Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Not fix everything #411

Merged
merged 26 commits into from
Aug 7, 2024
+2,769 −7,578
Merged

Not fix everything #411

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
26 commits
Select commit Hold shift + click to select a range
3539a28
Upgrade workspace
oscartbeaumont Aug 5, 2024
7f2b99e
Moving backend to Fly.io + Caddy
oscartbeaumont Aug 5, 2024
152e1fe
disabling failing shit
oscartbeaumont Aug 5, 2024
e8296f0
work ?
oscartbeaumont Aug 5, 2024
612dc5b
On-demand TLS
oscartbeaumont Aug 5, 2024
089c8dc
`chmod +x`
oscartbeaumont Aug 5, 2024
c052c35
x86_64
oscartbeaumont Aug 5, 2024
0123e30
Cloud mode
oscartbeaumont Aug 5, 2024
53d86b5
Use cloud mode
oscartbeaumont Aug 5, 2024
bf0335b
no updater for cloud
oscartbeaumont Aug 5, 2024
26c1016
fix code
oscartbeaumont Aug 5, 2024
93e5210
enable cloud mode properly
oscartbeaumont Aug 5, 2024
caf813e
Fix Caddy path
oscartbeaumont Aug 6, 2024
80f46e8
Delete `apps/android`
oscartbeaumont Aug 6, 2024
4fd06c2
Restructure Rust
oscartbeaumont Aug 6, 2024
b24cb0f
fix build
oscartbeaumont Aug 6, 2024
4c34403
fix config existence check for cloud
oscartbeaumont Aug 6, 2024
7b9e775
Migrate from deprecated Caddy directive
oscartbeaumont Aug 6, 2024
57ba1e0
Get rid of SST cause it's too broken
oscartbeaumont Aug 6, 2024
19f5a10
Drop flat routing + more npm updates
oscartbeaumont Aug 6, 2024
c4745c7
reintroduce flat routing
oscartbeaumont Aug 6, 2024
e431c31
Parallel Routing in stable
oscartbeaumont Aug 6, 2024
9b69a18
make happy
oscartbeaumont Aug 6, 2024
d406658
bring CI back
oscartbeaumont Aug 6, 2024
4a46090
fix docs & wip fixing web
oscartbeaumont Aug 7, 2024
339b62b
a
oscartbeaumont Aug 7, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
134 changes: 60 additions & 74 deletions .github/workflows/cd.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -44,58 +44,58 @@ jobs:
- name: Setup Rust toolchain
run: rustup toolchain install stable --profile minimal

- name: Install Rust target for 'aarch64-unknown-linux-musl'
run: rustup target add aarch64-unknown-linux-musl
- name: Install Rust target for 'x86_64-unknown-linux-musl'
run: rustup target add x86_64-unknown-linux-musl

- name: Build & upload binary
run: |
pnpm i -g wrangler
export HASH=$(git rev-parse HEAD)

cargo zigbuild --release --target aarch64-unknown-linux-musl -p mattrax
cargo zigbuild --release --target x86_64-unknown-linux-musl -p mattrax

wrangler r2 object put "static/mattrax/$HASH/aarch64-unknown-linux" --file=target/aarch64-unknown-linux-musl/release/mattrax --cache-control "public, max-age=31536000, immutable"
wrangler r2 object put "static/mattrax/$HASH/x86_64-unknown-linux" --file=target/x86_64-unknown-linux-musl/release/mattrax --cache-control "public, max-age=31536000, immutable"
echo "$HASH" | wrangler r2 object put "static/nightly" --pipe

sst:
name: SST
runs-on: ubuntu-latest
# This is required to workaround the lack of wildcard for OIDC scope
# https://github.com/Azure/azure-workload-identity/issues/373
#
# I swear to god Microsoft have never tried anything they have built.
environment: production
concurrency:
group: production
if: github.ref == 'refs/heads/main' || github.event_name == 'workflow_dispatch'
steps:
- name: Git clone the repository
uses: actions/checkout@v4

- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: "arn:aws:iam::101829795063:role/mattrax-gh-actions"
aws-region: us-east-1
role-session-name: mattrax-sst-workflow

- uses: pnpm/action-setup@v4
with:
version: latest

- name: Install SST
run: curl -fsSL https://ion.sst.dev/install | bash

- run: cd infra && sst deploy --stage brendonovich
env:
ARM_USE_OIDC: true
ARM_CLIENT_ID: a17b56f1-0b10-4029-9a89-7f703d3573f8
ARM_TENANT_ID: 22d6679c-fc23-425a-b69b-e5e604dd80db
AZURE_SUBSCRIPTION_ID: 22d6679c-fc23-425a-b69b-e5e604dd80db
OAUTH_CLIENT_ID: kXdvzkEgiN11CNTRL
OAUTH_CLIENT_SECRET: ${{ secrets.TAILSCALE_OAUTH_SECRET }}

build-web:
# sst:
# name: SST
# runs-on: ubuntu-latest
# # This is required to workaround the lack of wildcard for OIDC scope
# # https://github.com/Azure/azure-workload-identity/issues/373
# #
# # I swear to god Microsoft have never tried anything they have built.
# environment: production
# concurrency:
# group: production
# if: github.ref == 'refs/heads/main' || github.event_name == 'workflow_dispatch'
# steps:
# - name: Git clone the repository
# uses: actions/checkout@v4

# - name: Configure AWS credentials
# uses: aws-actions/configure-aws-credentials@v4
# with:
# role-to-assume: "arn:aws:iam::101829795063:role/mattrax-gh-actions"
# aws-region: us-east-1
# role-session-name: mattrax-sst-workflow

# - uses: pnpm/action-setup@v4
# with:
# version: latest

# - name: Install SST
# run: curl -fsSL https://ion.sst.dev/install | bash

# - run: cd infra && sst deploy --stage brendonovich
# env:
# ARM_USE_OIDC: true
# ARM_CLIENT_ID: a17b56f1-0b10-4029-9a89-7f703d3573f8
# ARM_TENANT_ID: 22d6679c-fc23-425a-b69b-e5e604dd80db
# AZURE_SUBSCRIPTION_ID: 22d6679c-fc23-425a-b69b-e5e604dd80db
# OAUTH_CLIENT_ID: kXdvzkEgiN11CNTRL
# OAUTH_CLIENT_SECRET: ${{ secrets.TAILSCALE_OAUTH_SECRET }}

build-js:
strategy:
matrix:
projects:
Expand Down Expand Up @@ -131,7 +131,7 @@ jobs:
deploy-mattrax:
name: Deploy Mattrax
runs-on: ubuntu-latest
needs: [build-mattrax, sst]
needs: [build-mattrax] # TODO: sst
concurrency:
group: mattrax
environment:
Expand All @@ -141,36 +141,22 @@ jobs:
- name: Git clone the repository
uses: actions/checkout@v4

- uses: pnpm/action-setup@v4
with:
version: latest

- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: "arn:aws:iam::101829795063:role/mattrax-gh-actions"
aws-region: us-east-1
role-session-name: mattrax-sst-workflow

- name: Install SST
run: curl -fsSL https://ion.sst.dev/install | bash

- name: Set SST envs
- name: Install Flyctl
uses: superfly/flyctl-actions/[email protected]

- name: Download binary
working-directory: ./infra/cloud
run: |
cd infra && sst secret list --stage brendonovich | grep "MDM_INTERNAL_SECRET" >> $GITHUB_ENV
wget -O mattrax "https://static.mattrax.app/mattrax/$(git rev-parse HEAD)/x86_64-unknown-linux"
chmod +x mattrax

- name: Deploy to Fly
run: flyctl deploy --wait-timeout 2m
working-directory: ./infra/cloud
env:
ARM_USE_OIDC: true
ARM_CLIENT_ID: a17b56f1-0b10-4029-9a89-7f703d3573f8
ARM_TENANT_ID: 22d6679c-fc23-425a-b69b-e5e604dd80db
AZURE_SUBSCRIPTION_ID: 22d6679c-fc23-425a-b69b-e5e604dd80db
OAUTH_CLIENT_ID: kXdvzkEgiN11CNTRL
OAUTH_CLIENT_SECRET: ${{ secrets.TAILSCALE_OAUTH_SECRET }}

- name: Deploy Mattrax
run: |
curl -v "https://mdm.mattrax.app/internal/redeploy?secret=${{ env.MDM_INTERNAL_SECRET }}"
FLY_API_TOKEN: ${{ secrets.FLY_API_TOKEN }}

deploy-web:
deploy-js:
strategy:
matrix:
projects:
Expand All @@ -180,11 +166,11 @@ jobs:
name: Deploy ${{ matrix.projects.name }}
runs-on: ubuntu-latest
needs:
- sst
# - sst # TODO
# This will wait for *all* projects to build, not just the one we care about.
# GitHub don't provide a better solution :(
- build-web
- deploy-mattrax
- build-js
# - deploy-mattrax # TODO
# Run regardless of if previous steps were skipped
if: ${{ !failure() && !cancelled() }}
environment:
Expand Down
2 changes: 1 addition & 1 deletion .gitignore
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -58,4 +58,4 @@ Thumbs.db
/TODO

# Nx
.nx/cache
.nx
Loading
Loading