GitHub Actions expanded

.github/scripts/find-merge-source-branch.sh

@@ -0,0 +1,58 @@
+#!/usr/bin/env bash
+set -o errexit # Abort if any command fails
+me=$(basename "$0")
+help_message="\
+Usage:
+  $me <sha>
+
+Arguments:
+  sha   The commit ID (SHA) of the current commit."
+
+current_commit_id=$1
+
+if [ -z "$current_commit_id" ]; then
+    echo "Missing required argument <sha>."
+    echo "$help_message"
+    exit 1
+fi
+
+# Ensure that we have all branches
+git fetch --all
+git branch -r | grep -v '\->' | while read remote; do
+  branch_name="${remote#origin/}" 
+
+  if git show-ref --verify --quiet "refs/heads/$branch_name" ; then
+    echo "Branch '$branch_name' already exists."
+  else
+    echo "Adding '$branch_name' tracking '$remote'."
+    git branch --track "$branch_name" "$remote";
+  fi
+done
+
+git pull --ff-only --all
+
+# Get the parents. Will return 3 commit IDs, the first being the current
+shas=$(git rev-list --parents -n 1 "$current_commit_id")
+for sha in $shas 
+do
+    # Skip the SHA equal to the current commit
+    [[ $sha == "$current_commit_id" ]] && continue
+
+    branches=$(git branch --contains "$sha")
+
+    echo "$branches" | while read branch ; do
+        # branch=$line
+
+        echo "Looping through branch $branch"
+
+        # Skip branches that are not feature branches
+        [[ $branch != *"feature/"* ]] && continue
+
+        echo "Branch folder we are looking to delete is $branch"
+        echo "::set-output name=BRANCH_TO_DELETE::$branch"
+
+        # Delete feature branch
+        git push origin --delete "$branch"
+
+    done
+done

.github/scripts/update-changelog.sh

@@ -0,0 +1,51 @@
+#!/usr/bin/env bash
+# set -o errexit # Abort if any command fails
+me=$(basename "$0")
+help_message="\
+Usage:
+  $me <version>
+
+Arguments:
+  version   The version of the current release."
+
+version=$1
+
+if [ -z "$version" ]; then
+    echo "Missing required argument <version>."
+    echo "$help_message"
+    exit 1
+fi
+
+release_notes=$(cat RELEASE-NOTES.md)
+changelog=$(sed "s/^# Changelog//" CHANGELOG.md)
+
+begin_notes="<!--- Begin Release ${version} -->"
+end_notes="<!--- End Release ${version} -->"
+
+if grep -F "Begin Release ${version}" CHANGELOG.md
+then
+    echo "Rewriting release ${version} notes."
+
+    new_changelog=$(sed "1,/${end_notes}/d" CHANGELOG.md)
+
+    echo "# Changelog
+
+$begin_notes
+$release_notes
+$end_notes
+$new_changelog" > CHANGELOG.md
+else
+    echo "Adding ${version} notes."
+    echo "# Changelog
+
+$begin_notes
+$release_notes
+$end_notes $changelog" > CHANGELOG.md
+fi
+
+git config user.name github-actions
+git config user.email [email protected]
+git add .
+git commit -m "Update changelog"
+git status
+git push

.github/scripts/variables.sh

@@ -54,13 +54,17 @@ generate_variables() {
 
     if [ "$brand" == "payex" ]; then
         echo ::set-output name=BRAND_NAME::PayEx
-        echo ::set-output name=BRAND_URL::https://payexdesignguide.z6.web.core.windows.net
-        echo ::set-output name=AZURE_ACCOUNT::payexdesignguide
+        echo ::set-output name=BRAND_URL_PROD::https://payexdesignguide.z6.web.core.windows.net
+        echo ::set-output name=BRAND_URL_STAGE::https://design.stage.payex.com
+        echo ::set-output name=AZURE_ACCOUNT_PROD::payexdesignguide
+        echo ::set-output name=AZURE_ACCOUNT_STAGE::pxdesignguidestage
         echo ::set-output name=BUILD_SCRIPT::build:prod:payex
     elif [ "$brand" == "swedbankpay" ]; then
         echo ::set-output name=BRAND_NAME::SwedbankPay
-        echo ::set-output name=BRAND_URL::https://swedbankpaydesignguide.z6.web.core.windows.net
-        echo ::set-output name=AZURE_ACCOUNT::swedbankpaydesignguide
+        echo ::set-output name=BRAND_URL_PROD::https://swedbankpaydesignguide.z6.web.core.windows.net
+        echo ::set-output name=BRAND_URL_STAGE::https://design.stage.swedbankpay.com
+        echo ::set-output name=AZURE_ACCOUNT_PROD::swedbankpaydesignguide
+        echo ::set-output name=AZURE_ACCOUNT_STAGE::spdesignguidestage
         echo ::set-output name=BUILD_SCRIPT::build:prod
     else
         echo "Unknown brand '$brand'!"

.github/workflows/README.md

@@ -0,0 +1,39 @@
+# GitHub Actions build and deploy
+
+This document is meant to explain the steps to take when recovering from a disaster and also to explain the content of this folder.
+
+## Disaster Recovery
+
+Design Guide is hosted on Azure Storage with Locally-redundant storage (LRS). This means that Design Guide is stored with multiple copies and is protected from planned and unplanned events, including transient hardware failures, network or power outages, and massive natural disasters. For more information on redundancy and disaster recovery, check out the [redundancy documentation](https://docs.microsoft.com/en-us/azure/storage/common/storage-redundancy "Redundancy Documentation") and the [storage disaster recovery documentation](https://docs.microsoft.com/en-us/azure/storage/common/storage-disaster-recovery-guidance "Disaster Recovery Documentation")
+
+The deploy procedure is set up to run with GitHub Actions. All workflows can be accessed within this folder.
+
+-   **GitHub repository** needs to be specified (`SwedbankPay/design.swedbankpay.com`).
+-   **Default branch** needs to be set to `master`.
+
+The current configuration is set to make sure a pushed tag will deploy the project.
+
+### General configuration
+
+Setting the following GitHub secrets variables:
+
+-   `AZURE_CREDENTIALS` - Azure credentials used to authenticate with our azure containers.
+-   `SENTRY_TOKEN` - API key to sentry. Used by the `sentry.sh` script during release workflow.
+
+## Workflows
+
+Each workflow executes twice through the use of matrix. One for the Swedbank Pay brand, and one for the PayEx brand. 
+The matrix brand variable is sent to the `variables.sh` script which creates certain variables that are accessible through the `variables` step output and then later used within workflows.
+
+### Main
+
+This workflow is executed on push in either a `feature/**` branch or in the `develop` branch. It installs, builds, tests, and deploys. The branch it deploys will be available at e.g. `design.swedbankpay.com/feature/something` or `design.swedbankpay.com/develop`.
+Note: It will be deployed on both brands. Something that is available at `design.swedbankpay.com/feature/something` will also be available at `design.payex.com/feature/something`.
+
+### Pull Request
+
+This workflow is executed when a pull request is opened. It installs, builds, tests, and checks for size differences in files.
+
+### Release
+
+This workflow is executed whenever a tag is pushed. It installs, builds, tests, deploys, and creates a new release on GitHub.

.github/workflows/create-release.yml

@@ -0,0 +1,101 @@
+name: Create release
+on:
+  push:
+    tags:
+      - '*'
+
+jobs:
+  build:
+    name: Build and deploy release
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        brand: ["payex", "swedbankpay"]
+    steps:
+      - uses: actions/checkout@v2
+
+      # Set brand specific variables
+      - name: Environment variables
+        id: variables
+        run: ./.github/scripts/variables.sh --brand ${{ matrix.brand }} --ref ${{ github.ref }}
+
+      # Add sentry token
+      - name: Sentry token
+        run: ./.github/scripts/sentry.sh
+        env:
+          TOKEN: ${{ secrets.SENTRY_TOKEN }}
+
+      - name: Set Node.js 12.x
+        uses: actions/setup-node@master
+        with:
+          node-version: 12.x
+
+      - name: Cache dependencies
+        uses: actions/cache@v1
+        with:
+          path: ~/.npm
+          key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }}
+          restore-keys: ${{ runner.os }}-node-
+
+      - name: Install
+        run: npm ci && npm i -g codecov
+
+      - name: Tests and linting
+        run: npm run lint && npm run test:codecov
+
+      - name: Build
+        run: npm run ${{ steps.variables.outputs.BUILD_SCRIPT }} -- --env.release=true --env.baseUrl="${{ steps.variables.outputs.BRAND_URL_PROD }}" --env.basename="v/${{ steps.variables.outputs.VERSION }}" --env.semver=${{ steps.variables.outputs.VERSION }} --env.github_actions=true
+
+      - name: Zip Release
+        id: zip
+        env:
+          BRAND: ${{ steps.variables.outputs.BRAND_NAME }}
+        run: |
+          ZIPFILE=${BRAND}-DesignGuide.zip
+          echo "Zipping ${ZIPFILE}"
+          zip -r ${ZIPFILE} dist
+          echo ::set-output name=zipfile::${ZIPFILE}
+
+      - name: Upload zipfile artifact
+        uses: actions/upload-artifact@v1
+        with:
+          name: ${{ steps.zip.outputs.zipfile }}
+          path: ${{ steps.zip.outputs.zipfile }}
+
+      - name: Azure Login
+        uses: azure/login@v1
+        with:
+          creds: ${{ secrets.AZURE_CREDENTIALS }}
+
+      - name: Azure Deploy
+        uses: azure/CLI@v1
+        with:
+          inlineScript: |
+            az storage blob upload-batch -s dist -d \$web --account-name ${{ steps.variables.outputs.AZURE_ACCOUNT_PROD }}
+
+      - name: Create Release
+        id: create_release
+        # Only create a release on one brand to avoid duplicate error
+        if: contains(matrix.brand, 'swedbankpay')
+        uses: actions/create-release@v1
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        with:
+          tag_name: ${{ github.ref }}
+          release_name: Design Guide v${{ steps.variables.outputs.VERSION }}
+          body_path: RELEASE-NOTES.md
+          draft: false
+          prerelease: false
+
+      - name: Upload Release Assets
+        # Only upload assets on one brand to avoid duplicate error
+        if: contains(matrix.brand, 'swedbankpay')
+        uses: actions/upload-release-asset@v1
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        with:
+          upload_url: ${{ steps.create_release.outputs.upload_url }}
+          asset_path: ${{ steps.zip.outputs.zipfile }}
+          asset_name: ${{ steps.zip.outputs.zipfile }}
+          asset_content_type: application/zip
+

.github/workflows/janitor.yml

@@ -0,0 +1,45 @@
+name: Janitor
+on:
+  push:
+    branches:
+      - "develop"
+
+jobs:
+  build:
+    name: Storage container cleanup
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        brand: ["payex", "swedbankpay"]
+    steps:
+      - uses: actions/checkout@v2
+        with:
+          fetch-depth: 2
+
+      - name: Dump GitHub context
+        env:
+          GITHUB_CONTEXT: ${{ toJson(github) }}
+        run: echo "$GITHUB_CONTEXT"
+
+      - name: Check if commit is merge commit
+        id: branch
+        run: ./.github/scripts/find-merge-source-branch.sh ${{ github.sha }}
+
+       # Set brand specific variables
+      - name: Environment variables
+        if: ${{ steps.branch.outputs.BRANCH_TO_DELETE }}
+        id: variables
+        run: ./.github/scripts/variables.sh --brand ${{ matrix.brand }} --ref ${{ github.ref }}
+
+      - name: Azure Login
+        if: ${{ steps.branch.outputs.BRANCH_TO_DELETE }}
+        uses: azure/login@v1
+        with:
+          creds: ${{ secrets.AZURE_CREDENTIALS }}
+
+      - name: Delete feature folders
+        if: ${{ steps.branch.outputs.BRANCH_TO_DELETE }}
+        uses: azure/CLI@v1
+        with:
+          inlineScript: |
+            az storage blob delete-batch -s "\$web" --pattern ${{ steps.branch.outputs.BRANCH_TO_DELETE }}/** --account-name ${{ steps.variables.outputs.AZURE_ACCOUNT_STAGE }}

.github/workflows/main.yml

@@ -1,5 +1,5 @@
 name: Main
-on: 
+on:
   push:
     branches:
       - "feature/**"
@@ -30,22 +30,24 @@ jobs:
         with:
           path: ~/.npm
           key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }}
-          restore-keys: |
-            ${{ runner.os }}-node-
+          restore-keys: ${{ runner.os }}-node-
 
       - name: Install
-        run: npm ci
+        run: npm ci && npm i -g codecov
+
+      - name: Tests and linting
+        run: npm run lint && npm run test:codecov
 
       - name: Build
-        run: npm run ${{ steps.variables.outputs.BUILD_SCRIPT }} -- --env.baseUrl="${{ steps.variables.outputs.BRAND_URL }}" --env.basename=${{ steps.variables.outputs.BRANCH }} --env.semver=${{ steps.variables.outputs.BRANCH }} --env.info_version=${{ steps.variables.outputs.VERSION }} --env.github_actions=true
+        run: npm run ${{ steps.variables.outputs.BUILD_SCRIPT }} -- --env.baseUrl="${{ steps.variables.outputs.BRAND_URL_STAGE }}" --env.basename=${{ steps.variables.outputs.BRANCH }} --env.semver=${{ steps.variables.outputs.BRANCH }} --env.info_version=${{ steps.variables.outputs.VERSION }} --env.github_actions=true
 
       - name: Azure Login
         uses: azure/login@v1
         with:
-          creds: ${{ secrets.AZURE_CREDENTIALS }}
+          creds: ${{ secrets.AZURE_CREDENTIALS_STAGE }}
 
       - name: Azure Deploy
         uses: azure/CLI@v1
         with:
           inlineScript: |
-            az storage blob upload-batch -s dist -d \$web --account-name ${{ steps.variables.outputs.AZURE_ACCOUNT }}
+            az storage blob upload-batch -s dist -d \$web --account-name ${{ steps.variables.outputs.AZURE_ACCOUNT_STAGE }}