Add API for abuse logging #447
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: CI | |
on: push | |
jobs: | |
build-module: | |
name: Build & test npm module | |
runs-on: ubuntu-latest | |
defaults: | |
run: | |
working-directory: module | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: actions/setup-node@v4 | |
with: | |
node-version: 20 | |
- run: npm install | |
# Just check the code compiles | |
- run: npm run build | |
build-api: | |
name: Build & test API | |
runs-on: ubuntu-latest | |
defaults: | |
run: | |
working-directory: api | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: actions/setup-node@v4 | |
with: | |
node-version: 20 | |
- run: npm ci | |
- run: npm test | |
build-dashboard: | |
name: Build & test dashboard | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: actions/setup-node@v4 | |
with: | |
node-version: 20 | |
- name: Dashboard NPM CI | |
run: npm ci | |
working-directory: ui | |
- run: npm run build:ui | |
env: | |
ACCOUNTS_API: '/api' # UI always uses the matching-origin API | |
VERSION: ${{ github.sha }} | |
NODE_ENV: production | |
SENTRY_DSN: ${{ secrets.SENTRY_DSN }} | |
- uses: actions/upload-artifact@v4 | |
with: | |
name: dashboard-dist | |
path: dist/* | |
if-no-files-found: error | |
build-completed: | |
name: Build completed | |
runs-on: ubuntu-latest | |
needs: | |
- build-module | |
- build-api | |
- build-dashboard | |
steps: | |
- run: echo 'Build completed' | |
deploy-api: | |
name: Deploy API to production | |
if: github.event_name == 'push' && github.ref == 'refs/heads/main' | |
environment: production | |
needs: build-completed | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: docker/setup-buildx-action@v3 | |
- name: Login to DockerHub | |
uses: docker/login-action@v3 | |
with: | |
username: ${{ secrets.DOCKERHUB_USERNAME }} | |
password: ${{ secrets.DOCKERHUB_TOKEN }} | |
- name: Extract Docker metadata | |
id: meta | |
uses: docker/metadata-action@v5 | |
with: | |
github-token: ${{ secrets.GITHUB_TOKEN }} | |
images: httptoolkit/accounts-api | |
tags: | | |
type=raw,value=prod,enable={{is_default_branch}} | |
type=raw,value=latest,enable={{is_default_branch}} | |
type=sha | |
- name: Build & publish API image to Docker Hub | |
uses: docker/build-push-action@v5 | |
with: | |
context: api/ | |
push: ${{ github.event_name != 'pull_request' }} | |
tags: ${{ steps.meta.outputs.tags }} | |
labels: ${{ steps.meta.outputs.labels }} | |
build-args: VERSION=${{ github.sha }} | |
- name: Redeploy container | |
uses: httptoolkit/scaleway-serverless-container-deploy-action@v1 | |
with: | |
container_id: ${{ vars.SCW_API_CONTAINER_ID }} | |
region: ${{ vars.SCW_API_CONTAINER_REGION }} | |
secret_key: ${{ secrets.SCW_SECRET_KEY }} | |
registry_image_url: "registry.hub.docker.com/httptoolkit/accounts-api:prod" | |
- name: Redeploy failover container | |
uses: httptoolkit/scaleway-serverless-container-deploy-action@v1 | |
with: | |
container_id: ${{ vars.SCW_FAILOVER_API_CONTAINER_ID }} | |
region: ${{ vars.SCW_FAILOVER_API_CONTAINER_REGION }} | |
secret_key: ${{ secrets.SCW_SECRET_KEY }} | |
registry_image_url: "registry.hub.docker.com/httptoolkit/accounts-api:prod" | |
deploy-dashboard: | |
name: Deploy Dashboard to production | |
if: github.event_name == 'push' && github.ref == 'refs/heads/main' | |
environment: production | |
needs: build-completed | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: actions/download-artifact@v4 | |
with: | |
name: dashboard-dist | |
path: dashboard-dist | |
- name: Publish to Bunny.net FTP | |
uses: SamKirkland/[email protected] | |
with: | |
local-dir: ./dashboard-dist/ | |
server-dir: /${{ vars.FTP_USERNAME }}/ | |
protocol: ftps | |
log-level: verbose | |
server: ${{ vars.FTP_HOSTNAME }} | |
username: ${{ vars.FTP_USERNAME }} | |
password: ${{ secrets.FTP_PASSWORD }} | |
timeout: 60000 | |
post-deploy: | |
name: Update CDN after deploy | |
environment: production | |
needs: | |
- deploy-api | |
- deploy-dashboard | |
runs-on: ubuntu-latest | |
steps: | |
- name: Flush CDN cache | |
run: | | |
# Clear CDN cache to re-request content: | |
curl -f --request POST \ | |
--url https://api.bunny.net/pullzone/$BUNNY_PULL_ZONE_ID/purgeCache \ | |
--header "AccessKey: $BUNNY_SITE_API_KEY" | |
env: | |
BUNNY_PULL_ZONE_ID: ${{ vars.BUNNY_PULL_ZONE_ID }} | |
BUNNY_SITE_API_KEY: ${{ secrets.BUNNY_SITE_API_KEY }} |