Move trigger build image step to GHA

toptal · May 13, 2024 · 10a5243 · 10a5243
1 parent 511e3d3
commit 10a5243
Show file tree

Hide file tree

Showing 3 changed files with 132 additions and 85 deletions.
diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml
@@ -2,10 +2,10 @@ name: CI
 
 on:
   workflow_dispatch:
-  pull_request:
-    branches:
-      - master # triggers the flow for every PR to master
-      - "feature/**" # triggers the flow for a PR to a branch like feature/v9
+  # pull_request:
+  #   branches:
+  #     - master # triggers the flow for every PR to master
+  #     - "feature/**" # triggers the flow for a PR to a branch like feature/v9
 
     types:
       - synchronize # PR was updated

diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
@@ -5,6 +5,7 @@ on:
   push:
     branches:
       - master
+      - ci-3421-move-build-image-to-gha
 
 env:
   REPOSITORY_NAME: ${{ github.event.repository.name }}
@@ -36,6 +37,7 @@ jobs:
           secrets_name: |-
             NPM_TOKEN_PUBLISH:toptal-ci/NPM_TOKEN_PUBLISH
             SLACK_BOT_TOKEN:toptal-ci/SLACK_BOT_TOKEN
+            TOPTAL_BUILD_BOT_SSH_KEY:toptal-ci/TOPTAL_BUILD_BOT_SSH_KEY
             TOPTAL_BUILD_BOT_TOKEN:toptal-ci/TOPTAL_BUILD_BOT_TOKEN
             TOPTAL_DEVBOT_TOKEN:toptal-ci/TOPTAL_DEVBOT_TOKEN
             TOPTAL_REPOACCESSBOT_TOKEN:toptal-ci/TOPTAL_REPOACCESSBOT_TOKEN
@@ -155,90 +157,134 @@ jobs:
           sed -i 's|toptal/actions/get-job-url@main|./.github/actions/get-job-url|' ./.github/actions/trigger-jenkins-job/action.yml
           sed -i 's|toptal/actions/trigger-jenkins-job@main|./.github/actions/trigger-jenkins-job|' ./.github/actions/create-jira-deployment/action.yml
 
-      - name: Trigger build image job
-        uses: ./.github/actions/trigger-jenkins-job
-        id: trigger-build
-        env:
-          JENKINS_JOB_NAME: ${{ env.REPOSITORY_NAME }}-build-image
-          JENKINS_USER: ${{ steps.parse_secrets.outputs.TOPTAL_TRIGGERBOT_USERNAME }}
-        with:
-          jenkins_url: ${{ steps.parse_secrets.outputs.JENKINS_BUILD_URL }}
-          jenkins_user: ${{ steps.parse_secrets.outputs.TOPTAL_TRIGGERBOT_USERNAME }}
-          jenkins_token: ${{ steps.parse_secrets.outputs.TOPTAL_TRIGGERBOT_BUILD_TOKEN }}
-          jenkins_client_id: ${{ steps.parse_secrets.outputs.JENKINS_BUILD_CLIENT_ID }}
-          jenkins_sa_credentials: ${{ steps.parse_secrets.outputs.JENKINS_SA_CREDENTIALS }}
-          job_name: ${{ env.JENKINS_JOB_NAME }}
-          job_params: |
-            {
-              "BRANCH": "master",
-              "VERSION": "${{ github.sha }}",
-              "IMAGE_NAME": "${{ env.REPOSITORY_NAME }}"
-            }
-          job_timeout: "7200"
+      # - uses: docker/setup-buildx-action@v3
+      #   id: buildx
 
-      - name: Trigger deployment job
-        id: trigger-deploy
-        uses: ./.github/actions/trigger-jenkins-job
-        env:
-          JENKINS_JOB_NAME: ${{ env.REPOSITORY_NAME }}-docs
-        with:
-          jenkins_url: ${{ steps.parse_secrets.outputs.JENKINS_DEPLOYMENT_URL }}
-          jenkins_user: ${{ steps.parse_secrets.outputs.TOPTAL_TRIGGERBOT_USERNAME }}
-          jenkins_token: ${{ steps.parse_secrets.outputs.TOPTAL_TRIGGERBOT_DEPLOYMENT_TOKEN }}
-          jenkins_client_id: ${{ steps.parse_secrets.outputs.JENKINS_DEPLOYMENT_CLIENT_ID }}
-          jenkins_sa_credentials: ${{ steps.parse_secrets.outputs.JENKINS_SA_CREDENTIALS }}
-          job_name: ${{ env.JENKINS_JOB_NAME }}
-          job_params: |
-            {
-              "COMMIT_ID": "${{ github.sha }}"
-            }
-          job_timeout: "7200"
+      # - name: Use SSH key
+      #   uses: toptal/ssh-agent@v0.4.1
+      #   with:
+      #     ssh-private-key: ${{ steps.parse_secrets.outputs.TOPTAL_BUILD_BOT_SSH_KEY }}
 
-      - name: Send a Slack notification on failure
-        if: ${{ failure() }}
-        uses: slackapi/slack-github-action@v1.26.0
-        env:
-          SLACK_BOT_TOKEN: ${{ env.SLACK_BOT_TOKEN }}
-          FAILURE_URL: ${{ steps.trigger-deploy.outputs.jenkins_job_url || steps.trigger-build.outputs.jenkins_job_url }}
-          FALLBACK_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}?check_suite_focus=true
-        with:
-          channel-id: "-frontend-exp-team-notifications"
-          slack-message: ":x: <!here> Current master version of Picasso is <${{ env.FAILURE_URL || env.FALLBACK_URL }}|broken>."
+      # - name: Docker meta
+      #   id: meta
+      #   uses: docker/metadata-action@v5
+      #   with:
+      #     images: us-central1-docker.pkg.dev/toptal-hub/containers/picasso
+      #     tags: |
+      #       type=raw,value=${{ env.APP_VERSION }}
+      #     flavor: |
+      #       latest=true
 
-      - name: Send a Slack notification on success release
-        if: ${{ success() && steps.changesets.outputs.published == 'true' }}
-        uses: slackapi/slack-github-action@v1.26.0
+      - name: Build and push top-retro-board-backend image
+        uses: toptal/davinci-github-actions/build-push-image@refs/heads/ci-3516-change-build-push-image-action
         with:
-          channel-id: "-frontend-exp-team-notifications"
-          slack-message: "Current master version of Picasso successfully released :green_heart:"
-        env:
-          SLACK_BOT_TOKEN: ${{ env.SLACK_BOT_TOKEN }}
+          sha: ${{ inputs.sha }}
+          image-name: picasso
+          build-args: |
+            VERSION=${{ github.sha }}
 
-      - name: Send a Slack notification on success PR merge
-        if: ${{ success() && steps.changesets.outputs.published != 'true'}}
-        uses: slackapi/slack-github-action@v1.26.0
-        with:
-          channel-id: "-frontend-exp-team-notifications"
-          slack-message: "A new PR was merged to Picasso :parrotspin:"
-        env:
-          SLACK_BOT_TOKEN: ${{ env.SLACK_BOT_TOKEN }}
+      # - name: Build and push picasso image
+      #   uses: toptal/davinci-github-actions/build-push-image@v13.0.2
+      #   with:
+      #     sha: ${{ inputs.sha }}
+      #     image-name: ${{ env.REPOSITORY_NAME }}
+      #     docker-file: ./Dockerfile
+      #     build-args: |
+      #       VERSION=${{ inputs.sha }}
 
-      - name: Create Jira deployment
-        uses: ./.github/actions/create-jira-deployment/
-        if: ${{ steps.changesets.outputs.published == 'true' }}
-        with:
-          jenkins_url: ${{ steps.parse_secrets.outputs.JENKINS_BUILD_URL }}
-          jenkins_user: ${{ steps.parse_secrets.outputs.TOPTAL_TRIGGERBOT_USERNAME }}
-          jenkins_token: ${{ steps.parse_secrets.outputs.TOPTAL_TRIGGERBOT_BUILD_TOKEN }}
-          jenkins_client_id: ${{ steps.parse_secrets.outputs.JENKINS_BUILD_CLIENT_ID }}
-          jenkins_sa_credentials: ${{ steps.parse_secrets.outputs.JENKINS_SA_CREDENTIALS }}
-          token: ${{ env.DEVBOT_TOKEN }}
-          environment: production
-          environment-url: https://www.npmjs.com/package/@toptal/picasso?activeTab=versions
-
-  integration-tests:
-    name: Integration Tests
-    uses: ./.github/workflows/davinci-integration-tests.yml
-    secrets:
-      IDENTITY_POOL: ${{ secrets.IDENTITY_POOL }}
-      SA_IDENTITY_POOL: ${{ secrets.SA_IDENTITY_POOL }}
+      # - name: Build and push picasso image
+      #   uses: docker/build-push-action@v5
+      #   with:
+      #     tags: |
+      #       ${{ steps.meta.outputs.tags }}
+      #     context: .
+      #     push: true
+      #     ssh: default
+
+      # - name: Trigger build image job
+      #   uses: ./.github/actions/trigger-jenkins-job
+      #   id: trigger-build
+      #   env:
+      #     JENKINS_JOB_NAME: ${{ env.REPOSITORY_NAME }}-build-image
+      #     JENKINS_USER: ${{ steps.parse_secrets.outputs.TOPTAL_TRIGGERBOT_USERNAME }}
+      #   with:
+      #     jenkins_url: ${{ steps.parse_secrets.outputs.JENKINS_BUILD_URL }}
+      #     jenkins_user: ${{ steps.parse_secrets.outputs.TOPTAL_TRIGGERBOT_USERNAME }}
+      #     jenkins_token: ${{ steps.parse_secrets.outputs.TOPTAL_TRIGGERBOT_BUILD_TOKEN }}
+      #     jenkins_client_id: ${{ steps.parse_secrets.outputs.JENKINS_BUILD_CLIENT_ID }}
+      #     jenkins_sa_credentials: ${{ steps.parse_secrets.outputs.JENKINS_SA_CREDENTIALS }}
+      #     job_name: ${{ env.JENKINS_JOB_NAME }}
+      #     job_params: |
+      #       {
+      #         "BRANCH": "master",
+      #         "VERSION": "${{ github.sha }}",
+      #         "IMAGE_NAME": "${{ env.REPOSITORY_NAME }}"
+      #       }
+      #     job_timeout: "7200"
+
+  #     - name: Trigger deployment job
+  #       id: trigger-deploy
+  #       uses: ./.github/actions/trigger-jenkins-job
+  #       env:
+  #         JENKINS_JOB_NAME: ${{ env.REPOSITORY_NAME }}-docs
+  #       with:
+  #         jenkins_url: ${{ steps.parse_secrets.outputs.JENKINS_DEPLOYMENT_URL }}
+  #         jenkins_user: ${{ steps.parse_secrets.outputs.TOPTAL_TRIGGERBOT_USERNAME }}
+  #         jenkins_token: ${{ steps.parse_secrets.outputs.TOPTAL_TRIGGERBOT_DEPLOYMENT_TOKEN }}
+  #         jenkins_client_id: ${{ steps.parse_secrets.outputs.JENKINS_DEPLOYMENT_CLIENT_ID }}
+  #         jenkins_sa_credentials: ${{ steps.parse_secrets.outputs.JENKINS_SA_CREDENTIALS }}
+  #         job_name: ${{ env.JENKINS_JOB_NAME }}
+  #         job_params: |
+  #           {
+  #             "COMMIT_ID": "${{ github.sha }}"
+  #           }
+  #         job_timeout: "7200"
+
+  #     - name: Send a Slack notification on failure
+  #       if: ${{ failure() }}
+  #       uses: slackapi/slack-github-action@v1.26.0
+  #       env:
+  #         SLACK_BOT_TOKEN: ${{ env.SLACK_BOT_TOKEN }}
+  #         FAILURE_URL: ${{ steps.trigger-deploy.outputs.jenkins_job_url || steps.trigger-build.outputs.jenkins_job_url }}
+  #         FALLBACK_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}?check_suite_focus=true
+  #       with:
+  #         channel-id: "-frontend-exp-team-notifications"
+  #         slack-message: ":x: <!here> Current master version of Picasso is <${{ env.FAILURE_URL || env.FALLBACK_URL }}|broken>."
+
+  #     - name: Send a Slack notification on success release
+  #       if: ${{ success() && steps.changesets.outputs.published == 'true' }}
+  #       uses: slackapi/slack-github-action@v1.26.0
+  #       with:
+  #         channel-id: "-frontend-exp-team-notifications"
+  #         slack-message: "Current master version of Picasso successfully released :green_heart:"
+  #       env:
+  #         SLACK_BOT_TOKEN: ${{ env.SLACK_BOT_TOKEN }}
+
+  #     - name: Send a Slack notification on success PR merge
+  #       if: ${{ success() && steps.changesets.outputs.published != 'true'}}
+  #       uses: slackapi/slack-github-action@v1.26.0
+  #       with:
+  #         channel-id: "-frontend-exp-team-notifications"
+  #         slack-message: "A new PR was merged to Picasso :parrotspin:"
+  #       env:
+  #         SLACK_BOT_TOKEN: ${{ env.SLACK_BOT_TOKEN }}
+
+  #     - name: Create Jira deployment
+  #       uses: ./.github/actions/create-jira-deployment/
+  #       if: ${{ steps.changesets.outputs.published == 'true' }}
+  #       with:
+  #         jenkins_url: ${{ steps.parse_secrets.outputs.JENKINS_BUILD_URL }}
+  #         jenkins_user: ${{ steps.parse_secrets.outputs.TOPTAL_TRIGGERBOT_USERNAME }}
+  #         jenkins_token: ${{ steps.parse_secrets.outputs.TOPTAL_TRIGGERBOT_BUILD_TOKEN }}
+  #         jenkins_client_id: ${{ steps.parse_secrets.outputs.JENKINS_BUILD_CLIENT_ID }}
+  #         jenkins_sa_credentials: ${{ steps.parse_secrets.outputs.JENKINS_SA_CREDENTIALS }}
+  #         token: ${{ env.DEVBOT_TOKEN }}
+  #         environment: production
+  #         environment-url: https://www.npmjs.com/package/@toptal/picasso?activeTab=versions
+
+  # integration-tests:
+  #   name: Integration Tests
+  #   uses: ./.github/workflows/davinci-integration-tests.yml
+  #   secrets:
+  #     IDENTITY_POOL: ${{ secrets.IDENTITY_POOL }}
+  #     SA_IDENTITY_POOL: ${{ secrets.SA_IDENTITY_POOL }}
diff --git a/Dockerfile b/Dockerfile
@@ -1,3 +1,4 @@
+# syntax=docker/dockerfile:1
 FROM node:18-alpine
 
 ENV PATH="${PATH}:/app/node_modules/.bin" \