-
Notifications
You must be signed in to change notification settings - Fork 354
/
config.yml
270 lines (256 loc) · 8.08 KB
/
config.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
job_defaults: &job_defaults
resource_class: xlarge
# job_node_environment will setup the environment for any job being executed.
job_node_environment: &job_node_environment
NODE_ENV: "test"
WEBPACK_MAX_CORES: "4"
NODE_OPTIONS: "--max-old-space-size=8192"
# job_node_defaults applies all the defaults for each job.
job_node_defaults: &job_node_defaults
<<: *job_defaults
working_directory: ~/coralproject/talk
docker:
- image: circleci/node:12
environment:
<<: *job_node_environment
setup_remote_docker_defaults: &setup_remote_docker_defaults
# This is pinned to 19 to resolve a problem described here:
# https://discuss.circleci.com/t/docker-build-fails-with-nonsensical-eperm-operation-not-permitted-copyfile/37364/24
version: 19.03.13
version: 2.1
jobs:
# npm_dependencies will install the dependencies used by all other steps.
npm_dependencies:
<<: *job_node_defaults
steps:
- checkout
- attach_workspace:
at: ~/coralproject/talk
- restore_cache:
keys:
# Find a cache corresponding to this specific package-lock.json
# checksum when this file is changed, this key will fail.
- v1-dependency-cache-{{ checksum "package-lock.json" }}
# Find the most recently generated cache used from any branch
- v1-dependency-cache-
# Disabled as we don't want to use sudo to update packages
# - run:
# name: Update NPM
# command: sudo npm update -g npm
# Disabled until there's capabilities to ignore a specific vun. Related:
# https://npm.community/t/please-provide-option-to-ignore-packages-in-npm-audit/403/4
# https://github.com/npm/cli/pull/10
# https://github.com/npm/rfcs/pull/18
#
# - run:
# name: Audit dependencies
# command: npm audit
- run:
name: Install dependencies
command: npm ci
no_output_timeout: 20m
- save_cache:
key: v1-dependency-cache-{{ checksum "package-lock.json" }}
paths:
- ~/.npm
- persist_to_workspace:
root: .
paths:
- node_modules
# lint will perform file linting.
lint:
<<: *job_node_defaults
steps:
- checkout
- attach_workspace:
at: ~/coralproject/talk
- run:
name: Generate schemas and types
command: npm run generate
- run:
name: Lint Source Code
command: npm run lint
- run:
name: Lint Markdown
command: |
npm run doctoc
git diff --exit-code
- run:
name: Lint Versions
command: npx @coralproject/package-version-lint
# unit_tests will run the unit tests.
unit_tests:
<<: *job_node_defaults
environment:
<<: *job_node_environment
CI: "true"
JEST_JUNIT_OUTPUT: "reports/junit/js-test-results.xml"
steps:
- checkout
- attach_workspace:
at: ~/coralproject/talk
- run:
name: Generate schemas and types
command: npm run generate
- run:
name: Perform testing
# We're running these tests in band to avoid errors where the circleci
# test runner runs out of RAM trying to run them all in parallel.
command: npm run test -- --ci --runInBand --reporters=default --reporters=jest-junit
- store_test_results:
path: reports/junit
- store_artifacts:
path: reports/junit
# build will build the static assets and server typescript files.
build:
<<: *job_node_defaults
steps:
- checkout
- attach_workspace:
at: ~/coralproject/talk
- restore_cache:
keys:
- v1-build-cache-{{ .Branch }}
- run:
name: Build
command: npm run build
no_output_timeout: 30m
- run:
name: Verify Bundle Size
command: npx bundlesize2 --enable-github-checks
- save_cache:
key: v1-build-cache-{{ .Branch }}
paths:
- ./dist
- persist_to_workspace:
root: .
paths:
- dist
# upload static assets to cdn.
upload_static:
docker:
- image: google/cloud-sdk
steps:
- setup_remote_docker:
<<: *setup_remote_docker_defaults
- run:
name: Copy static assets from docker container
command: |
CONTAINER_ID=$(docker create "coralproject/talk:${CIRCLE_TAG/#v}")
docker cp "${CONTAINER_ID}:/usr/src/app/dist/static" static/
docker rm "${CONTAINER_ID}"
find ./static -type f -name "*.gz" -print -delete
- run:
name: Authenticate Google Cloud SDK
command: |
echo "${GCLOUD_SERVICE_KEY}" | gcloud auth activate-service-account --key-file=-
gcloud --quiet config set project "${GOOGLE_PROJECT_ID}"
gcloud --quiet config set compute/zone "${GOOGLE_COMPUTE_ZONE}"
- run:
name: Deploy static files to Google Cloud Storage Bucket
command: |
gsutil -m -h "Cache-Control: public, max-age=86400, immutable" cp -r -z "js,css,map,txt,json" ./static/** "gs://${GOOGLE_CLOUD_BUCKET}/${CIRCLE_TAG/#v}/"
# upload release artifacts to sentry.
upload_sentry:
<<: *job_node_defaults
steps:
- setup_remote_docker:
<<: *setup_remote_docker_defaults
- run:
name: Copy dist from docker container
command: |
CONTAINER_ID=$(docker create "coralproject/talk:${CIRCLE_TAG/#v}")
docker cp "${CONTAINER_ID}:/usr/src/app/dist" dist/
docker rm "${CONTAINER_ID}"
- run:
name: Print sentry cli version
command: |
npx @sentry/cli -V
- run:
name: Upload source maps to sentry
command: |
npx @sentry/cli releases files "coral@${CIRCLE_TAG/#v}" upload-sourcemaps ./dist
# release_docker will build and push the Docker image.
release_docker:
<<: *job_node_defaults
steps:
- checkout
- run:
name: Verify release version
command: npx @coralproject/package-version-lint --expect ${CIRCLE_TAG/#v}
- setup_remote_docker:
<<: *setup_remote_docker_defaults
- deploy:
name: Deploy the code
command: bash ./scripts/docker.sh deploy
no_output_timeout: 30m
# filter_release will add the filters for a deploy job in a workflow to make it
# only execute on a deploy related job.
filter_release: &filter_release
filters:
branches:
only:
- main
tags:
only: /^v.*/
# filter_tagged_release will add the filters for a deploy job in a workflow to
# make it only execute on a tagged release.
filter_tagged_release: &filter_tagged_release
filters:
branches:
ignore: /.*/
tags:
only: /^v.*/
# filter_develop will add the filters for a development related commit.
filter_develop: &filter_develop
filters:
branches:
ignore:
- main
workflows:
build-test:
jobs:
- npm_dependencies:
<<: *filter_develop
- lint:
<<: *filter_develop
requires:
- npm_dependencies
- unit_tests:
<<: *filter_develop
requires:
- npm_dependencies
- build:
<<: *filter_develop
requires:
- npm_dependencies
build-test-deploy:
jobs:
- npm_dependencies:
<<: *filter_release
- lint:
<<: *filter_release
requires:
- npm_dependencies
- unit_tests:
<<: *filter_release
requires:
- npm_dependencies
- build:
<<: *filter_release
requires:
- npm_dependencies
- release_docker:
<<: *filter_release
requires:
- lint
- unit_tests
- build
- upload_static:
<<: *filter_tagged_release
requires:
- release_docker
- upload_sentry:
<<: *filter_tagged_release
requires:
- release_docker