Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Landing in SST #414

Merged
merged 7 commits into from
Sep 13, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
5 changes: 0 additions & 5 deletions .git-blame-ignore-revs

This file was deleted.

11 changes: 11 additions & 0 deletions .github/cl.sh
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
#!/bin/bash

set -e

if [ ! -v cargo-lambda ]; then
pip3 install cargo-lambda
rustup toolchain install stable --profile minimal
rustup target add x86_64-unknown-linux-musl
fi

cargo lambda "$@"
208 changes: 13 additions & 195 deletions .github/workflows/cd.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -12,217 +12,35 @@ permissions:

env:
CLOUDFLARE_API_TOKEN: ${{ secrets.CLOUDFLARE_API_TOKEN }}
CLOUDFLARE_ACCOUNT_ID: f02b3ef168fe64129e9941b4fb2e4dc1
# Used when building landing
VITE_MATTRAX_CLOUD_ORIGIN: https://cloud.mattrax.app
CLOUDFLARE_DEFAULT_ACCOUNT_ID: f02b3ef168fe64129e9941b4fb2e4dc1

jobs:
build-mattrax:
name: Build Mattrax
sst:
name: SST
runs-on: ubuntu-latest
environment: production
concurrency:
group: production
steps:
- name: Git clone the repository
uses: actions/checkout@v4

- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: "arn:aws:iam::101829795063:role/mattrax-gh-actions"
aws-region: us-east-1
role-session-name: mattrax-sst-workflow

- uses: pnpm/action-setup@v4
with:
version: latest

- name: Install Cargo Zigbuild
run: pip install cargo-zigbuild


- name: Rust cache
uses: Swatinem/rust-cache@v2

- name: Setup Rust toolchain
run: rustup toolchain install stable --profile minimal

- name: Install Rust target for 'x86_64-unknown-linux-musl'
run: rustup target add x86_64-unknown-linux-musl

- name: Build & upload binary
run: |
pnpm i -g wrangler
export HASH=$(git rev-parse HEAD)

cargo zigbuild --release --target x86_64-unknown-linux-musl -p mattrax

wrangler r2 object put "static/mattrax/$HASH/x86_64-unknown-linux" --file=target/x86_64-unknown-linux-musl/release/mattrax --cache-control "public, max-age=31536000, immutable"
echo "$HASH" | wrangler r2 object put "static/nightly" --pipe

# sst:
# name: SST
# runs-on: ubuntu-latest
# # This is required to workaround the lack of wildcard for OIDC scope
# # https://github.com/Azure/azure-workload-identity/issues/373
# #
# # I swear to god Microsoft have never tried anything they have built.
# environment: production
# concurrency:
# group: production
# if: github.ref == 'refs/heads/main' || github.event_name == 'workflow_dispatch'
# steps:
# - name: Git clone the repository
# uses: actions/checkout@v4

# - name: Configure AWS credentials
# uses: aws-actions/configure-aws-credentials@v4
# with:
# role-to-assume: "arn:aws:iam::101829795063:role/mattrax-gh-actions"
# aws-region: us-east-1
# role-session-name: mattrax-sst-workflow

# - uses: pnpm/action-setup@v4
# with:
# version: latest

# - name: Install SST
# run: curl -fsSL https://ion.sst.dev/install | bash

# - run: cd infra && sst deploy --stage brendonovich
# env:
# ARM_USE_OIDC: true
# ARM_CLIENT_ID: a17b56f1-0b10-4029-9a89-7f703d3573f8
# ARM_TENANT_ID: 22d6679c-fc23-425a-b69b-e5e604dd80db
# AZURE_SUBSCRIPTION_ID: 22d6679c-fc23-425a-b69b-e5e604dd80db
# OAUTH_CLIENT_ID: kXdvzkEgiN11CNTRL
# OAUTH_CLIENT_SECRET: ${{ secrets.TAILSCALE_OAUTH_SECRET }}

build-js:
strategy:
matrix:
projects:
- landing
- web
name: Build ${{ matrix.projects }}
runs-on: ubuntu-latest
environment:
name: ${{ matrix.projects.name }}
steps:
- name: Git clone the repository
uses: actions/checkout@v4

- uses: pnpm/action-setup@v4
with:
version: latest

- name: Install
run: pnpm i

- name: Build
run: pnpm run ${{ matrix.projects }} cbuild
env:
VITE_PROD_ORIGIN: https://cloud.mattrax.app

- name: Upload result
uses: actions/upload-artifact@v4
with:
name: ${{ matrix.projects }}-dist
path: apps/${{ matrix.projects }}/dist

deploy-mattrax:
name: Deploy Mattrax
runs-on: ubuntu-latest
needs: [build-mattrax] # TODO: sst
concurrency:
group: mattrax
environment:
name: mattrax
url: https://mdm.mattrax.app
steps:
- name: Git clone the repository
uses: actions/checkout@v4

- name: Install Flyctl
uses: superfly/flyctl-actions/[email protected]

- name: Download binary
working-directory: ./infra/cloud
run: |
wget -O mattrax "https://static.mattrax.app/mattrax/$(git rev-parse HEAD)/x86_64-unknown-linux"
chmod +x mattrax

- name: Deploy to Fly
run: flyctl deploy --wait-timeout 2m
working-directory: ./infra/cloud
env:
FLY_API_TOKEN: ${{ secrets.FLY_API_TOKEN }}

deploy-js:
strategy:
matrix:
projects:
- { name: landing, project: mattrax-landing }
- { name: web, project: mattrax }
name: Deploy ${{ matrix.projects.name }}
runs-on: ubuntu-latest
needs:
# - sst # TODO
# This will wait for *all* projects to build, not just the one we care about.
# GitHub don't provide a better solution :(
- build-js
# - deploy-mattrax # TODO
# Run regardless of if previous steps were skipped
if: ${{ !failure() && !cancelled() }}
environment:
name: ${{ matrix.projects.name }}
url: ${{ steps.result.outputs.DEPLOYMENT_URL }}
steps:
# We pull this so Wrangler can link the deploy to the commit/branch
- name: Git clone the repository
uses: actions/checkout@v4

- uses: pnpm/action-setup@v4
with:
version: latest

- name: Download build artifact
uses: actions/download-artifact@v4
with:
name: ${{ matrix.projects.name }}-dist
path: dist

- name: Deploy
run: |
set -o pipefail
pnpm dlx wrangler pages deploy dist/ --project-name ${{ matrix.projects.project }} 2>&1 | tee -a BUILD_OUTPUT

- name: Export `DEPLOYMENT_URL`
id: result
run: echo "DEPLOYMENT_URL=$(grep -Eo 'https://[^ >]+' BUILD_OUTPUT|head -1)" >> $GITHUB_OUTPUT

configure:
name: Build & Deploy Configure
runs-on: ubuntu-latest
environment:
name: configure
url: ${{ steps.result.outputs.DEPLOYMENT_URL }}
steps:
- name: Git clone the repository
uses: actions/checkout@v4

- uses: pnpm/action-setup@v4
with:
version: latest

- name: Install
- name: Install dependencies
run: pnpm i

- name: Build
run: pnpm configure build

- name: Deploy
run: |
set -o pipefail
pnpm dlx wrangler pages deploy apps/configure/dist/ --project-name mattrax-configure 2>&1 | tee -a BUILD_OUTPUT

- name: Export `DEPLOYMENT_URL`
id: result
run: echo "DEPLOYMENT_URL=$(grep -Eo 'https://[^ >]+' BUILD_OUTPUT|head -1)" >> $GITHUB_OUTPUT

- name: SST
run: pnpm sst deploy --stage prod
22 changes: 0 additions & 22 deletions .vscode/settings.json

This file was deleted.

Loading
Loading