Skip to content

remove self-hosted runner #134

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 1 commit into from
Mar 28, 2025
Merged

remove self-hosted runner #134

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
55 changes: 30 additions & 25 deletions .github/workflows/deploy.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,10 +1,4 @@
# Run locally with act:
#
# act pull_request [--input command=[command]] \
# --platform fusionauth-standard=[ecr-repo-name]/fusionauth-standard:latest] \
# --workflows ./.github/workflows/deploy.yaml \
# --env-file <(aws configure export-credentials --profile [aws-profile] --format env)

---
name: Deploy

on:
Expand All @@ -28,37 +22,49 @@ permissions:
contents: read

jobs:
build:
if: |
github.event_name == 'pull_request' ||
github.event_name == 'push' ||
github.event_name == 'workflow_dispatch' && inputs.command == 'build'
runs-on: fusionauth-standard
deploy:
runs-on: ubuntu-latest
defaults:
run:
shell: /usr/bin/bash -l -e -o pipefail {0}
steps:
- name: checkout
uses: actions/checkout@v4

- name: setup java
uses: actions/setup-java@v4
with:
distribution: temurin
java-version: 21
java-package: jre

- name: install savant
run: |
curl -O https://repository.savantbuild.org/org/savantbuild/savant-core/2.0.0/savant-2.0.0.tar.gz
tar xzvf savant-2.0.0.tar.gz
savant-2.0.0/bin/sb --version
SAVANT_PATH=$(realpath -s "./savant-2.0.0/bin")
echo "${SAVANT_PATH}" >> $GITHUB_PATH
mkdir -p ~/.savant/plugins
cat << EOF > ~/.savant/plugins/org.savantbuild.plugin.java.properties
21=${JAVA_HOME}
EOF

- name: compile
shell: bash -l {0}
run: sb compile

deploy:
if: |
github.event_name == 'workflow_dispatch' &&
(inputs.command == 'release' || inputs.command == 'publish')
runs-on: fusionauth-standard
steps:
- name: checkout
uses: actions/checkout@v4
### Everything below this line will only run on a workflow_dispatch

- name: set aws credentials
if: inputs.command == 'release' || inputs.command == 'publish'
uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: arn:aws:iam::752443094709:role/github-actions
role-to-assume: arn:aws:iam::752443094709:role/gha-fusionauth-typescript-client
role-session-name: aws-auth-action
aws-region: us-west-2

- name: get secret
if: inputs.command == 'release' || inputs.command == 'publish'
run: |
while IFS=$'\t' read -r key value; do
echo "::add-mask::${value}"
Expand All @@ -71,17 +77,16 @@ jobs:
jq -r 'to_entries[] | [.key, .value] | @tsv')

- name: create npmrc
Copy link
Contributor

@wied03 wied03 Mar 28, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Node version in our image is 20.12.2, GHA's is 20.19.0. Close enough. I think package.json should cover the rest and since this is where Typescript comes from, probably more important, so this seems OK.

https://github.com/actions/runner-images/blob/main/images/ubuntu/Ubuntu2404-Readme.md

if: inputs.command == 'release' || inputs.command == 'publish'
run: |
echo "color=false" > ~/.npmrc
echo "//registry.npmjs.org/:_authToken=${{ env.API_KEY }}" >> ~/.npmrc
chmod 600 ~/.npmrc

- name: release to svn
if: inputs.command == 'release'
shell: bash -l {0}
run: sb release

- name: publish to npmjs
if: inputs.command == 'publish'
shell: bash -l {0}
run: sb publish