ci: use nx to build only changed packages

re #219
safe-global · Feb 4, 2022 · ac3f362 · ac3f362
1 parent 1ef049c
commit ac3f362
Show file tree

Hide file tree

Showing 21 changed files with 3,090 additions and 199 deletions.
diff --git a/.commitlintrc.json b/.commitlintrc.json
@@ -0,0 +1,4 @@
+{
+  "extends": ["@commitlint/config-angular"],
+  "rules": {}
+}
diff --git a/.github/actions/release/action.yml b/.github/actions/release/action.yml
@@ -0,0 +1,49 @@
+name: Release
+
+description: Release Apps
+
+inputs:
+  github-token:
+    description: GitHub token
+    required: true
+  bucket-name:
+    description: S3 bucket name
+    required: true
+  prod-deployment-hook-token:
+    description: Token for the webhook that triggers the deployment to production
+    required: true
+  prod-deployment-hook-url:
+    description: URL of the webhook that triggers the deployment to production
+    required: true
+
+runs:
+  using: composite
+  steps:
+    - name: Setup git user to "🦉🤖 Safe Bot"
+      shell: bash
+      run: git config user.email "-" && git config user.name "🦉🤖 Safe Bot"
+
+      # Script to upload release files and notify production deployments
+    - name: 'Upload build files to S3 and call the hook to notify '
+      run: |
+        npx nx affected --base=last-release --target=test
+        npx nx affected --base=last-release --target=build
+        # Version step has to be run before the deployment, because the scripts will use changed version in package.json
+        npx nx affected --base=last-release --target=version --parallel=1
+        APPEND_TAG=1 npx nx affected --base=last-release --target=deploy:s3
+        npx nx affected --base=last-release --target=deploy:prod-hook
+        git tag -f last-release
+      shell: bash
+      env:
+        PROD_DEPLOYMENT_HOOK_TOKEN: ${{ inputs.prod-deployment-hook-token }}
+        PROD_DEPLOYMENT_HOOK_URL: ${{ inputs.prod-deployment-hook-url }}
+        BUCKET_NAME: ${{ inputs.bucket-name }}
+        GITHUB_TOKEN: ${{ inputs.github-token }}
+
+    - name: Push changes
+      uses: ad-m/github-push-action@8407731efefc0d8f72af254c74276b7a90be36e1
+      with:
+        github_token: ${{ inputs.github-token }}
+        branch: ${{ github.ref }}
+        force: true
+        tags: true
diff --git a/.github/actions/setup-env/action.yml b/.github/actions/setup-env/action.yml
@@ -0,0 +1,45 @@
+name: Prepare environment
+
+description: Prepare environment in the CI runner and install dependencies
+
+inputs:
+  node_version:
+    description: Node.js version
+    required: false
+    default: '16'
+  aws-secret-access-key:
+    description: AWS secret access key
+    required: true
+  aws-access-key-id:
+    description: AWS access key id
+    required: true
+  aws-region:
+    description: AWS region
+    required: true
+
+runs:
+  using: 'composite'
+  steps:
+    - name: Node.js setup
+      uses: actions/setup-node@v1
+      with:
+        node-version: ${{ inputs.node_version }}
+        cache: 'yarn'
+        cache-dependency-path: '**/yarn.lock'
+
+    - name: Env dependencies setup
+      shell: bash
+      run: |
+        sudo apt-get update
+        sudo apt-get -y install python3-pip python3-dev
+        pip install awscli --upgrade --user
+    - name: Project dependencies setup, node version ${{ matrix.node-version }}
+      shell: bash
+      run: yarn install --frozen-lockfile
+
+    - name: Configure AWS credentials
+      uses: aws-actions/configure-aws-credentials@v1
+      with:
+        aws-access-key-id: ${{ inputs.aws-access-key-id }}
+        aws-secret-access-key: ${{ inputs.aws-secret-access-key }}
+        aws-region: ${{ inputs.aws-region }}
diff --git a/.github/workflows/deployment.yml b/.github/workflows/deployment.yml
@@ -1,4 +1,4 @@
-name: Deploy safe apps
+name: Deploy Apps
 # Run on pushes to dev/main or PR
 on:
   # Pull request hook without any config. Launches for every pull request
@@ -8,75 +8,41 @@ on:
     branches:
       - main
       - development
-  # Launches build when release is published
-  release:
-    types: [published]
+  # Run manually to version/production deployment/github releases
+  workflow_dispatch:
 env:
   REPO_NAME_ALPHANUMERIC: safereactapps
+  HUSKY: 0
 
 jobs:
-  deploy:
-    name: Deployment
+  pr:
+    name: Pull Request
     runs-on: ubuntu-latest
-
+    if: ${{ github.event_name == 'pull_request' }}
     steps:
-      - name: Cancel Previous Runs
-        uses: styfle/[email protected]
-        with:
-          access_token: ${{ github.token }}
-      - name: Remove broken apt repos [Ubuntu]
-        if: ${{ runner.os }} == 'ubuntu-latest'
-        run: |
-          for apt_file in `grep -lr microsoft /etc/apt/sources.list.d/`; do sudo rm $apt_file; done
-
       - uses: actions/checkout@v2
-
-      - name: Node.js setup
-        uses: actions/setup-node@v2
-        with:
-          node-version: 14
-
-      - uses: actions/cache@v2
         with:
-          path: |
-            node_modules
-            */*/node_modules
-          key: ${{ runner.os }}-modules-${{ hashFiles('**/yarn.lock') }}
-
-      - name: Env dependencies setup
-        run: |
-          sudo apt-get update
-          sudo apt-get -y install python3-pip python3-dev
-          pip install awscli --upgrade --user
+          ref: ${{ github.event.pull_request.head.ref }}
+          fetch-depth: 0
 
-      - name: Project dependencies setup, node version ${{ matrix.node-version }}
-        run: |
-          # If you have dependencies from git (wc app), yarn may randomly throw an error about invalid cache
-          # This approach is taken from https://github.com/yarnpkg/yarn/issues/7212#issuecomment-506155894 to fix the issue
-          # Another approach is to install with flag --network-concurrency 1, but this will make the installation pretty slow (default value is 8)
-          mkdir .yarncache
-          yarn install --cache-folder ./.yarncache --frozen-lockfile
-          rm -rf .yarncache
-          yarn cache clean
-
-      - name: Build apps
-        run: yarn build
-        env:
-          REACT_APP_RPC_TOKEN: ${{ secrets.REACT_APP_RPC_TOKEN }}
-
-      - name: Configure AWS credentials
-        uses: aws-actions/configure-aws-credentials@v1
+      - uses: ./.github/actions/setup-env
         with:
           aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
           aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
           aws-region: ${{ secrets.AWS_DEFAULT_REGION }}
 
-      # Script to deploy Pull Requests
-      - run: bash ./scripts/deploy_pr.sh
-        if: success() && github.event.number
+      - name: Derive appropriate SHAs for base and head for `nx affected` commands
+        uses: nrwl/nx-set-shas@v2
+
+      - name: Test, Build, Deploy PR
+        run: |
+          npx nx affected --target=test
+          npx nx affected --target=build 
+          npx nx affected --target=deploy:pr
         env:
           PR_NUMBER: ${{ github.event.number }}
           REVIEW_BUCKET_NAME: ${{ secrets.AWS_REVIEW_BUCKET_NAME }}
+          REACT_APP_RPC_TOKEN: ${{ secrets.REACT_APP_RPC_TOKEN }}
 
       - name: 'PRaul: Comment PR with app URLs'
         if: success() && github.event.number
@@ -92,31 +58,60 @@ jobs:
         env:
           REVIEW_FEATURE_URL: https://pr${{ github.event.number }}--${{ env.REPO_NAME_ALPHANUMERIC }}.review.gnosisdev.com
 
+  deploy:
+    name: Deploy Dev/Staging
+    runs-on: ubuntu-latest
+    if: github.event_name != 'pull_request' && github.event_name != 'workflow_dispatch'
+
+    steps:
+      - uses: actions/checkout@v2
+        with:
+          fetch-depth: 0
+
+      - uses: ./.github/actions/setup-env
+        with:
+          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
+          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+          aws-region: ${{ secrets.AWS_DEFAULT_REGION }}
+
+      - name: Derive appropriate SHAs for base and head for `nx affected` commands
+        uses: nrwl/nx-set-shas@v2
+
+      - name: Test and Build
+        run: |
+          npx nx affected --target=test --parallel
+          npx nx affected --target=build --parallel
       # Script to deploy to the dev environment
       - name: 'Deploy to S3: Develop'
         if: github.ref == 'refs/heads/development'
-        run: bash ./scripts/deploy_to_s3_bucket.sh
+        run: npx nx affected --target=deploy:s3
         env:
           BUCKET_NAME: ${{ secrets.AWS_DEV_BUCKET_NAME }}
 
       # Script to deploy to staging environment
       - name: 'Deploy to S3: Staging'
         if: github.ref == 'refs/heads/main'
-        run: bash ./scripts/deploy_to_s3_bucket.sh
+        run: npx nx affected --base=last-release --target=deploy:s3
         env:
           BUCKET_NAME: ${{ secrets.STAGING_BUCKET_NAME }}/current
 
-      # Script to upload release files
-      - name: 'Upload to S3: apps build files for production'
-        if: startsWith(github.ref, 'refs/tags/v')
-        run: bash ./scripts/deploy_to_s3_bucket.sh
-        env:
-          BUCKET_NAME: ${{ secrets.STAGING_BUCKET_NAME }}/releases/${{ github.event.release.tag_name }}
+  release:
+    name: Production release
+    runs-on: ubuntu-latest
+    if: github.ref == 'refs/heads/main' && github.event_name == 'workflow_dispatch'
 
-      # Script to notify production deployments
-      - run: bash ./scripts/prepare_production_deployment.sh
-        if: success() && startsWith(github.ref, 'refs/tags/v')
-        env:
-          PROD_DEPLOYMENT_HOOK_TOKEN: ${{ secrets.PROD_DEPLOYMENT_HOOK_TOKEN }}
-          PROD_DEPLOYMENT_HOOK_URL: ${{ secrets.PROD_DEPLOYMENT_HOOK_URL }}
-          VERSION_TAG: ${{ github.event.release.tag_name }}
+    steps:
+      - uses: actions/checkout@v2
+        with:
+          fetch-depth: 0
+
+      - uses: ./.github/actions/setup-env
+
+      - name: 'Deploy production'
+        uses: ./.github/actions/release
+        with:
+          github_token: ${{ secrets.GITHUB_TOKEN }}
+          aws_secret_access_key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+          prod_deployment_hook_token: ${{ secrets.PROD_DEPLOYMENT_HOOK_TOKEN }}
+          prod_deployment_hook_url: ${{ secrets.PROD_DEPLOYMENT_HOOK_URL }}
+          bucket_name: ${{ secrets.STAGING_BUCKET_NAME }}/releases
diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
diff --git a/.husky/commit-msg b/.husky/commit-msg
@@ -0,0 +1,4 @@
+#!/bin/sh
+. "$(dirname "$0")/_/husky.sh"
+
+npx --no-install commitlint --edit $1
diff --git a/.husky/prepare-commit-msg b/.husky/prepare-commit-msg
@@ -0,0 +1,4 @@
+#!/bin/sh
+. "$(dirname "$0")/_/husky.sh"
+
+exec < /dev/tty && git cz --hook || true
diff --git a/apps/compound/package.json b/apps/compound/package.json
@@ -20,7 +20,10 @@
   "scripts": {
     "start": "dotenv -e .env -- react-app-rewired start",
     "build": "dotenv -e .env -- react-app-rewired build",
-    "test": "react-app-rewired test --passWithNoTests"
+    "test": "react-app-rewired test --passWithNoTests --forceExit",
+    "deploy:s3": "bash ../../scripts/deploy_to_s3_bucket.sh",
+    "deploy:pr": "bash ../../scripts/deploy_pr.sh",
+    "deploy:prod-hook": "bash ../../scripts/prepare-production-deployment.sh"
   },
   "eslintConfig": {
     "extends": "react-app"

diff --git a/apps/compound/project.json b/apps/compound/project.json
@@ -0,0 +1,21 @@
+{
+  "root": "apps/compound/",
+  "sourceRoot": "apps/compound/src/",
+  "projectType": "application",
+  "tags": ["scope:applications"],
+  "targets": {
+    "version": {
+      "executor": "@jscutlery/semver:version",
+      "options": {
+        "commitMessageFormat": "chore(${projectName}): release version ${version}"
+      }
+    },
+    "github": {
+      "executor": "@jscutlery/semver:github",
+      "options": {
+        "tag": "${tag}",
+        "generateNotes": true
+      }
+    }
+  }
+}
diff --git a/apps/drain-safe/package.json b/apps/drain-safe/package.json
@@ -13,7 +13,10 @@
     "start": "react-app-rewired start",
     "build": "react-app-rewired build",
     "test": "react-app-rewired test",
-    "eject": "react-scripts eject"
+    "eject": "react-scripts eject",
+    "deploy:s3": "bash ../../scripts/deploy_to_s3_bucket.sh",
+    "deploy:pr": "bash ../../scripts/deploy_pr.sh",
+    "deploy:prod-hook": "bash ../../scripts/prepare-production-deployment.sh"
   },
   "eslintConfig": {
     "extends": [

diff --git a/apps/drain-safe/project.json b/apps/drain-safe/project.json
@@ -0,0 +1,21 @@
+{
+  "root": "apps/drain-safe/",
+  "sourceRoot": "apps/drain-safe/src/",
+  "projectType": "application",
+  "tags": ["scope:applications"],
+  "targets": {
+    "version": {
+      "executor": "@jscutlery/semver:version",
+      "options": {
+        "commitMessageFormat": "chore(${projectName}): release version ${version}"
+      }
+    },
+    "github": {
+      "executor": "@jscutlery/semver:github",
+      "options": {
+        "tag": "${tag}",
+        "generateNotes": true
+      }
+    }
+  }
+}
diff --git a/apps/tx-builder/package.json b/apps/tx-builder/package.json
@@ -13,7 +13,10 @@
   "scripts": {
     "start": "dotenv -e .env -- react-app-rewired start",
     "build": "dotenv -e .env -- react-app-rewired build",
-    "test": "react-app-rewired test --passWithNoTests"
+    "test": "react-app-rewired test --passWithNoTests",
+    "deploy:s3": "bash ../../scripts/deploy_to_s3_bucket.sh",
+    "deploy:pr": "bash ../../scripts/deploy_pr.sh",
+    "deploy:prod-hook": "bash ../../scripts/prepare-production-deployment.sh"
   },
   "eslintConfig": {
     "extends": "react-app"