chore(app): implement release process

.changeset/config.json

@@ -0,0 +1,11 @@
+{
+ "$schema": "https://unpkg.com/@changesets/[email protected]/schema.json",
+ "changelog": "@changesets/cli/changelog",
+ "commit": false,
+ "fixed": [],
+ "linked": [],
+ "access": "restricted",
+ "baseBranch": "main",
+ "updateInternalDependencies": "patch",
+ "ignore": []
+}

.github/actions/install-dependencies/action.yml

@@ -0,0 +1,31 @@
+name: Install Node and package dependencies
+description: 'Install project dependencies'
+inputs:
+ REPO_NAME:
+ description: 'Repository name'
+
+runs:
+ using: 'composite'
+ steps:
+ - name: Cache Node.js modules
+ uses: actions/cache@v4
+ with:
+ path: node_modules
+ key: "${{ runner.os }}-yarn-${{ hashFiles('**/*.yarn.lock') }}"
+ restore-keys: ${{ runner.os }}-yarn-
+
+ - name: Set up Node 20
+ uses: actions/setup-node@v4
+ with:
+ node-version: '20'
+ registry-url: 'https://registry.npmjs.org'
+
+ - name: Install Yarn 4
+ shell: bash
+ run: |
+ corepack enable
+ yarn set version 4.2.1
+
+ - name: Install projects dependencies
+ shell: bash
+ run: yarn install

.github/workflows/build-release.yml

@@ -0,0 +1,156 @@
+name: Build and release project
+on:
+ push:
+ branches: [ main ]
+ paths-ignore:
+ - '**.md'
+ - '!.changeset/**'
+ - 'LICENSE'
+
+env:
+ TURBO_TOKEN: ${{ secrets.TURBO_TOKEN }}
+ TURBO_TEAM: ${{ secrets.TURBO_TEAM }}
+ VERCEL_ORG_ID: ${{ secrets.VERCEL_ORG_ID }}
+ VERCEL_PROJECT_ID: ${{ secrets.VERCEL_PROJECT_ID }}
+ REPO_NAME: snipcode
+
+concurrency:
+ group: "${{ github.workflow }}-${{ github.head_ref || github.run_id }}"
+ cancel-in-progress: true
+
+jobs:
+ build:
+ runs-on: ubuntu-latest
+ env:
+ NODE_ENV: test
+ MYSQL_ROOT_PASSWORD: root
+ MYSQL_DATABASE: test
+ MYSQL_PORT: 3306
+ DATABASE_URL: mysql:https://root:[email protected]:3306/test
+ ADMIN_PASSWORD: admin_password
+ CONVERTKIT_API_KEY: api_key
+ CONVERTKIT_FORM_ID: form_id
+ steps:
+ - uses: actions/checkout@v4
+
+ - name: Install dependencies
+ uses: ./.github/actions/install-dependencies
+
+ - name: Lint the projects
+ run: yarn lint
+
+ - name: Build the projects
+ run: yarn build
+
+ - name: Start MySQL server
+ run: sudo systemctl start mysql.service
+
+ - name: Run tests
+ run: yarn test
+
+ version:
+ runs-on: ubuntu-latest
+ needs:
+ - build
+ outputs:
+ hasChangesets: ${{ steps.changesets.outputs.hasChangesets }}
+ releaseArtifactId: ${{ steps.artifact-release-upload.outputs.artifact-id }}
+ steps:
+ - uses: actions/checkout@v4
+
+ - name: Install dependencies
+ uses: ./.github/actions/install-dependencies
+
+ - name: Print Released Packages
+ id: releasedPackages
+ run: yarn changeset status --output=release.json
+
+ - name: Upload Release File
+ uses: actions/upload-artifact@v4
+ id: artifact-release-upload
+ with:
+ name: released-packages
+ path: release.json
+
+ - name: Create Release Pull Request
+ id: changesets
+ uses: changesets/action@v1
+ with:
+ commit: 'chore: update versions'
+ title: 'chore: update versions'
+ createGithubReleases: false
+ env:
+ GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+ release:
+ runs-on: ubuntu-latest
+ env:
+ GH_TOKEN: ${{ secrets.GH_PAT }}
+ GH_BRANCH: ${{ github.head_ref || github.ref_name }}
+ needs:
+ - version
+ if: needs.version.outputs.hasChangesets == 'true'
+ steps:
+ - uses: actions/checkout@v4
+
+ - name: Download Release File
+ uses: actions/download-artifact@v4
+ with:
+ name: released-packages
+
+ - name: Trigger Backend Release
+ run: |
+ BACKEND_VERSION=$(jq -r '.releases[] | select(.name == "@snipcode/core") | .newVersion' release.json)
+ if [ -n "$BACKEND_VERSION" ]; then
+ echo "Ready to release Backend version $BACKEND_VERSION"
+ gh workflow run deploy-backend.yml -r "${{ secrets.GH_BRANCH }}" -f version=$BACKEND_VERSION
+ else
+ echo "No Backend Release"
+ fi
+
+ - name: Trigger Frontend Release
+ continue-on-error: true
+ run: |
+ FRONTEND_VERSION=$(jq -r '.releases[] | select(.name == "@snipcode/web") | .newVersion' release.json)
+ if [ -n "$FRONTEND_VERSION" ]; then
+ echo "Ready to release Frontend version $FRONTEND_VERSION"
+ gh workflow run deploy-frontend.yml -r "${{ secrets.GH_BRANCH }}" -f version=$FRONTEND_VERSION
+ else
+ echo "No Frontend Release"
+ fi
+
+ - name: Trigger Embed Release
+ continue-on-error: true
+ run: |
+ EMBED_VERSION=$(jq -r '.releases[] | select(.name == "@snipcode/embed") | .newVersion' release.json)
+ if [ -n "$EMBED_VERSION" ]; then
+ echo "Ready to release Embed version $EMBED_VERSION"
+ gh workflow run deploy-embed.yml -r "${{ secrets.GH_BRANCH }}" -f version=$EMBED_VERSION
+ else
+ echo "No Embed Release"
+ fi
+
+ - name: Trigger Lambda Release
+ continue-on-error: true
+ run: |
+ LAMBDA_VERSION=$(jq -r '.releases[] | select(.name == "@snipcode/code-embed") | .newVersion' release.json)
+ if [ -n "$LAMBDA_VERSION" ]; then
+ echo "Ready to release Lambda version $LAMBDA_VERSION"
+ gh workflow run deploy-lambda.yml -r "${{ secrets.GH_BRANCH }}" -f version=$LAMBDA_VERSION
+ else
+ echo "No Lambda Release"
+ fi
+
+ - name: Delete Release File
+ if: ${{ success() }}
+ env:
+ ARTIFACT_ID: ${{ needs.version.outputs.releaseArtifactId }}
+ run: |
+ set -e
+ echo "Deleting artefact $ARTIFACT_ID"
+ curl -L \
+ -X DELETE \
+ -H "Accept: application/vnd.github+json" \
+ -H "Authorization: Bearer ${{ secrets.GH_PAT }}"\
+ -H "X-GitHub-Api-Version: 2022-11-28" \
+ https://api.github.com/repos/tericcabrel/$REPO_NAME/actions/artifacts/$ARTIFACT_ID

.github/workflows/build.yml

@@ -10,7 +10,7 @@ env:
  VERCEL_PROJECT_ID: ${{ secrets.VERCEL_PROJECT_ID }}
 
 concurrency:
- group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }}
+ group: "${{ github.workflow }}-${{ github.head_ref || github.run_id }}"
  cancel-in-progress: true
 
 jobs:
@@ -25,28 +25,13 @@ jobs:
  ADMIN_PASSWORD: admin_password
  CONVERTKIT_API_KEY: api_key
  CONVERTKIT_FORM_ID: form_id
+ outputs:
+ releasedPackages: ${{ steps.releasedPackages.outputs.versions }}
  steps:
  - uses: actions/checkout@v4
 
- - name: Cache Node.js modules
- uses: actions/cache@v4
- with:
- path: node_modules
- key: ${{ runner.os }}-yarn-${{ hashFiles('**/*.yarn.lock') }}
- restore-keys: ${{ runner.os }}-yarn-
-
- - name: Set up Node 20
- uses: actions/setup-node@v4
- with:
- node-version: '20'
-
- - name: Install Yarn 4
- run: |
- corepack enable
- yarn set version berry
-
- - name: Install projects dependencies
- run: yarn install
+ - name: Install dependencies
+ uses: ./.github/actions/install-dependencies
 
  - name: Lint the projects
  run: yarn lint
@@ -67,15 +52,22 @@ jobs:
  - build
  steps:
  - uses: actions/checkout@v4
+
  - name: Install Yarn 4
  run: |
  corepack enable
- yarn set version berry
+ yarn set version 4.2.1
+
  - name: Install Vercel CLI
  run: npm install --global vercel@latest
+
  - name: Pull Vercel Environment Information
  run: vercel pull --yes --environment=preview --token=${{ secrets.VERCEL_TOKEN }}
+
  - name: Build Project Artifacts
+ env:
+ APP_VERSION:
  run: vercel build --token=${{ secrets.VERCEL_TOKEN }}
+
  - name: Deploy Project Artifacts to Vercel
  run: vercel deploy --prebuilt --token=${{ secrets.VERCEL_TOKEN }}

.github/workflows/deploy-backend.yml

@@ -1,36 +1,70 @@
-name: Deploy the backend
+name: Deploy the Backend
 on:
  push:
  branches:
- - main
  - dev
  paths:
  - 'apps/core/src/**'
  - 'apps/core/Dockerfile'
 
+ workflow_dispatch:
+ inputs:
+ version:
+ description: 'New version of the backend to release'
+ type: string
+ required: true
+ default: 'latest'
+
 env:
  AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
  AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
  AWS_DEFAULT_REGION: ${{ secrets.AWS_REGION }}
 
 jobs:
+ sourcemaps:
+ runs-on: ubuntu-latest
+ continue-on-error: true
+ steps:
+ - uses: actions/checkout@v4
+
+ - name: Install dependencies
+ uses: ./.github/actions/install-dependencies
+
+ - name: Generate sourcemaps from build
+ run: yarn build:prod --filter=...@snipcode/core
+
+ - name: Create a Sentry release
+ env:
+ SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }}
+ SENTRY_ORG: snipcode
+ SENTRY_PROJECT: backend
+ VERSION: ${{ github.sha }}
+ run: |
+ curl -sL https://sentry.io/get-cli/ | SENTRY_CLI_VERSION="2.2.0" bash
+ sentry-cli releases new "$VERSION"
+ sentry-cli releases files "$VERSION" upload-sourcemaps ./apps/core/build
+ sentry-cli releases finalize "$VERSION"
+
  package:
  runs-on: ubuntu-latest
  steps:
  - uses: actions/checkout@v4
+
  - name: Copy the core Dockerfile in the root repository
  run: cp apps/core/Dockerfile .
+
  - name: Build, tag, and push docker image to Amazon ECR
  env:
  REGISTRY: public.ecr.aws/x9y5g9l2
  REGION: us-east-1 # Public ECR aren't region specific
  REPOSITORY: ${{ (github.ref == 'refs/heads/main' && 'snipcode') || 'snipcode-dev' }}
- IMAGE_TAG: latest
+ IMAGE_TAG: ${{ inputs.version }}
  run: |
  aws ecr-public get-login-password --region $REGION | docker login --username AWS --password-stdin $REGISTRY
  docker build -t $REPOSITORY:$IMAGE_TAG .
  docker tag $REPOSITORY:$IMAGE_TAG $REGISTRY/$REPOSITORY:$IMAGE_TAG
- docker push $REGISTRY/$REPOSITORY:$IMAGE_TAG
+ docker tag $REPOSITORY:$IMAGE_TAG $REGISTRY/$REPOSITORY:latest
+ docker push --all-tags $REGISTRY/$REPOSITORY
 
  deploy:
  runs-on: ubuntu-latest
@@ -41,8 +75,6 @@ jobs:
  - uses: actions/checkout@v4
 
  - name: Deploy the application
- env:
- AWS_REGION: eu-west-1
  run: |
  touch file.json && echo '${{ secrets.CORE_APP_ARN }}' > file.json
- aws apprunner start-deployment --region $AWS_REGION --cli-input-json file:https://file.json
+ aws apprunner start-deployment --region $AWS_DEFAULT_REGION --cli-input-json file:https://file.json

.github/workflows/deploy-embed.yml

@@ -0,0 +1,31 @@
+name: Publish Embed assets to NPM
+on:
+ workflow_dispatch:
+ inputs:
+ version:
+ description: 'New version of the embed to release'
+ type: string
+ required: true
+ default: 'latest'
+
+jobs:
+ publish:
+ runs-on: ubuntu-latest
+ steps:
+ - uses: actions/checkout@v4
+
+ - name: Install dependencies
+ uses: ./.github/actions/install-dependencies
+
+ - name: Publish to NPM
+ working-directory: packages/embed
+ env:
+ NEW_VERSION: ${{ inputs.version }}
+ run: |
+ yarn build:cdn
+ cp package.publish.json build/package.json
+ cp README.publish.md build/README.md
+ cd build
+ jq --arg newVersion "$NEW_VERSION" '.version = $newVersion' package.json > tmp.json && mv tmp.json package.json
+ npm config set //registry.npmjs.org/:_authToken ${{ secrets.NPM_TOKEN }}
+ npm publish --access=public