diff --git a/.github/workflows/dagger_on_fly.yml b/.github/workflows/dagger_on_fly.yml deleted file mode 100644 index f906a82657..0000000000 --- a/.github/workflows/dagger_on_fly.yml +++ /dev/null @@ -1,90 +0,0 @@ -name: "Dagger on Fly.io" - -on: - workflow_call: - secrets: - FLY_WIREGUARD: - required: true - -jobs: - run: - runs-on: ubuntu-latest - steps: - - name: "Checkout code..." - uses: actions/checkout@v3 - - - name: "Set up WireGuard for Fly.io..." - run: | - echo "๐Ÿ”’ Install WireGuard & friends..." - sudo DEBIAN_FRONTEND=noninteractive apt-get install -yq --no-install-recommends wireguard-tools openresolv - echo "๐Ÿ” Configure WireGuard tunnel..." - printf "${{ secrets.FLY_WIREGUARD }}" | sudo tee /etc/wireguard/fly.conf - sudo wg-quick up fly - echo "๐Ÿฉป Check IPv6 routes..." - sudo ip -6 route list - echo "๐Ÿฉป Check DNS resolution..." - sudo resolvconf -v - - - uses: actions/setup-go@v4 - with: - go-version: "1.20" - cache-dependency-path: "magefiles/go.sum" - - - name: "Start remote Dagger Engine..." - env: - FLY_API_TOKEN: ${{ secrets.FLY_API_TOKEN }} - FLY_PRIMARY_DAGGER_ENGINE_MACHINE_ID: "${{ vars.FLY_PRIMARY_DAGGER_ENGINE_MACHINE_ID }}" - FLY_SECONDARY_DAGGER_ENGINE_MACHINE_ID: "${{ vars.FLY_SECONDARY_DAGGER_ENGINE_MACHINE_ID }}" - run: | - cd magefiles - go run main.go -w ../ fly:DaggerStart - - - name: "Build, test, publish & deploy using remote Dagger Engine..." - env: - DAGGER_ENGINE_HOST: ${{ vars.DAGGER_ENGINE_HOST }} - DAGGER_ENGINE_HOST_PORT: ${{ vars.DAGGER_ENGINE_HOST_PORT }} - FLY_DNS_SERVER: ${{ vars.FLY_DNS_SERVER }} - IMAGE_OWNER: "${{ vars.IMAGE_OWNER }}" - GHCR_USERNAME: "${{ github.actor }}" - GHCR_PASSWORD: "${{ secrets.GHCR_PASSWORD }}" - FLY_API_TOKEN: ${{ secrets.FLY_API_TOKEN }} - R2_API_HOST: "${{ secrets.R2_API_HOST }}" - R2_ACCESS_KEY_ID: "${{ secrets.R2_ACCESS_KEY_ID }}" - R2_SECRET_ACCESS_KEY: "${{ secrets.R2_SECRET_ACCESS_KEY }}" - R2_ASSETS_BUCKET: "${{ env.R2_ASSETS_BUCKET }}" - OBAN_KEY_FINGERPRINT: "${{ secrets.OBAN_KEY_FINGERPRINT }}" - OBAN_LICENSE_KEY: "${{ secrets.OBAN_LICENSE_KEY }}" - run: | - echo "๐Ÿคจ Can we ping ${FLY_DNS_SERVER:?must be set}?" - ping6 -c 3 "$FLY_DNS_SERVER" - echo "๐Ÿคจ Can we resolve ${DAGGER_ENGINE_HOST:?must be set} via ${FLY_DNS_SERVER}?" - dig +short "$DAGGER_ENGINE_HOST" AAAA @"$FLY_DNS_SERVER" - - export DAGGER_ENGINE_HOST_IP6="$(dig +short "$DAGGER_ENGINE_HOST" AAAA @"$FLY_DNS_SERVER")" - echo "๐Ÿคจ Can we ping $DAGGER_ENGINE_HOST_IP6?" - ping6 -c 3 "$DAGGER_ENGINE_HOST_IP6" - echo "๐Ÿคจ Can we connect to Dagger running on $DAGGER_ENGINE_HOST_IP6?" - nc -vz6 "$DAGGER_ENGINE_HOST_IP6" "${DAGGER_ENGINE_HOST_PORT:?must be set}" - - cd magefiles - echo "๐Ÿšฆ Run on tcp://[$DAGGER_ENGINE_HOST_IP6]:$DAGGER_ENGINE_HOST_PORT..." - _EXPERIMENTAL_DAGGER_RUNNER_HOST="tcp://[$DAGGER_ENGINE_HOST_IP6]:$DAGGER_ENGINE_HOST_PORT" go run main.go -w ../ ci cd - - - name: "Stop remote Dagger Engine..." - env: - FLY_API_TOKEN: ${{ secrets.FLY_API_TOKEN }} - FLY_PRIMARY_DAGGER_ENGINE_MACHINE_ID: "${{ vars.FLY_PRIMARY_DAGGER_ENGINE_MACHINE_ID }}" - FLY_SECONDARY_DAGGER_ENGINE_MACHINE_ID: "${{ vars.FLY_SECONDARY_DAGGER_ENGINE_MACHINE_ID }}" - run: | - cd magefiles - go run main.go -w ../ fly:DaggerStop - - - name: "Announce deploy in #dev Slack..." - if: ${{ github.repository == 'thechangelog/changelog.com' && github.ref_name == 'master' }} - uses: rtCamp/action-slack-notify@v2 - env: - MSG_MINIMAL: "commit,actions url" - SLACK_CHANNEL: dev - SLACK_USERNAME: "GitHub Actions" - SLACK_FOOTER: "Just got shipped to https://changelog.com" - SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }} diff --git a/.github/workflows/dagger_on_namespace.yml b/.github/workflows/dagger_on_namespace.yml new file mode 100644 index 0000000000..6ad59f8703 --- /dev/null +++ b/.github/workflows/dagger_on_namespace.yml @@ -0,0 +1,52 @@ +name: "Dagger on Namespace" + +on: + workflow_call: + +jobs: + run: + runs-on: namespace-profile-changelog + steps: + - name: "Checkout code..." + uses: namespacelabs/nscloud-checkout-action@v5 + + - uses: actions/setup-go@v5 + with: + go-version: "1.20" + cache-dependency-path: "magefiles/go.sum" + + - name: "Provision Dagger with local cache" + run: | + docker run \ + --name dagger-0-6-4 \ + --detach --restart always \ + --volume /cache/dagger-0-6-4:/var/lib/dagger \ + --privileged \ + registry.dagger.io/engine:v0.6.4 + + - name: "Build, test, publish & deploy..." + env: + IMAGE_OWNER: "${{ vars.IMAGE_OWNER }}" + GHCR_USERNAME: "${{ github.actor }}" + GHCR_PASSWORD: "${{ secrets.GHCR_PASSWORD }}" + FLY_API_TOKEN: ${{ secrets.FLY_API_TOKEN }} + R2_API_HOST: "${{ secrets.R2_API_HOST }}" + R2_ACCESS_KEY_ID: "${{ secrets.R2_ACCESS_KEY_ID }}" + R2_SECRET_ACCESS_KEY: "${{ secrets.R2_SECRET_ACCESS_KEY }}" + R2_ASSETS_BUCKET: "${{ env.R2_ASSETS_BUCKET }}" + OBAN_KEY_FINGERPRINT: "${{ secrets.OBAN_KEY_FINGERPRINT }}" + OBAN_LICENSE_KEY: "${{ secrets.OBAN_LICENSE_KEY }}" + _EXPERIMENTAL_DAGGER_RUNNER_HOST: "docker-container://dagger-0-6-4" + run: | + cd magefiles + go run main.go -w ../ ci cd + + - name: "Announce deploy in #dev Slack..." + if: ${{ github.repository == 'thechangelog/changelog.com' && github.ref_name == 'master' }} + uses: rtCamp/action-slack-notify@v2 + env: + MSG_MINIMAL: "commit,actions url" + SLACK_CHANNEL: dev + SLACK_USERNAME: "GitHub Actions" + SLACK_FOOTER: "Just got shipped to https://changelog.com" + SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }} diff --git a/.github/workflows/ship_it.yml b/.github/workflows/ship_it.yml index d3e9c31e64..d962a69770 100644 --- a/.github/workflows/ship_it.yml +++ b/.github/workflows/ship_it.yml @@ -16,28 +16,29 @@ on: jobs: # In thechangelog/changelog repository (a.k.a. upstream), # this is the preferred default: - dagger-on-fly: - if: ${{ contains(vars.RUNS_ON, 'fly') }} - uses: ./.github/workflows/dagger_on_fly.yml + dagger-on-namespace: + if: ${{ contains(vars.RUNS_ON, 'namespace') }} + uses: ./.github/workflows/dagger_on_namespace.yml secrets: inherit - # When our Fly.io setup misbehaves, we want a fallback: + # Just in case Namespace.so misbehaves, we want a fallback: + # a.k.a. "Always run 2 of everything" dagger-on-github-fallback: - needs: dagger-on-fly + needs: dagger-on-namespace if: ${{ failure() }} uses: ./.github/workflows/dagger_on_github.yml secrets: inherit - # As forks will not have access to our Fly.io, - # we fallback to GitHub default: - dagger-on-github: - if: ${{ !contains(vars.RUNS_ON, 'fly') }} - uses: ./.github/workflows/dagger_on_github.yml - secrets: inherit - # This is an experimental job which only runs the CI part of our pipeline. # In other words, this does not run CD, it does not deploy our app. dagger-on-k8s: if: ${{ contains(vars.RUNS_ON, 'k8s') }} uses: ./.github/workflows/dagger_on_k8s.yml secrets: inherit + + # As forks will not have access to our Namespace.so, + # we fallback to GitHub default: + dagger-on-github: + if: ${{ !contains(vars.RUNS_ON, 'namespace') }} + uses: ./.github/workflows/dagger_on_github.yml + secrets: inherit