Skip to content
staging-check

Reuse CI action code and fix stuck PubSub message #73

Sign in to view logs

Reuse CI action code and fix stuck PubSub message

Reuse CI action code and fix stuck PubSub message #73

Workflow file for this run

.github/workflows/staging-check.yml at 3c42575
name: staging-check
on:
pull_request:
branches: [ master ]
env:
JAVA_VERSION: "15"
JAVA_DISTRIBUTION: "zulu"
PULUMI_VERSION: "3.136.1"
GCP_SA_KEY_INFRA: ${{ secrets.GCP_SA_KEY_INFRA }}
GCP_SA_KEY_APP: ${{ secrets.GCP_SA_KEY_APP }}
SLACK_SIGNING_SECRET: ${{ secrets.SLACK_SIGNING_SECRET }}
SLACK_CLIENT_ID: ${{ secrets.SLACK_CLIENT_ID }}
SLACK_CLIENT_SECRET: ${{ secrets.SLACK_CLIENT_SECRET }}
MONITORING_SLACK_URL: ${{ secrets.MONITORING_SLACK_URL }}
GOOGLE_ANALYTICS_MEASUREMENT_ID: ${{ secrets.GOOGLE_ANALYTICS_MEASUREMENT_ID }}
GOOGLE_ANALYTICS_API_SECRET: ${{ secrets.GOOGLE_ANALYTICS_API_SECRET }}
jobs:
detect-changed-services:
runs-on: ubuntu-24.04
concurrency:
group: ${{ github.ref }}-detect-changed-services
cancel-in-progress: true
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Collect all changed root directories
id: changed-root-directories
uses: tj-actions/changed-files@v45
with:
dir_names: true
dir_names_max_depth: '1'
- name: Collect all changed services
id: changed-services
env:
all_changed_files: ${{ steps.changed-root-directories.outputs.all_changed_files }}
run: |
CHANGED_SERVICES=()
for file in ${all_changed_files}; do
if [ -e "$file/infra/Pulumi.yaml" ]; then
CHANGED_SERVICES+=("$file")
fi
done
if [ ${#CHANGED_SERVICES[@]} -eq 0 ]; then
echo "No services changed"
else
joined=$(printf ",\"%s\"" "${CHANGED_SERVICES[@]}")
echo "changed_services=[${joined:1}]"
echo "changed_services=[${joined:1}]" >> "$GITHUB_OUTPUT"
fi
outputs:
changed_services: ${{ steps.changed-services.outputs.changed_services }}
build-service:
if: needs.detect-changed-services.outputs.changed_services != ''
runs-on: ubuntu-24.04
strategy:
matrix:
service: ${{ fromJSON(needs.detect-changed-services.outputs.changed_services) }}
concurrency:
group: ${{ github.ref }}-${{ matrix.service }}-build-service
cancel-in-progress: true
needs: detect-changed-services
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Set up Gradle
uses: ./.github/actions/setup-gradle
with:
java-distribution: ${{ env.JAVA_DISTRIBUTION }}
java-version: ${{ env.JAVA_VERSION }}
- name: Build service
run: |
set -Eeuo pipefail
if [ -e "${{ matrix.service }}/gradlew" ]; then
# Need to explicitly cd into each service, otherwise we get yarn cache clashes
cd ${{ matrix.service }}
./gradlew --no-daemon assemble
cd ..
else
echo "Skipping step as required file doesn't exist"
fi
- name: Build container images
run: |
set -Eeuo pipefail
if [ -e "tools/docker/${{ matrix.service }}-compose.yaml" ]; then
docker compose -f tools/docker/${{ matrix.service }}-compose.yaml build
else
echo "Skipping step as required file doesn't exist"
fi
- name: Preview infrastructure
uses: pulumi/actions@v5
with:
command: preview
stack-name: prod
work-dir: ${{ matrix.service }}/infra
edit-pr-comment: false
pulumi-version: ${{ env.PULUMI_VERSION }}
env:
PULUMI_ACCESS_TOKEN: ${{ secrets.PULUMI_ACCESS_TOKEN }}
- name: Artifacts
uses: actions/upload-artifact@v4
if: always() # Ensure all artifacts are collected, even after errors
with:
name: Build (${{ matrix.service }})
path: |
**/build
**/secrets.properties
${{ matrix.service }}/infra
unit-test:
runs-on: ubuntu-24.04
concurrency:
group: ${{ github.ref }}-unit-test
cancel-in-progress: true
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Test
uses: ./.github/actions/unit-test
with:
java-distribution: ${{ env.JAVA_DISTRIBUTION }}
java-version: ${{ env.JAVA_VERSION }}