npm --version" | |
steps: | |
- uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 | |
if: github.event_name != 'pull_request' || github.event.action != 'closed' | |
with: | |
fetch-depth: 0 | |
ref: ${{ github.event.pull_request.head.sha || github.event.merge_group.head_sha }} | |
- if: github.event_name != 'pull_request' || github.event.action != 'closed' | |
run: bash "${GITHUB_WORKSPACE}/scripts/release/change_file_and_env.sh" | |
- run: echo "TAG_NAME=${HEAD_REF//\//-}" >> "$GITHUB_ENV" | |
env: | |
HEAD_REF: ${{github.head_ref || github.event.merge_group.head_ref}} | |
if: github.event_name == 'merge_group' || (github.event_name == 'pull_request' && github.event.action != 'closed') | |
- name: Get Node.js version | |
id: get_node_version | |
if: github.event_name != 'pull_request' || github.event.action != 'closed' | |
env: | |
DOCKER_CONTENT_TRUST: 1 | |
REPOSITORY: ${{github.repository}} | |
run: bash "${GITHUB_WORKSPACE}/scripts/release/update_package/get_node_version.sh" | |
- name: Update versions | |
if: github.event_name != 'pull_request' || github.event.action != 'closed' | |
env: | |
DEPENDABOT_NODE_VERSION: "20.17.0" | |
DEPENDABOT_NPM_VERSION: "9.6.5" | |
NODE_VERSION: ${{steps.get_node_version.outputs.node_version}} | |
NPM_VERSION: ${{steps.get_node_version.outputs.npm_version}} | |
run: bash "${GITHUB_WORKSPACE}/scripts/release/update_package/update_versions.sh" | |
- uses: actions/setup-node@0a44ba7841725637a19e28fa30b79a866c81b0a6 # v4.0.4 | |
if: github.event_name != 'pull_request' || github.event.action != 'closed' | |
with: | |
node-version-file: .node-version | |
cache: npm | |
- name: Update packages (.) | |
if: github.event_name != 'pull_request' || github.event.action != 'closed' | |
run: npm install | |
- uses: actions/setup-node@0a44ba7841725637a19e28fa30b79a866c81b0a6 # v4.0.4 | |
if: github.event_name != 'pull_request' || github.event.action != 'closed' | |
with: | |
node-version-file: frontend/.node-version | |
cache: npm | |
cache-dependency-path: frontend/package-lock.json | |
- name: Update packages (frontend) | |
if: github.event_name != 'pull_request' || github.event.action != 'closed' | |
run: npm install | |
working-directory: frontend | |
- uses: actions/setup-node@0a44ba7841725637a19e28fa30b79a866c81b0a6 # v4.0.4 | |
if: github.event_name != 'pull_request' || github.event.action != 'closed' | |
with: | |
node-version-file: test/e2e/.node-version | |
cache: npm | |
cache-dependency-path: test/e2e/package-lock.json | |
- name: Update packages (test/e2e) | |
if: github.event_name != 'pull_request' || github.event.action != 'closed' | |
run: npm install | |
working-directory: test/e2e | |
- uses: dev-hato/actions-diff-pr-management@e5c78b251a69f44f93b2f1398e06b129bcf151ec # v1.2.0 | |
with: | |
github-token: ${{secrets.GITHUB_TOKEN}} | |
branch-name-prefix: fix-version | |
pr-title-prefix: nodeのバージョンを直してあげたよ! | |
update-dockle: | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 | |
if: github.event_name != 'pull_request' || github.event.action != 'closed' | |
with: | |
fetch-depth: 0 | |
ref: ${{ github.event.pull_request.head.sha || github.event.merge_group.head_sha }} | |
- uses: dev-hato/actions-update-dockle@2d3a229030f8a7df780f2a6a751a9fa7f05e6b34 # v0.0.102 | |
with: | |
github-token: ${{secrets.GITHUB_TOKEN}} | |
check-nginx-config: | |
runs-on: ubuntu-latest | |
needs: | |
- docker-compose-build | |
steps: | |
- uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 | |
- run: cat .env >>"$GITHUB_ENV" | |
- run: echo "TAG_NAME=${HEAD_REF//\//-}" >> "$GITHUB_ENV" | |
env: | |
HEAD_REF: ${{github.head_ref || github.event.merge_group.head_ref}} | |
if: github.event_name == 'pull_request' | |
- run: bash "${GITHUB_WORKSPACE}/scripts/release/check_nginx_config/check_nginx_config.sh" | |
dockle: | |
runs-on: ubuntu-latest | |
needs: | |
- docker-compose-build | |
- update-dockle | |
strategy: | |
matrix: | |
docker_compose_file_name: | |
["dev.base.compose.yml", "staging.compose.yml"] | |
include: | |
- docker_compose_file_name: "base.compose.yml" | |
service_name: "server" | |
- docker_compose_file_name: "base.compose.yml" | |
service_name: "frontend" | |
env: | |
DOCKER_CONTENT_TRUST: 1 | |
REPOSITORY: ${{github.repository}} | |
steps: | |
- uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 | |
- run: echo "TAG_NAME=${HEAD_REF//\//-}" >> "$GITHUB_ENV" | |
env: | |
HEAD_REF: ${{github.head_ref || github.event.merge_group.head_ref}} | |
if: github.event_name == 'pull_request' || github.event_name == 'merge_group' | |
- env: | |
DOCKER_COMPOSE_FILE_NAME: ${{matrix.docker_compose_file_name}} | |
SERVICE_NAME: ${{matrix.service_name}} | |
run: bash "${GITHUB_WORKSPACE}/scripts/release/dockle/run_dockle.sh" | |
make-browserslist: | |
runs-on: ubuntu-latest | |
needs: update-package | |
outputs: | |
browserslist: ${{ steps.set_browserslist.outputs.browserslist }} | |
defaults: | |
run: | |
working-directory: frontend | |
steps: | |
- uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 | |
- uses: actions/setup-node@0a44ba7841725637a19e28fa30b79a866c81b0a6 # v4.0.4 | |
with: | |
node-version-file: frontend/.node-version | |
cache: npm | |
cache-dependency-path: frontend/package-lock.json | |
- name: Set Browserslist | |
id: set_browserslist | |
run: bash "${GITHUB_WORKSPACE}/scripts/release/make_browserslist/set_browserslist.sh" | |
e2e-test-mini-docker-compose: | |
runs-on: ubuntu-latest | |
needs: | |
- docker-compose-build | |
- make-browserslist | |
strategy: | |
matrix: | |
browser_name: ["chrome", "electron", "edge"] | |
include: ${{fromJson(needs.make-browserslist.outputs.browserslist)}} | |
env: | |
DOCKER_CONTENT_TRUST: 1 | |
REPOSITORY: ${{github.repository}} | |
steps: | |
- uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 | |
- run: cat .env >>"$GITHUB_ENV" | |
- run: echo "TAG_NAME=${HEAD_REF//\//-}" >> "$GITHUB_ENV" | |
env: | |
HEAD_REF: ${{github.head_ref || github.event.merge_group.head_ref}} | |
if: github.event_name == 'pull_request' || github.event_name == 'merge_group' | |
- run: bash "${GITHUB_WORKSPACE}/scripts/release/run_docker_compose.sh" | |
- uses: actions/setup-node@0a44ba7841725637a19e28fa30b79a866c81b0a6 # v4.0.4 | |
with: | |
node-version-file: test/e2e/.node-version | |
cache: npm | |
cache-dependency-path: test/e2e/package-lock.json | |
- uses: browser-actions/setup-firefox@955a5d42b5f068a8917c6a4ff1656a2235c66dfb # v1.5.2 | |
if: matrix.browser_name == 'firefox' | |
with: | |
firefox-version: ${{ matrix.browser_version }} | |
- run: bash "${GITHUB_WORKSPACE}/scripts/release/set_docker_compose_test_env.sh" | |
- env: | |
BROWSER_NAME: ${{ matrix.browser_name }} | |
run: bash "${GITHUB_WORKSPACE}/scripts/release/run_mini_test.sh" | |
working-directory: ./test/e2e | |
e2e-test-all-docker-compose: | |
runs-on: ubuntu-latest | |
needs: | |
- docker-compose-build | |
- make-browserslist | |
strategy: | |
matrix: | |
browser_name: ["chrome", "electron", "edge"] | |
include: ${{fromJson(needs.make-browserslist.outputs.browserslist)}} | |
env: | |
DOCKER_CONTENT_TRUST: 1 | |
REPOSITORY: ${{github.repository}} | |
steps: | |
- uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 | |
- run: cat .env >>"$GITHUB_ENV" | |
- run: echo "TAG_NAME=${HEAD_REF//\//-}" >> "$GITHUB_ENV" | |
env: | |
HEAD_REF: ${{github.head_ref || github.event.merge_group.head_ref}} | |
if: github.event_name == 'pull_request' || github.event_name == 'merge_group' | |
- run: bash "${GITHUB_WORKSPACE}/scripts/release/run_docker_compose.sh" | |
- uses: actions/setup-node@0a44ba7841725637a19e28fa30b79a866c81b0a6 # v4.0.4 | |
with: | |
node-version-file: test/e2e/.node-version | |
cache: npm | |
cache-dependency-path: test/e2e/package-lock.json | |
- uses: browser-actions/setup-firefox@955a5d42b5f068a8917c6a4ff1656a2235c66dfb # v1.5.2 | |
if: matrix.browser_name == 'firefox' | |
with: | |
firefox-version: ${{ matrix.browser_version }} | |
- run: bash "${GITHUB_WORKSPACE}/scripts/release/set_docker_compose_test_env.sh" | |
- env: | |
BROWSER_NAME: ${{ matrix.browser_name }} | |
run: bash "${GITHUB_WORKSPACE}/scripts/release/run_all_test.sh" | |
working-directory: ./test/e2e | |
deploy-app-engine: | |
runs-on: ubuntu-latest | |
needs: | |
- build-frontend | |
- e2e-test-mini-docker-compose | |
if: github.event_name == 'push' || github.event_name == 'merge_group' || (github.repository == github.event.pull_request.head.repo.full_name && github.repository == 'dev-hato/hato-atama') | |
permissions: | |
id-token: write | |
contents: read | |
steps: | |
- uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 | |
- uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 | |
with: | |
name: frontend | |
path: frontend/dist | |
- run: bash "${GITHUB_WORKSPACE}/scripts/release/deploy_app_engine/set_config.sh" | |
if: github.event_name == 'pull_request' || github.event_name == 'merge_group' | |
- run: 'echo -e "env_variables:\n ENV_NAME: \"prd\"" >> app.yaml' | |
if: ${{ github.event_name == 'push' }} | |
- id: "auth" | |
name: "Authenticate to GCP" | |
uses: google-github-actions/auth@8254fb75a33b976a221574d287e93919e6a36f70 # v2.1.6 | |
with: | |
workload_identity_provider: ${{env.GCP_WORKLOAD_IDENTITY_PROVIDER}} | |
service_account: ${{env.GCP_SERVICE_ACCOUNT}} | |
- name: Deploy to App Engine | |
uses: google-github-actions/deploy-appengine@3c758836610e6ad98d8719bf3e2bdf94c3082728 # v2.1.3 | |
with: | |
deliverables: app.yaml | |
project_id: hato-atama | |
promote: false | |
version: "v${{github.run_number}}" | |
- name: Wait for the deployment to complete | |
env: | |
RUN_NUMBER: ${{github.run_number}} | |
run: bash "${GITHUB_WORKSPACE}/scripts/release/deploy_app_engine/wait_for_deployment.sh" | |
create-pr-environment: | |
runs-on: ubuntu-latest | |
needs: deploy-app-engine | |
permissions: | |
pull-requests: write | |
if: github.event_name == 'pull_request' | |
steps: | |
- uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 | |
- uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1 | |
env: | |
SHA: ${{github.event.pull_request.head.sha}} | |
with: | |
github-token: ${{secrets.GITHUB_TOKEN}} | |
script: | | |
const script = require(`${process.env.GITHUB_WORKSPACE}/scripts/release/create_pr_environment/create_pr_environment.js`) | |
await script({github, context}) | |
lighthouse: | |
runs-on: ubuntu-latest | |
needs: deploy-app-engine | |
timeout-minutes: 1 | |
permissions: | |
pull-requests: write | |
env: | |
ARTIFACT_PATH: ${{ github.workspace }}/tmp/artifacts | |
URLS: https://v${{ github.run_number }}-dot-hato-atama.an.r.appspot.com | |
steps: | |
- uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 | |
- run: mkdir -p "${ARTIFACT_PATH}" | |
- uses: foo-software/lighthouse-check-action@a80267da2e0244b8a2e457a8575fc47590615852 # v12.0.1 | |
with: | |
gitHubAccessToken: ${{ secrets.GITHUB_TOKEN }} | |
urls: ${{ env.URLS }} | |
outputDirectory: ${{ env.ARTIFACT_PATH }} | |
- uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 | |
with: | |
name: Lighthouse reports | |
path: ${{ env.ARTIFACT_PATH }} | |
e2e-test-mini-prd: | |
runs-on: ubuntu-latest | |
timeout-minutes: 2 | |
needs: | |
- deploy-app-engine | |
- e2e-test-mini-docker-compose | |
- make-browserslist | |
strategy: | |
matrix: | |
browser_name: ["chrome", "electron", "edge"] | |
include: ${{fromJson(needs.make-browserslist.outputs.browserslist)}} | |
steps: | |
- uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 | |
- uses: actions/setup-node@0a44ba7841725637a19e28fa30b79a866c81b0a6 # v4.0.4 | |
with: | |
node-version-file: test/e2e/.node-version | |
cache: npm | |
cache-dependency-path: test/e2e/package-lock.json | |
- uses: browser-actions/setup-firefox@955a5d42b5f068a8917c6a4ff1656a2235c66dfb # v1.5.2 | |
if: matrix.browser_name == 'firefox' | |
with: | |
firefox-version: ${{ matrix.browser_version }} | |
- run: bash "${GITHUB_WORKSPACE}/scripts/release/set_prod_test_env.sh" | |
- env: | |
BROWSER_NAME: ${{ matrix.browser_name }} | |
run: bash "${GITHUB_WORKSPACE}/scripts/release/run_mini_test.sh" | |
working-directory: ./test/e2e | |
e2e-test-all-prd: | |
runs-on: ubuntu-latest | |
timeout-minutes: 3 | |
needs: | |
- e2e-test-all-docker-compose | |
- e2e-test-mini-prd | |
- make-browserslist | |
strategy: | |
matrix: | |
browser_name: ["chrome", "electron", "edge"] | |
include: ${{fromJson(needs.make-browserslist.outputs.browserslist)}} | |
if: ${{ github.event_name == 'push' }} | |
steps: | |
- uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 | |
- uses: actions/setup-node@0a44ba7841725637a19e28fa30b79a866c81b0a6 # v4.0.4 | |
with: | |
node-version-file: test/e2e/.node-version | |
cache: npm | |
cache-dependency-path: test/e2e/package-lock.json | |
- uses: browser-actions/setup-firefox@955a5d42b5f068a8917c6a4ff1656a2235c66dfb # v1.5.2 | |
if: matrix.browser_name == 'firefox' | |
with: | |
firefox-version: ${{ matrix.browser_version }} | |
- run: bash "${GITHUB_WORKSPACE}/scripts/release/set_prod_test_env.sh" | |
- env: | |
BROWSER_NAME: ${{ matrix.browser_name }} | |
run: bash "${GITHUB_WORKSPACE}/scripts/release/run_all_test.sh" | |
working-directory: ./test/e2e | |
migrating-traffic: | |
runs-on: ubuntu-latest | |
needs: | |
- e2e-test-all-prd | |
if: ${{ github.event_name == 'push' }} | |
permissions: | |
id-token: write | |
contents: read | |
steps: | |
- uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 | |
- id: "auth" | |
name: "Authenticate to GCP" | |
uses: google-github-actions/auth@8254fb75a33b976a221574d287e93919e6a36f70 # v2.1.6 | |
with: | |
workload_identity_provider: ${{env.GCP_WORKLOAD_IDENTITY_PROVIDER}} | |
service_account: ${{env.GCP_SERVICE_ACCOUNT}} | |
- uses: google-github-actions/setup-gcloud@f0990588f1e5b5af6827153b93673613abdc6ec7 # v2.1.1 | |
- run: bash "${GITHUB_WORKSPACE}/scripts/release/migrating_traffic/set_traffic.sh" | |
remove-app-engine-past-versions: | |
runs-on: ubuntu-latest | |
needs: | |
- migrating-traffic | |
if: ${{ github.event_name == 'push' }} | |
permissions: | |
id-token: write | |
contents: read | |
steps: | |
- uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 | |
- name: Get run numbers | |
uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1 | |
id: get_run_numbers | |
env: | |
HEAD_REF: master | |
RUN_NUMBER: ${{github.run_number}} | |
with: | |
github-token: ${{secrets.GITHUB_TOKEN}} | |
result-encoding: string | |
script: | | |
const script = require(`${process.env.GITHUB_WORKSPACE}/scripts/get_run_numbers.js`) | |
return await script({github, context, core}) | |
- id: "auth" | |
if: ${{ steps.get_run_numbers.outputs.result != '' }} | |
name: "Authenticate to GCP" | |
uses: google-github-actions/auth@8254fb75a33b976a221574d287e93919e6a36f70 # v2.1.6 | |
with: | |
workload_identity_provider: ${{env.GCP_WORKLOAD_IDENTITY_PROVIDER}} | |
service_account: ${{env.GCP_SERVICE_ACCOUNT}} | |
- uses: google-github-actions/setup-gcloud@f0990588f1e5b5af6827153b93673613abdc6ec7 # v2.1.1 | |
if: ${{ steps.get_run_numbers.outputs.result != '' }} | |
- name: Remove app engine versions | |
if: ${{ steps.get_run_numbers.outputs.result != '' }} | |
run: gcloud app versions delete --service=default ${{steps.get_run_numbers.outputs.result}} | |
# docker-compose関連でPRとpushで共通して必ず完了しているべきjobが完了したか | |
release-complete-check-docker-compose: | |
runs-on: ubuntu-latest | |
needs: | |
- update-package | |
- format-go | |
- check-nginx-config | |
- dockle | |
- e2e-test-mini-docker-compose | |
- e2e-test-all-docker-compose | |
steps: | |
- run: exit 0 | |
# PRとpushで共通して完了しているべきjobが完了したか | |
release-complete-check: | |
runs-on: ubuntu-latest | |
if: always() && (github.event_name != 'pull_request' || github.event.action != 'closed') | |
needs: | |
- lighthouse | |
- e2e-test-mini-prd | |
- check-deploy-diff | |
- release-complete-check-docker-compose | |
steps: | |
- if: (github.repository != 'dev-hato/hato-atama' || needs.check-deploy-diff.outputs.deploy-files == 'false' || (needs.lighthouse.result == 'success' && needs.e2e-test-mini-prd.result == 'success')) && needs.release-complete-check-docker-compose.result == 'success' | |
run: exit 0 | |
- if: (github.repository == 'dev-hato/hato-atama' && needs.check-deploy-diff.outputs.deploy-files == 'true' && (needs.lighthouse.result != 'success' || needs.e2e-test-mini-prd.result != 'success')) || needs.release-complete-check-docker-compose.result != 'success' | |
run: exit 1 | |
# PRをトリガーとした場合に完了しているべきjobが完了したか | |
# forkしたリポジトリからdev-hato/hato-atamaへPRを出した場合やforkしたリポジトリ上でPRを立てた場合、merge_groupトリガーの場合はcreate-pr-environmentがskipされていても完了したものと見なす | |
pr-test-complete: | |
runs-on: ubuntu-latest | |
if: always() && ((github.event_name == 'pull_request' && github.event.action != 'closed') || github.event_name == 'merge_group') | |
needs: | |
- release-complete-check | |
- create-pr-environment | |
- check-deploy-diff | |
steps: | |
- if: needs.release-complete-check.result == 'success' && (github.event_name == 'merge_group' || github.repository != github.event.pull_request.head.repo.full_name || github.repository != 'dev-hato/hato-atama' || needs.check-deploy-diff.outputs.deploy-files == 'false' || needs.create-pr-environment.result == 'success') | |
run: exit 0 | |
- if: needs.release-complete-check.result != 'success' || (github.event_name != 'merge_group' && github.repository == github.event.pull_request.head.repo.full_name && github.repository == 'dev-hato/hato-atama' && needs.check-deploy-diff.outputs.deploy-files == 'true' && needs.create-pr-environment.result != 'success') | |
run: exit 1 | |
action-timeline-pr-test-complete: | |
needs: pr-test-complete | |
if: (github.event_name == 'pull_request' && github.event.action != 'closed') || github.event_name == 'merge_group' | |
runs-on: ubuntu-latest | |
steps: | |
- uses: Kesin11/actions-timeline@3046833d9aacfd7745c5264b7f3af851c3e2a619 # v2 | |
# pushをトリガーとした場合に完了しているべきjobが完了したか | |
release-complete: | |
runs-on: ubuntu-latest | |
if: ${{ always() && github.event_name == 'push' }} | |
needs: | |
- release-complete-check | |
- remove-app-engine-past-versions | |
- check-deploy-diff | |
steps: | |
- if: needs.release-complete-check.result == 'success' && (github.repository != 'dev-hato/hato-atama' || needs.check-deploy-diff.outputs.deploy-files == 'false' || needs.remove-app-engine-past-versions.result == 'success') | |
run: exit 0 | |
- if: needs.release-complete-check.result != 'success' || (github.repository == 'dev-hato/hato-atama' && needs.check-deploy-diff.outputs.deploy-files == 'true' && needs.remove-app-engine-past-versions.result != 'success') | |
run: exit 1 | |
action-timeline-release-complete: | |
needs: release-complete | |
if: github.event_name == 'push' | |
runs-on: ubuntu-latest | |
steps: | |
- uses: Kesin11/actions-timeline@3046833d9aacfd7745c5264b7f3af851c3e2a619 # v2 | |
concurrency: | |
group: ${{ github.workflow }}-${{ github.event_name }}-${{ github.ref }} | |
cancel-in-progress: true |