From 3d755cd4d23e0e9fedc6a58d2afc0abd1e7ca3a7 Mon Sep 17 00:00:00 2001 From: Jesse Bickel Date: Mon, 13 Jan 2025 12:05:21 -0600 Subject: [PATCH] Improve deployment pipeline To limit the chances of interleaving workflow runs deploying an unintended version of PDC, condition the build/push step on successful completion of lint, test, and sdk tasks. Use names for steps for friendlier presentation in GH UIs. Use fuzzy versioning for actions to match our current practice. Issue #1410 --- .github/workflows/build.yml | 16 ++++++++++++++++ .github/workflows/deploy.yml | 6 ++++-- 2 files changed, 20 insertions(+), 2 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index a740d7aa..fbfd6028 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -34,6 +34,22 @@ jobs: registry: ${{ env.REGISTRY }} username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} + - name: Wait for lint, test, and other workflows to succeed + uses: kachick/wait-other-jobs@v3 + timeout-minutes: 24 + with: + wait-list: | + [ + { + "workflowFile": "lint.yml" + }, + { + "workflowFile": "test.yml" + }, + { + "workflowFile": "sdk.yml" + }, + ] - name: Build and push uses: docker/build-push-action@v6 with: diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index bd1fc102..f47665a3 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -14,7 +14,8 @@ jobs: TOKEN: ${{ secrets.DIGITAL_OCEAN_TOKEN }} URL: ${{ vars.DEPLOYMENT_URL }} steps: - - uses: kachick/wait-other-jobs@v3.6.0 + - name: Wait for lint, test, build, and other workflows to succeed + uses: kachick/wait-other-jobs@v3 timeout-minutes: 24 with: wait-list: | @@ -32,6 +33,7 @@ jobs: "workflowFile": "build.yml" } ] - - run: | + - name: Deploy to Digital Ocean Test environment + run: | set -eo pipefail curl -X POST -H "Content-Type: application/json" -H "Authorization: Bearer ${{ env.TOKEN }}" --url "${{ env.URL }}" -d '{ "force_build": true }' | jq -e .deployment.id