feat: Add github actions for on change, pr, cleanup

CS3219-AY2425S1 · Sep 21, 2024 · 2565bad · 2565bad
1 parent 90a2da3
commit 2565bad
Show file tree

Hide file tree

Showing 4 changed files with 88 additions and 28 deletions.
diff --git a/.github/actions/container_setup/action.yml b/.github/actions/container_setup/action.yml
@@ -0,0 +1,22 @@
+name: Setup Action
+description: Set up environment, authenticate, and configure git for workflows under the kimyongbeom/peerprep-actions-runner container.
+
+runs:
+  using: composite
+  steps:
+    - name: Configure Git
+      shell: bash
+      run: |
+        git config --global --add safe.directory "$PWD"
+
+    - name: Decrypt Secret Files
+      shell: bash
+      run: |
+        mkdir -p ${XDG_CONFIG_HOME:-$HOME/.config}/sops/age
+        echo $AGE_SECRET_KEY > ${XDG_CONFIG_HOME:-$HOME/.config}/sops/age/keys.txt
+        /bin/bash ./scripts/secret.sh decrypt
+
+    - name: Authenticate to Google Cloud
+      shell: bash
+      run: |
+        make gcloud_auth
diff --git a/.github/workflows/cleanup_branch.yml b/.github/workflows/cleanup_branch.yml
@@ -0,0 +1,46 @@
+# This is a basic workflow to help you get started with Actions
+
+name: Branch Cleanup
+
+# Controls when the workflow will run
+on:
+  # On push @ branch
+  pull_request:
+    types: [closed]
+
+  # Allows you to run this workflow manually from the Actions tab
+  workflow_dispatch:
+
+# A workflow run is made up of one or more jobs that can run sequentially or in parallel
+jobs:
+  cleanup:
+    # Run only if PR is merged
+    if: github.event.pull_request.merged == true
+    # The type of runner that the job will run on
+    runs-on: ubuntu-latest
+    container:
+      image: kimyongbeom/peerprep-actions-runner:latest
+      env:
+        AGE_SECRET_KEY: ${{ secrets.AGE_SECRET_KEY }}
+      volumes:
+        - /var/run/docker.sock:/var/run/docker.sock
+      options: --privileged
+
+
+    # Steps represent a sequence of tasks that will be executed as part of the job
+    steps:
+      - uses: actions/checkout@v4
+      - uses: ./.github/actions/container_setup
+
+      - name: Destroy Global Infrastructure
+        shell: bash
+        run: make destroy_infra
+
+      - name: Destroy Backend
+        shell: bash
+        run: cd backend && make destroy
+
+      - name: Destroy Frontend
+        shell: bash
+        run: . $NVM_DIR/nvm.sh && cd frontend && make destroy
+
diff --git a/.github/workflows/on_pr.yml b/.github/workflows/on_pr.yml
@@ -26,8 +26,8 @@ jobs:
 
     # Steps represent a sequence of tasks that will be executed as part of the job
     steps:
-      # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
       - uses: actions/checkout@v4
+      - uses: ./.github/actions/container_setup
 
       # Runs a single command using the runners shell
       - name: Run a one-line script

diff --git a/.github/workflows/on_push.yml b/.github/workflows/on_push.yml
@@ -4,8 +4,10 @@ name: Actions on Push
 
 # Controls when the workflow will run
 on:
-  # Triggers the workflow on push or pull request events but only for the "main" branch
+  # On push @ branch
   push:
+  # When branch is created
+  create:
 
   # Allows you to run this workflow manually from the Actions tab
   workflow_dispatch:
@@ -27,43 +29,33 @@ jobs:
 
     # Steps represent a sequence of tasks that will be executed as part of the job
     steps:
-      # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
       - uses: actions/checkout@v4
-      # https://github.com/actions/checkout/issues/1169
-      - run: git config --global --add safe.directory "$PWD"
-
-    # We don't use this, for now.
-    #   - name: Find Changed Files
-    #     uses: dorny/paths-filter@v3
-    #     id: changes
-    #     with:
-    #       filters: |
-    #         global_infra:
-    #           - 'tf/**'
-    #         frontend:
-    #           - 'frontend/**'
-    #         backend:
-    #           - 'backend/**'
-      - name: Decrypt Secret Files
-        shell: bash
-        run: |
-          mkdir -p ${XDG_CONFIG_HOME:-$HOME/.config}/sops/age
-          echo $AGE_SECRET_KEY > ${XDG_CONFIG_HOME:-$HOME/.config}/sops/age/keys.txt
-          /bin/bash ./scripts/secret.sh decrypt
-
-      - name: Authenticate to Google Cloud
-        shell: bash
-        run: make gcloud_auth
+      - uses: ./.github/actions/container_setup
+
+      - name: Find Changed Files
+        uses: dorny/paths-filter@v3
+        id: changes
+        with:
+          filters: |
+            global_infra:
+              - 'tf/**'
+            frontend:
+              - 'frontend/**'
+            backend:
+              - 'backend/**'
 
       - name: Deploy Global Infrastructure
         shell: bash
+        if: ${{ github.event_name }} == 'create' || ${{ steps.changes.outputs.global_infra }} == 'true'
         run: make deploy_infra
 
       - name: Deploy Backend
+        if: ${{ github.event_name }} == 'create' || ${{ steps.changes.outputs.backend }} == 'true'
         shell: bash
         run: cd backend && make deploy
 
       - name: Deploy Frontend
+        if: ${{ github.event_name }} == 'create' || ${{ steps.changes.outputs.frontend }} == 'true'
         shell: bash
         run: . $NVM_DIR/nvm.sh && cd frontend && make deploy