Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

repo sync #18329

Merged
merged 8 commits into from
May 30, 2022
Merged

repo sync #18329

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
8 commits
Select commit Hold shift + click to select a range
5ae81c0
Add initial staging deployment workflow.
brannon May 18, 2022
3357a60
Environment url should reference env variable instead of secret.
brannon May 18, 2022
0cc67fe
Update .github/workflows/azure-staging-build-deploy.yml
brannon May 27, 2022
639b8b9
Merge branch 'main' into brannon-staging-deploy-2
brannon May 30, 2022
084d3d7
Remove the Signal Science container from the staging template.
brannon May 30, 2022
240f750
Merge branch 'main' into brannon-staging-deploy-2
brannon May 30, 2022
0746c88
Merge pull request #27806 from github/brannon-staging-deploy-2
brannon May 30, 2022
f966d1e
Merge branch 'main' into repo-sync
Octomerger May 30, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
136 changes: 134 additions & 2 deletions .github/workflows/azure-staging-build-deploy.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -20,12 +20,144 @@ permissions:
contents: read
deployments: write

# This allows a subsequently queued workflow run to take priority over
# previously queued runs but NOT interrupt currently executing runs
concurrency:
group: 'staging-env @ ${{ github.head_ref || github.run_id }} for ${{ github.event.number || github.event.inputs.PR_NUMBER }}'
cancel-in-progress: true

jobs:
azure-staging-build-and-deploy:
if: ${{ github.repository == 'github/docs-internal' }}
runs-on: ubuntu-latest
timeout-minutes: 20
environment:
# TODO: Update name and url to point to a specific slot for the branch/PR
name: staging-env
url: ${{ env.APP_URL }}
env:
PR_NUMBER: ${{ github.event.number || github.event.inputs.PR_NUMBER || github.run_id }}
COMMIT_REF: ${{ github.event.pull_request.head.sha || github.event.inputs.COMMIT_REF }}
IMAGE_REPO: ${{ github.repository }}/pr-${{ github.event.number || github.event.inputs.PR_NUMBER || github.run_id }}
RESOURCE_GROUP_NAME: docs-staging
APP_SERVICE_NAME: ghdocs-staging
SLOT_NAME: canary

steps:
- name: 'No-op'
- name: 'Az CLI login'
uses: azure/login@1f63701bf3e6892515f1b7ce2d2bf1708b46beaf
with:
creds: ${{ secrets.PROD_AZURE_CREDENTIALS }}

- name: 'Docker login'
uses: azure/docker-login@81744f9799e7eaa418697cb168452a2882ae844a
with:
login-server: ${{ secrets.NONPROD_REGISTRY_SERVER }}
username: ${{ secrets.NONPROD_REGISTRY_USERNAME }}
password: ${{ secrets.NONPROD_REGISTRY_PASSWORD }}

- name: Set up Docker Buildx
uses: docker/setup-buildx-action@94ab11c41e45d028884a99163086648e898eed25

- name: Check out repo
uses: actions/checkout@dcd71f646680f2efd8db4afa5ad64fdcba30e748
with:
ref: ${{ env.COMMIT_REF }}
# To prevent issues with cloning early access content later
persist-credentials: 'false'
lfs: 'true'

- name: Check out LFS objects
run: git lfs checkout

- name: 'Set env vars'
run: |
# Set APP_URL
echo "APP_URL=${{ secrets.STAGING_APP_URL }}" >> $GITHUB_ENV
# Image tag is unique to each workflow run so that it always triggers a new deployment
echo "DOCKER_IMAGE=${{ secrets.NONPROD_REGISTRY_SERVER }}/${{ env.IMAGE_REPO }}:${{ env.COMMIT_REF }}-${{ github.run_number }}-${{ github.run_attempt }}" >> $GITHUB_ENV

- name: Setup node
uses: actions/setup-node@1f8c6b94b26d0feae1e387ca63ccbdc44d27b561
with:
node-version: 16.15.x
cache: npm

- name: Clone docs-early-access
uses: actions/checkout@dcd71f646680f2efd8db4afa5ad64fdcba30e748
with:
repository: github/docs-early-access
token: ${{ secrets.DOCUBOT_REPO_PAT }}
path: docs-early-access
ref: main

- name: Merge docs-early-access repo's folders
run: .github/actions-scripts/merge-early-access.sh

- name: 'Build and push image'
uses: docker/build-push-action@7f9d37fa544684fb73bfe4835ed7214c255ce02b
with:
context: .
push: true
target: production
tags: ${{ env.DOCKER_IMAGE }}
build-args: |
BUILD_SHA=${{ env.COMMIT_REF }}

- name: 'Update docker-compose.staging.yaml template file'
run: |
sed 's|#{IMAGE}#|${{ env.DOCKER_IMAGE }}|g' docker-compose.staging.tmpl.yaml > docker-compose.staging.yaml

- name: 'Apply updated docker-compose.staging.yaml config to deployment slot'
run: |
az webapp config container set --multicontainer-config-type COMPOSE --multicontainer-config-file docker-compose.staging.yaml --slot ${{ env.SLOT_NAME }} -n ${{ env.APP_SERVICE_NAME }} -g ${{ env.RESOURCE_GROUP_NAME }}

# Watch deployment slot instances to see when all the instances are ready
- name: Check that deployment slot is ready
uses: actions/github-script@2b34a689ec86a68d8ab9478298f91d5401337b7d
env:
CHECK_INTERVAL: 10000
with:
script: |
const { execSync } = require('child_process')

const slotName = process.env.SLOT_NAME
const appServiceName = process.env.APP_SERVICE_NAME
const resourceGroupName = process.env.RESOURCE_GROUP_NAME

const getStatesForSlot = (slot, appService, resourceGroup) => {
return JSON.parse(
execSync(
`az webapp list-instances --slot ${slot} --query "[].state" -n ${appService} -g ${resourceGroup}`,
{ encoding: 'utf8' }
)
)
}

let hasStopped = false
const waitDuration = parseInt(process.env.CHECK_INTERVAL, 10) || 10000
async function doCheck() {
const states = getStatesForSlot(slotName, appServiceName, resourceGroupName)
console.log(`Instance states:`, states)

// We must wait until at-least 1 instance has STOPPED to know we're looking at the "next" deployment and not the "previous" one
// That way we don't immediately succeed just because all the previous instances were READY
if (!hasStopped) {
hasStopped = states.some((s) => s === 'STOPPED')
}

const isAllReady = states.every((s) => s === 'READY')

if (hasStopped && isAllReady) {
process.exit(0) // success
}

console.log(`checking again in ${waitDuration}ms`)
setTimeout(doCheck, waitDuration)
}

doCheck()

- name: 'Swap deployment slot to production'
run: |
echo "No-op"
az webapp deployment slot swap --slot ${{ env.SLOT_NAME }} --target-slot production -n ${{ env.APP_SERVICE_NAME }} -g ${{ env.RESOURCE_GROUP_NAME }}
33 changes: 33 additions & 0 deletions docker-compose.staging.tmpl.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,33 @@
version: '3.7'

services:
ghdocs-staging:
image: '#{IMAGE}#'
ports:
- '4000:4000'
environment:
NODE_ENV: ${NODE_ENV}
NODE_OPTIONS: ${NODE_OPTIONS}
DD_API_KEY: ${DD_API_KEY}
COOKIE_SECRET: ${COOKIE_SECRET}
HYDRO_ENDPOINT: ${HYDRO_ENDPOINT}
HYDRO_SECRET: ${HYDRO_SECRET}
HAYSTACK_URL: ${HAYSTACK_URL}
HEROKU_APP_NAME: ${HEROKU_APP_NAME}
ENABLED_LANGUAGES: ${ENABLED_LANGUAGES}
DEPLOYMENT_ENV: ${DEPLOYMENT_ENV}
HEROKU_PRODUCTION_APP: true
PORT: 4000
DD_AGENT_HOST: datadog-agent
depends_on:
- datadog-agent
restart: always

datadog-agent:
image: datadog/dogstatsd:7.32.4
ports:
- '8125:8125'
environment:
DD_API_KEY: ${DD_API_KEY}
DD_AGENT_HOST: datadog-agent
DD_HISTOGRAM_PERCENTILES: 0.99 0.95 0.50