huanld/speckle-server
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

ci(helm chart deployment test): add to GitHub Actions (#4932)

Browse Source
This commit is contained in:
Daniel Gak Anagrov
2025-06-20 14:44:43 +02:00
committed by GitHub
parent 498c1b0e53
commit 3ca500fc28
38 changed files with 292 additions and 113 deletions
Download Patch File Download Diff File Expand all files Collapse all files
.github/workflows/builds.yml
+79 -25
View File
@@ -9,9 +9,13 @@ on:
DOCKERHUB_USERNAME:
required: true
type: string
PUSH_IMAGES:
IMAGE_PREFIX:
required: true
type: string
PUBLISH:
required: false
type: boolean
default: false
secrets:
DATADOG_API_KEY:
required: true
@@ -28,11 +32,19 @@ jobs:
with:
username: ${{ inputs.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: Login to GitHub Container Registry
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Build and push
uses: useblacksmith/build-push-action@v1
with:
push: ${{ inputs.PUSH_IMAGES }}
tags: speckle/speckle-server:${{ inputs.IMAGE_VERSION_TAG }}
push: true
tags: |
${{ inputs.IMAGE_PREFIX }}/speckle-server:${{ inputs.IMAGE_VERSION_TAG }}
# TODO add docker hub tag, but only if we want to push to docker hub
file: ./packages/server/Dockerfile
build-args: |
SPECKLE_SERVER_VERSION=${{ inputs.IMAGE_VERSION_TAG }}
@@ -46,23 +58,29 @@ jobs:
with:
username: ${{ inputs.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: Login to GitHub Container Registry
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Build and push w/ version tag
uses: useblacksmith/build-push-action@v1
if: ${{ inputs.PUSH_IMAGES }}
if: ${{ inputs.PUBLISH }}
with:
push: true
tags: speckle/speckle-frontend-2:${{ inputs.IMAGE_VERSION_TAG }}
tags: ${{ inputs.IMAGE_PREFIX }}/speckle-frontend-2:${{ inputs.IMAGE_VERSION_TAG }}
file: ./packages/frontend-2/Dockerfile
build-args: |
SPECKLE_SERVER_VERSION=${{ inputs.IMAGE_VERSION_TAG }}
cache-from: type=registry,ref=speckle/speckle-frontend-2:buildcache
cache-to: type=registry,ref=speckle/speckle-frontend-2:buildcache,mode=max
cache-from: type=registry,ref=${{ inputs.IMAGE_PREFIX }}/speckle-frontend-2:buildcache
cache-to: type=registry,ref=${{ inputs.IMAGE_PREFIX }}/speckle-frontend-2:buildcache,mode=max
- name: Check frontend-2 build
uses: useblacksmith/build-push-action@v1
if: ${{ inputs.PUSH_IMAGES == false }}
if: ${{ !inputs.PUBLISH }}
with:
push: false
tags: speckle/speckle-frontend-2:${{ inputs.IMAGE_VERSION_TAG }}
push: true
tags: ${{ inputs.IMAGE_PREFIX }}/speckle-frontend-2:${{ inputs.IMAGE_VERSION_TAG }}
file: ./packages/frontend-2/Dockerfile
docker-build-preview-service:
@@ -74,11 +92,17 @@ jobs:
with:
username: ${{ inputs.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: Login to GitHub Container Registry
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Build and push
uses: useblacksmith/build-push-action@v1
with:
push: ${{ inputs.PUSH_IMAGES }}
tags: speckle/speckle-preview-service:${{ inputs.IMAGE_VERSION_TAG }}
push: true
tags: ${{ inputs.IMAGE_PREFIX }}/speckle-preview-service:${{ inputs.IMAGE_VERSION_TAG }}
file: ./packages/preview-service/Dockerfile
docker-build-webhook-service:
@@ -90,11 +114,17 @@ jobs:
with:
username: ${{ inputs.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: Login to GitHub Container Registry
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Build and push
uses: useblacksmith/build-push-action@v1
with:
push: ${{ inputs.PUSH_IMAGES }}
tags: speckle/speckle-webhook-service:${{ inputs.IMAGE_VERSION_TAG }}
push: true
tags: ${{ inputs.IMAGE_PREFIX }}/speckle-webhook-service:${{ inputs.IMAGE_VERSION_TAG }}
file: ./packages/webhook-service/Dockerfile
docker-build-fileimport-service:
@@ -106,11 +136,17 @@ jobs:
with:
username: ${{ inputs.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: Login to GitHub Container Registry
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Build and push
uses: useblacksmith/build-push-action@v1
with:
push: ${{ inputs.PUSH_IMAGES }}
tags: speckle/speckle-fileimport-service:${{ inputs.IMAGE_VERSION_TAG }}
push: true
tags: ${{ inputs.IMAGE_PREFIX }}/speckle-fileimport-service:${{ inputs.IMAGE_VERSION_TAG }}
file: ./packages/fileimport-service/Dockerfile
docker-build-test-deploy:
@@ -122,11 +158,17 @@ jobs:
with:
username: ${{ inputs.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: Login to GitHub Container Registry
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Build and push
uses: useblacksmith/build-push-action@v1
with:
push: ${{ inputs.PUSH_IMAGES }}
tags: speckle/speckle-test-deployment:${{ inputs.IMAGE_VERSION_TAG }}
push: true
tags: ${{ inputs.IMAGE_PREFIX }}/speckle-test-deployment:${{ inputs.IMAGE_VERSION_TAG }}
file: ./utils/test-deployment/Dockerfile
docker-build-monitor-deployment:
@@ -138,11 +180,17 @@ jobs:
with:
username: ${{ inputs.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: Login to GitHub Container Registry
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Build and push
uses: useblacksmith/build-push-action@v1
with:
push: ${{ inputs.PUSH_IMAGES }}
tags: speckle/speckle-monitor-deployment:${{ inputs.IMAGE_VERSION_TAG }}
push: true
tags: ${{ inputs.IMAGE_PREFIX }}/speckle-monitor-deployment:${{ inputs.IMAGE_VERSION_TAG }}
file: ./packages/monitor-deployment/Dockerfile
docker-build-docker-compose-ingress:
@@ -154,17 +202,23 @@ jobs:
with:
username: ${{ inputs.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: Login to GitHub Container Registry
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Build and push
uses: useblacksmith/build-push-action@v1
with:
push: ${{ inputs.PUSH_IMAGES }}
tags: speckle/speckle-docker-compose-ingress:${{ inputs.IMAGE_VERSION_TAG }}
push: true
tags: ${{ inputs.IMAGE_PREFIX }}/speckle-docker-compose-ingress:${{ inputs.IMAGE_VERSION_TAG }}
file: ./utils/docker-compose-ingress/Dockerfile
docker-frontend-2-sourcemaps:
runs-on: blacksmith
name: Frontend2 sourcemaps
if: ${{ inputs.PUSH_IMAGES }}
if: ${{ inputs.PUBLISH }}
env:
IMAGE_VERSION_TAG: ${{ inputs.IMAGE_VERSION_TAG }}
DATADOG_API_KEY: ${{ secrets.DATADOG_API_KEY }}
@@ -176,7 +230,7 @@ jobs:
- uses: useblacksmith/build-push-action@v1
with:
setup-only: true
cache-from: type=registry,ref=speckle/speckle-frontend-2:buildcache-sourcemaps
cache-to: type=registry,ref=speckle/speckle-frontend-2:buildcache-sourcemaps
cache-from: type=registry,ref=${{ inputs.IMAGE_PREFIX }}/speckle-frontend-2:buildcache-sourcemaps
cache-to: type=registry,ref=${{ inputs.IMAGE_PREFIX }}/speckle-frontend-2:buildcache-sourcemaps
- name: Build and Publish sourcemaps
run: ./.github/workflows/scripts/publish_fe2_sourcemaps.sh
.github/workflows/deployment-tests.yml
+85
View File
@@ -0,0 +1,85 @@
name: Run deployment test
on:
workflow_call:
inputs:
IMAGE_VERSION_TAG:
required: true
type: string
DOCKERHUB_USERNAME:
required: true
type: string
IMAGE_PREFIX:
required: true
type: string
secrets:
DOCKERHUB_TOKEN:
required: true
jobs:
deployment-test-helm-chart:
runs-on: blacksmith-8vcpu-ubuntu-2404
steps:
- uses: actions/checkout@v4.2.2
with:
fetch-depth: 0
# create the nix folder with permissive write permissions
- run: |
sudo mkdir /nix
sudo chmod 777 /nix
- name: Install the nix package manager
uses: cachix/install-nix-action@v31
with:
nix_path: nixpkgs=https://github.com/NixOS/nixpkgs/archive/63dacb46bf939521bdc93981b4cbb7ecb58427a0.tar.gz
- name: Initialize nix shell
run: |
nix-shell \
--run "echo Here, a nix shell for you" \
./tests/deployment/helm/helm-chart-shell.nix
- run: export KUBECONFIG=$(pwd)/.kube/config
- run: echo "${KUBECONFIG}"
- name: Template Speckle Server Helm Chart
run: |
nix-shell \
--run "helm template speckle-server ./utils/helm/speckle-server" \
./tests/deployment/helm/helm-chart-shell.nix
- name: Add 127.0.0.1 domains to /etc/hosts
run: |
sudo tee -a /etc/hosts \<<<'127.0.0.1 speckle.internal'
cat /etc/hosts
- name: Change directory permissions to allow kind to create directories
run: |
mkdir -p "./minio-data"
if [ "$(stat -f "%A" "./minio-data")" != "775" ]; then
echo "🔐 We need 'sudo' to set permissions on minio-data directory to 775"
sudo chmod 775 "./minio-data"
fi
mkdir -p "./postgres-data"
if [ "$(stat -f "%A" "./postgres-data")" != "775" ]; then
echo "🔐 We need 'sudo' to set permissions on postgres-data directory to 775"
sudo chmod 775 "./postgres-data"
fi
- name: Deploy Kubernetes (kind) cluster
run: |
nix-shell \
--run "ctlptl apply --filename ./tests/deployment/helm/cluster-config.yaml" \
./tests/deployment/helm/helm-chart-shell.nix
- name: Login to Docker Hub
uses: docker/login-action@v3
with:
username: ${{ inputs.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: Login to GitHub Container Registry
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Deploy Kubernetes resources to cluster
run: |
nix-shell \
--run "IMAGE_PREFIX=${{ inputs.IMAGE_PREFIX }} LOAD_DOCKER='true' tilt ci --file ./tests/deployment/helm/Tiltfile --context kind-speckle-server --timeout 10m" \
./tests/deployment/helm/helm-chart-shell.nix
env:
IMAGE_PREFIX: ${{ inputs.IMAGE_PREFIX }}
IMAGE_VERSION_TAG: ${{ inputs.IMAGE_VERSION_TAG }}
LOAD_DOCKER: 'true'
.github/workflows/get-version.yml
+33
View File
@@ -0,0 +1,33 @@
name: Get-version
on:
workflow_call:
outputs:
IMAGE_VERSION_TAG:
description: 'The image version tag to use for the deployment test'
value: ${{ jobs.get-version.outputs.IMAGE_VERSION_TAG }}
jobs:
get-version:
outputs:
IMAGE_VERSION_TAG: ${{ steps.export-step.outputs.IMAGE_VERSION_TAG }}
name: Get version
runs-on: blacksmith
steps:
- uses: actions/checkout@v4.2.2
with:
sparse-checkout: |
.github/workflows/scripts/get_version.sh
.github/workflows/scripts/common.sh
fetch-depth: 1
fetch-tags: 1
- run: git fetch origin 'refs/tags/*:refs/tags/*'
- run: chmod +x ./get_version.sh ./common.sh
working-directory: ./.github/workflows/scripts
- run: ./get_version.sh >> result
working-directory: ./.github/workflows/scripts
- run: echo "IMAGE_VERSION_TAG=$(cat result)"
working-directory: ./.github/workflows/scripts
- id: export-step
run: echo "IMAGE_VERSION_TAG=$(cat result)" >> "$GITHUB_OUTPUT"
working-directory: ./.github/workflows/scripts
.github/workflows/manual-trigger-test-deployment.yml
+34
View File
@@ -0,0 +1,34 @@
name: Test helm deployment
on: workflow_dispatch
jobs:
verify-non-prod:
runs-on: blacksmith
if: github.ref != 'refs/heads/main'
steps:
- run: echo "This is a non-production deployment."
get-version:
needs: [verify-non-prod]
name: Get version
uses: ./.github/workflows/get-version.yml
builds:
needs: [verify-non-prod, get-version]
uses: ./.github/workflows/builds.yml
with:
IMAGE_VERSION_TAG: ${{ needs.get-version.outputs.IMAGE_VERSION_TAG }}
DOCKERHUB_USERNAME: 'speckledevops'
IMAGE_PREFIX: 'ghcr.io/specklesystems'
PUBLISH: false # do not publish the sourcemaps or include the version in frontend-2 builds
secrets: inherit
deployment-tests:
needs: [builds, get-version]
uses: ./.github/workflows/deployment-tests.yml
with:
IMAGE_VERSION_TAG: ${{ needs.get-version.outputs.IMAGE_VERSION_TAG }}
DOCKERHUB_USERNAME: 'speckledevops'
IMAGE_PREFIX: 'ghcr.io/specklesystems'
secrets: inherit
.github/workflows/pull-request.yml
+5 -24
View File
@@ -8,31 +8,11 @@ concurrency:
jobs:
get-version:
outputs:
IMAGE_VERSION_TAG: ${{ steps.export-step.outputs.IMAGE_VERSION_TAG }}
name: Get version
runs-on: blacksmith
steps:
- uses: actions/checkout@v4.2.2
with:
sparse-checkout: |
.github/workflows/scripts/get_version.sh
.github/workflows/scripts/common.sh
fetch-depth: 1
fetch-tags: 1
- run: git fetch origin 'refs/tags/*:refs/tags/*'
- run: chmod +x ./get_version.sh ./common.sh
working-directory: ./.github/workflows/scripts
- run: ./get_version.sh >> result
working-directory: ./.github/workflows/scripts
- run: echo "IMAGE_VERSION_TAG=$(cat result)"
working-directory: ./.github/workflows/scripts
- id: export-step
run: echo "IMAGE_VERSION_TAG=$(cat result)" >> "$GITHUB_OUTPUT"
working-directory: ./.github/workflows/scripts
uses: ./.github/workflows/get-version.yml
tests:
needs: get-version
needs: [get-version]
uses: ./.github/workflows/tests.yml
with:
IMAGE_VERSION_TAG: ${{ needs.get-version.outputs.IMAGE_VERSION_TAG }}
@@ -40,10 +20,11 @@ jobs:
secrets: inherit
builds:
needs: get-version
needs: [get-version]
uses: ./.github/workflows/builds.yml
with:
IMAGE_VERSION_TAG: ${{ needs.get-version.outputs.IMAGE_VERSION_TAG }}
DOCKERHUB_USERNAME: 'speckledevops'
PUSH_IMAGES: false
IMAGE_PREFIX: 'ghcr.io/specklesystems'
PUBLISH: false # do not publish the sourcemaps or include the version in frontend-2 builds for pull requests
secrets: inherit
.github/workflows/release.yml
+15 -25
View File
@@ -16,31 +16,11 @@ concurrency:
jobs:
get-version:
outputs:
IMAGE_VERSION_TAG: ${{ steps.export-step.outputs.IMAGE_VERSION_TAG }}
name: Get version
runs-on: blacksmith
steps:
- uses: actions/checkout@v4.2.2
with:
sparse-checkout: |
.github/workflows/scripts/get_version.sh
.github/workflows/scripts/common.sh
fetch-depth: 1
fetch-tags: 1
- run: git fetch origin 'refs/tags/*:refs/tags/*'
- run: chmod +x ./get_version.sh ./common.sh
working-directory: ./.github/workflows/scripts
- run: ./get_version.sh >> result
working-directory: ./.github/workflows/scripts
- run: echo "IMAGE_VERSION_TAG=$(cat result)"
working-directory: ./.github/workflows/scripts
- id: export-step
run: echo "IMAGE_VERSION_TAG=$(cat result)" >> "$GITHUB_OUTPUT"
working-directory: ./.github/workflows/scripts
uses: ./.github/workflows/get-version.yml
tests:
needs: get-version
needs: [get-version]
uses: ./.github/workflows/tests.yml
with:
IMAGE_VERSION_TAG: ${{ needs.get-version.outputs.IMAGE_VERSION_TAG }}
@@ -48,16 +28,26 @@ jobs:
secrets: inherit
builds:
needs: get-version
needs: [get-version]
uses: ./.github/workflows/builds.yml
with:
IMAGE_VERSION_TAG: ${{ needs.get-version.outputs.IMAGE_VERSION_TAG }}
DOCKERHUB_USERNAME: 'speckledevops'
PUSH_IMAGES: true
IMAGE_PREFIX: 'speckle' # without an explicit host, Docker defaults to pushing Docker Hub
PUBLISH: true # publish the sourcemaps and include the version in frontend-2 builds
secrets: inherit
test-deployments:
needs: [get-version, builds]
uses: ./.github/workflows/deployment-tests.yml
with:
IMAGE_VERSION_TAG: ${{ needs.get-version.outputs.IMAGE_VERSION_TAG }}
DOCKERHUB_USERNAME: 'speckledevops'
IMAGE_PREFIX: 'speckle'
secrets: inherit
deploy:
needs: [get-version, tests, builds]
needs: [get-version, tests, builds, test-deployments]
uses: ./.github/workflows/publish.yml
with:
IMAGE_VERSION_TAG: ${{ needs.get-version.outputs.IMAGE_VERSION_TAG }}