Add in app verification flow (#13603) #157
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Web CI/CD | |
| on: | |
| push: | |
| branches: | |
| - main | |
| paths: | |
| - 'packages/web/**' | |
| - 'packages/common/**' | |
| - 'packages/harmony/**' | |
| - 'packages/libs/**' | |
| - 'packages/sdk/**' | |
| - 'package-lock.json' | |
| - '.github/workflows/web.yml' | |
| - '.circleci/**' | |
| pull_request: | |
| paths: | |
| - 'packages/web/**' | |
| - 'packages/common/**' | |
| - 'packages/harmony/**' | |
| - 'packages/libs/**' | |
| - 'packages/sdk/**' | |
| - 'package-lock.json' | |
| - '.github/workflows/web.yml' | |
| - '.circleci/**' | |
| workflow_dispatch: | |
| env: | |
| NODE_VERSION: '22.21.1' | |
| jobs: | |
| web-init: | |
| name: Web Init (Install & Cache) | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Setup Node.js | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: ${{ env.NODE_VERSION }} | |
| cache: 'npm' | |
| cache-dependency-path: package-lock.json | |
| - name: Create concatenated patch file | |
| id: patch-file | |
| run: | | |
| ls -d -- packages/*/patches/*.patch 2>/dev/null | xargs cat > combined-patch-file.txt || touch combined-patch-file.txt | |
| echo "patch_checksum=$(sha256sum combined-patch-file.txt | cut -d' ' -f1)" >> $GITHUB_OUTPUT | |
| - name: Cache node modules | |
| id: cache-node-modules | |
| uses: actions/cache@v4 | |
| with: | |
| path: | | |
| node_modules | |
| packages/web/node_modules | |
| packages/harmony/node_modules | |
| packages/common/node_modules | |
| packages/libs/node_modules | |
| packages/sdk/node_modules | |
| key: npm-cache-${{ runner.os }}-node-${{ env.NODE_VERSION }}-${{ hashFiles('package-lock.json') }}-${{ steps.patch-file.outputs.patch_checksum }} | |
| restore-keys: | | |
| npm-cache-${{ runner.os }}-node-${{ env.NODE_VERSION }}-${{ hashFiles('package-lock.json') }}- | |
| - name: Install dependencies | |
| env: | |
| CI: true | |
| SKIP_POD_INSTALL: true | |
| SKIP_ANDROID_INSTALL: true | |
| ANDROID_HOME: /tmp/android-sdk-dummy | |
| NODE_OPTIONS: --max-old-space-size=8192 | |
| run: | | |
| mkdir -p /tmp/android-sdk-dummy | |
| if [[ -d node_modules ]]; then | |
| echo "Using cached node_modules, running postinstall..." | |
| npm run postinstall | |
| else | |
| echo "No cache found, running fresh install..." | |
| # Clear npm cache to avoid EEXIST conflicts | |
| npm cache clean --force || true | |
| # Try npm ci first, fallback to npm install if lock file is out of sync | |
| npm ci --prefer-offline || npm install --prefer-offline | |
| fi | |
| web-lint: | |
| name: Web Lint & Stylelint | |
| runs-on: ubuntu-latest | |
| needs: web-init | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Setup Node.js | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: ${{ env.NODE_VERSION }} | |
| cache: 'npm' | |
| cache-dependency-path: package-lock.json | |
| - name: Create concatenated patch file | |
| id: patch-file | |
| run: | | |
| ls -d -- packages/*/patches/*.patch 2>/dev/null | xargs cat > combined-patch-file.txt || touch combined-patch-file.txt | |
| echo "patch_checksum=$(sha256sum combined-patch-file.txt | cut -d' ' -f1)" >> $GITHUB_OUTPUT | |
| - name: Cache node modules | |
| id: cache-node-modules | |
| uses: actions/cache@v4 | |
| with: | |
| path: | | |
| node_modules | |
| packages/web/node_modules | |
| packages/harmony/node_modules | |
| packages/common/node_modules | |
| packages/libs/node_modules | |
| packages/sdk/node_modules | |
| key: npm-cache-${{ runner.os }}-node-${{ env.NODE_VERSION }}-${{ hashFiles('package-lock.json') }}-${{ steps.patch-file.outputs.patch_checksum }} | |
| restore-keys: | | |
| npm-cache-${{ runner.os }}-node-${{ env.NODE_VERSION }}-${{ hashFiles('package-lock.json') }}- | |
| - name: Install dependencies (if cache miss) | |
| if: steps.cache-node-modules.outputs.cache-hit != 'true' | |
| env: | |
| CI: true | |
| SKIP_POD_INSTALL: true | |
| SKIP_ANDROID_INSTALL: true | |
| ANDROID_HOME: /tmp/android-sdk-dummy | |
| NODE_OPTIONS: --max-old-space-size=8192 | |
| run: | | |
| mkdir -p /tmp/android-sdk-dummy | |
| # Clear npm cache to avoid EEXIST conflicts | |
| npm cache clean --force || true | |
| # Try npm ci first, fallback to npm install if lock file is out of sync | |
| npm ci --prefer-offline || npm install --prefer-offline | |
| - name: Cache for Turbo | |
| uses: rharkor/[email protected] | |
| - name: Lint | |
| run: npx turbo run lint --filter=@audius/web | |
| - name: Stylelint | |
| run: npm run stylelint -w @audius/web | |
| web-typecheck: | |
| name: Web Typecheck | |
| runs-on: ubuntu-latest | |
| needs: web-init | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Setup Node.js | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: ${{ env.NODE_VERSION }} | |
| cache: 'npm' | |
| cache-dependency-path: package-lock.json | |
| - name: Create concatenated patch file | |
| id: patch-file | |
| run: | | |
| ls -d -- packages/*/patches/*.patch 2>/dev/null | xargs cat > combined-patch-file.txt || touch combined-patch-file.txt | |
| echo "patch_checksum=$(sha256sum combined-patch-file.txt | cut -d' ' -f1)" >> $GITHUB_OUTPUT | |
| - name: Cache node modules | |
| id: cache-node-modules | |
| uses: actions/cache@v4 | |
| with: | |
| path: | | |
| node_modules | |
| packages/web/node_modules | |
| packages/harmony/node_modules | |
| packages/common/node_modules | |
| packages/libs/node_modules | |
| packages/sdk/node_modules | |
| key: npm-cache-${{ runner.os }}-node-${{ env.NODE_VERSION }}-${{ hashFiles('package-lock.json') }}-${{ steps.patch-file.outputs.patch_checksum }} | |
| restore-keys: | | |
| npm-cache-${{ runner.os }}-node-${{ env.NODE_VERSION }}-${{ hashFiles('package-lock.json') }}- | |
| - name: Install dependencies (if cache miss) | |
| if: steps.cache-node-modules.outputs.cache-hit != 'true' | |
| env: | |
| CI: true | |
| SKIP_POD_INSTALL: true | |
| SKIP_ANDROID_INSTALL: true | |
| ANDROID_HOME: /tmp/android-sdk-dummy | |
| NODE_OPTIONS: --max-old-space-size=8192 | |
| run: | | |
| mkdir -p /tmp/android-sdk-dummy | |
| # Clear npm cache to avoid EEXIST conflicts | |
| npm cache clean --force || true | |
| # Try npm ci first, fallback to npm install if lock file is out of sync | |
| npm ci --prefer-offline || npm install --prefer-offline | |
| - name: Cache for Turbo | |
| uses: rharkor/[email protected] | |
| - name: Typecheck | |
| run: npx turbo run typecheck --filter=@audius/web | |
| web-test: | |
| name: Web Tests | |
| runs-on: ubuntu-latest | |
| needs: web-init | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Setup Node.js | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: ${{ env.NODE_VERSION }} | |
| cache: 'npm' | |
| cache-dependency-path: package-lock.json | |
| - name: Create concatenated patch file | |
| id: patch-file | |
| run: | | |
| ls -d -- packages/*/patches/*.patch 2>/dev/null | xargs cat > combined-patch-file.txt || touch combined-patch-file.txt | |
| echo "patch_checksum=$(sha256sum combined-patch-file.txt | cut -d' ' -f1)" >> $GITHUB_OUTPUT | |
| - name: Cache node modules | |
| id: cache-node-modules | |
| uses: actions/cache@v4 | |
| with: | |
| path: | | |
| node_modules | |
| packages/web/node_modules | |
| packages/harmony/node_modules | |
| packages/common/node_modules | |
| packages/libs/node_modules | |
| packages/sdk/node_modules | |
| key: npm-cache-${{ runner.os }}-node-${{ env.NODE_VERSION }}-${{ hashFiles('package-lock.json') }}-${{ steps.patch-file.outputs.patch_checksum }} | |
| restore-keys: | | |
| npm-cache-${{ runner.os }}-node-${{ env.NODE_VERSION }}-${{ hashFiles('package-lock.json') }}- | |
| - name: Install dependencies (if cache miss) | |
| if: steps.cache-node-modules.outputs.cache-hit != 'true' | |
| env: | |
| CI: true | |
| SKIP_POD_INSTALL: true | |
| SKIP_ANDROID_INSTALL: true | |
| ANDROID_HOME: /tmp/android-sdk-dummy | |
| NODE_OPTIONS: --max-old-space-size=8192 | |
| run: | | |
| mkdir -p /tmp/android-sdk-dummy | |
| # Clear npm cache to avoid EEXIST conflicts | |
| npm cache clean --force || true | |
| # Try npm ci first, fallback to npm install if lock file is out of sync | |
| npm ci --prefer-offline || npm install --prefer-offline | |
| - name: Cache for Turbo | |
| uses: rharkor/[email protected] | |
| - name: Run tests | |
| timeout-minutes: 30 | |
| run: npm run web:test -- -- run --reporter=default --reporter=junit --outputFile=report.xml | |
| - name: Upload test results | |
| uses: actions/upload-artifact@v4 | |
| if: always() | |
| with: | |
| name: test-results | |
| path: packages/web/report.xml | |
| - name: Upload test output | |
| uses: actions/upload-artifact@v4 | |
| if: always() | |
| with: | |
| name: test-output | |
| path: packages/web/test-output | |
| web-build: | |
| name: Web Build | |
| runs-on: ubuntu-latest | |
| needs: [web-init, web-lint, web-typecheck] | |
| if: github.ref == 'refs/heads/main' | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Setup Node.js | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: ${{ env.NODE_VERSION }} | |
| cache: 'npm' | |
| cache-dependency-path: package-lock.json | |
| - name: Create concatenated patch file | |
| id: patch-file | |
| run: | | |
| ls -d -- packages/*/patches/*.patch 2>/dev/null | xargs cat > combined-patch-file.txt || touch combined-patch-file.txt | |
| echo "patch_checksum=$(sha256sum combined-patch-file.txt | cut -d' ' -f1)" >> $GITHUB_OUTPUT | |
| - name: Cache node modules | |
| id: cache-node-modules | |
| uses: actions/cache@v4 | |
| with: | |
| path: | | |
| node_modules | |
| packages/web/node_modules | |
| packages/harmony/node_modules | |
| packages/common/node_modules | |
| packages/libs/node_modules | |
| packages/sdk/node_modules | |
| key: npm-cache-${{ runner.os }}-node-${{ env.NODE_VERSION }}-${{ hashFiles('package-lock.json') }}-${{ steps.patch-file.outputs.patch_checksum }} | |
| restore-keys: | | |
| npm-cache-${{ runner.os }}-node-${{ env.NODE_VERSION }}-${{ hashFiles('package-lock.json') }}- | |
| - name: Install dependencies (if cache miss) | |
| if: steps.cache-node-modules.outputs.cache-hit != 'true' | |
| env: | |
| CI: true | |
| SKIP_POD_INSTALL: true | |
| SKIP_ANDROID_INSTALL: true | |
| ANDROID_HOME: /tmp/android-sdk-dummy | |
| NODE_OPTIONS: --max-old-space-size=8192 | |
| run: | | |
| mkdir -p /tmp/android-sdk-dummy | |
| # Clear npm cache to avoid EEXIST conflicts | |
| npm cache clean --force || true | |
| # Try npm ci first, fallback to npm install if lock file is out of sync | |
| npm ci --prefer-offline || npm install --prefer-offline | |
| - name: Run postinstall (if cache hit) | |
| if: steps.cache-node-modules.outputs.cache-hit == 'true' | |
| env: | |
| CI: true | |
| SKIP_POD_INSTALL: true | |
| SKIP_ANDROID_INSTALL: true | |
| ANDROID_HOME: /tmp/android-sdk-dummy | |
| NODE_OPTIONS: --max-old-space-size=8192 | |
| run: | | |
| mkdir -p /tmp/android-sdk-dummy | |
| npm run postinstall | |
| - name: Cache for Turbo | |
| uses: rharkor/[email protected] | |
| - name: Build production | |
| timeout-minutes: 30 | |
| run: | | |
| cd packages/web | |
| npm run build:prod | |
| cp package.json build-production | |
| - name: Build SSR production | |
| timeout-minutes: 30 | |
| run: | | |
| cd packages/web | |
| npm run build:ssr:prod | |
| - name: Upload builds | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: builds | |
| path: | | |
| packages/web/build-production | |
| packages/web/build-ssr-production | |
| web-check-ssr-bundlesize: | |
| name: Web Check SSR Bundlesize | |
| runs-on: ubuntu-latest | |
| needs: web-build | |
| if: github.ref == 'refs/heads/main' | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Setup Node.js | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: ${{ env.NODE_VERSION }} | |
| cache: 'npm' | |
| cache-dependency-path: package-lock.json | |
| - name: Create concatenated patch file | |
| id: patch-file | |
| run: | | |
| ls -d -- packages/*/patches/*.patch 2>/dev/null | xargs cat > combined-patch-file.txt || touch combined-patch-file.txt | |
| echo "patch_checksum=$(sha256sum combined-patch-file.txt | cut -d' ' -f1)" >> $GITHUB_OUTPUT | |
| - name: Cache node modules | |
| id: cache-node-modules | |
| uses: actions/cache@v4 | |
| with: | |
| path: | | |
| node_modules | |
| packages/web/node_modules | |
| packages/harmony/node_modules | |
| packages/common/node_modules | |
| packages/libs/node_modules | |
| packages/sdk/node_modules | |
| key: npm-cache-${{ runner.os }}-node-${{ env.NODE_VERSION }}-${{ hashFiles('package-lock.json') }}-${{ steps.patch-file.outputs.patch_checksum }} | |
| restore-keys: | | |
| npm-cache-${{ runner.os }}-node-${{ env.NODE_VERSION }}-${{ hashFiles('package-lock.json') }}- | |
| - name: Install dependencies (if cache miss) | |
| if: steps.cache-node-modules.outputs.cache-hit != 'true' | |
| env: | |
| CI: true | |
| SKIP_POD_INSTALL: true | |
| SKIP_ANDROID_INSTALL: true | |
| ANDROID_HOME: /tmp/android-sdk-dummy | |
| NODE_OPTIONS: --max-old-space-size=8192 | |
| run: | | |
| mkdir -p /tmp/android-sdk-dummy | |
| # Clear npm cache to avoid EEXIST conflicts | |
| npm cache clean --force || true | |
| # Try npm ci first, fallback to npm install if lock file is out of sync | |
| npm ci --prefer-offline || npm install --prefer-offline | |
| - name: Run postinstall (if cache hit) | |
| if: steps.cache-node-modules.outputs.cache-hit == 'true' | |
| env: | |
| CI: true | |
| SKIP_POD_INSTALL: true | |
| SKIP_ANDROID_INSTALL: true | |
| ANDROID_HOME: /tmp/android-sdk-dummy | |
| NODE_OPTIONS: --max-old-space-size=8192 | |
| run: | | |
| mkdir -p /tmp/android-sdk-dummy | |
| npm run postinstall | |
| - name: Download builds | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: builds | |
| path: packages/web | |
| - name: Check bundlesize | |
| run: | | |
| cd packages/web | |
| npm run bundlesize:prod | |
| web-deploy-release-candidate: | |
| name: Web Deploy Release Candidate | |
| runs-on: ubuntu-latest | |
| needs: [web-build, web-check-ssr-bundlesize] | |
| if: github.ref == 'refs/heads/main' | |
| environment: | |
| name: release | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Setup Node.js | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: ${{ env.NODE_VERSION }} | |
| - name: Create concatenated patch file | |
| id: patch-file | |
| run: | | |
| ls -d -- packages/*/patches/*.patch 2>/dev/null | xargs cat > combined-patch-file.txt || touch combined-patch-file.txt | |
| echo "patch_checksum=$(sha256sum combined-patch-file.txt | cut -d' ' -f1)" >> $GITHUB_OUTPUT | |
| - name: Cache node modules | |
| id: cache-node-modules | |
| uses: actions/cache@v4 | |
| with: | |
| path: | | |
| node_modules | |
| packages/web/node_modules | |
| packages/harmony/node_modules | |
| packages/common/node_modules | |
| packages/libs/node_modules | |
| packages/sdk/node_modules | |
| key: npm-cache-${{ runner.os }}-node-${{ env.NODE_VERSION }}-${{ hashFiles('package-lock.json') }}-${{ steps.patch-file.outputs.patch_checksum }} | |
| restore-keys: | | |
| npm-cache-${{ runner.os }}-node-${{ env.NODE_VERSION }}-${{ hashFiles('package-lock.json') }}- | |
| - name: Install dependencies (if cache miss) | |
| if: steps.cache-node-modules.outputs.cache-hit != 'true' | |
| env: | |
| CI: true | |
| SKIP_POD_INSTALL: true | |
| SKIP_ANDROID_INSTALL: true | |
| ANDROID_HOME: /tmp/android-sdk-dummy | |
| NODE_OPTIONS: --max-old-space-size=8192 | |
| run: | | |
| mkdir -p /tmp/android-sdk-dummy | |
| # Clear npm cache to avoid EEXIST conflicts | |
| npm cache clean --force || true | |
| # Try npm ci first, fallback to npm install if lock file is out of sync | |
| npm ci --prefer-offline || npm install --prefer-offline | |
| - name: Run postinstall (if cache hit) | |
| if: steps.cache-node-modules.outputs.cache-hit == 'true' | |
| env: | |
| CI: true | |
| SKIP_POD_INSTALL: true | |
| SKIP_ANDROID_INSTALL: true | |
| ANDROID_HOME: /tmp/android-sdk-dummy | |
| NODE_OPTIONS: --max-old-space-size=8192 | |
| run: | | |
| mkdir -p /tmp/android-sdk-dummy | |
| npm run postinstall | |
| - name: Download builds | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: builds | |
| path: packages/web | |
| - name: Move sourcemaps | |
| run: | | |
| cd packages/web | |
| mkdir -p sourcemaps/assets | |
| mv build-production/assets/*.map sourcemaps/assets | |
| mv build-ssr-production/client/assets/chunks/*.map sourcemaps/assets | |
| mv build-ssr-production/client/assets/entries/*.map sourcemaps/assets | |
| mv build-ssr-production/server/chunks/*.map sourcemaps/assets | |
| mv build-ssr-production/server/entries/*.map sourcemaps/assets | |
| - name: Move build | |
| run: | | |
| cd packages/web | |
| mv build-production build | |
| mv build-ssr-production build-ssr | |
| - name: Copy robots.txt | |
| run: | | |
| cd packages/web | |
| cp ./robots.txt build | |
| cp ./robots.txt build-ssr/client | |
| - name: Copy .well-known files | |
| run: | | |
| cd packages/web | |
| cp -r ./public/.well-known build | |
| - name: Deploy to Cloudflare (Release) | |
| env: | |
| CLOUDFLARE_API_TOKEN: ${{ secrets.CLOUDFLARE_API_TOKEN }} | |
| run: | | |
| cd packages/web | |
| npm_config_yes=true npx [email protected] deploy --config ./src/ssr/wrangler.toml --env release | |
| npm_config_yes=true npx [email protected] deploy --config ./wrangler.toml --env release | |
| - name: Configure AWS credentials | |
| uses: aws-actions/configure-aws-credentials@v4 | |
| with: | |
| aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| aws-region: us-east-1 | |
| - name: Deploy sourcemaps to S3 | |
| run: | | |
| aws s3 sync packages/web/sourcemaps s3://sourcemaps.audius.co --cache-control max-age=604800 | |
| web-deploy: | |
| name: Web Deploy | |
| runs-on: ubuntu-latest | |
| needs: [web-build, web-check-ssr-bundlesize] | |
| if: github.ref == 'refs/heads/main' | |
| environment: | |
| name: production | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Setup Node.js | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: ${{ env.NODE_VERSION }} | |
| - name: Create concatenated patch file | |
| id: patch-file | |
| run: | | |
| ls -d -- packages/*/patches/*.patch 2>/dev/null | xargs cat > combined-patch-file.txt || touch combined-patch-file.txt | |
| echo "patch_checksum=$(sha256sum combined-patch-file.txt | cut -d' ' -f1)" >> $GITHUB_OUTPUT | |
| - name: Cache node modules | |
| id: cache-node-modules | |
| uses: actions/cache@v4 | |
| with: | |
| path: | | |
| node_modules | |
| packages/web/node_modules | |
| packages/harmony/node_modules | |
| packages/common/node_modules | |
| packages/libs/node_modules | |
| packages/sdk/node_modules | |
| key: npm-cache-${{ runner.os }}-node-${{ env.NODE_VERSION }}-${{ hashFiles('package-lock.json') }}-${{ steps.patch-file.outputs.patch_checksum }} | |
| restore-keys: | | |
| npm-cache-${{ runner.os }}-node-${{ env.NODE_VERSION }}-${{ hashFiles('package-lock.json') }}- | |
| - name: Install dependencies (if cache miss) | |
| if: steps.cache-node-modules.outputs.cache-hit != 'true' | |
| env: | |
| CI: true | |
| SKIP_POD_INSTALL: true | |
| SKIP_ANDROID_INSTALL: true | |
| ANDROID_HOME: /tmp/android-sdk-dummy | |
| NODE_OPTIONS: --max-old-space-size=8192 | |
| run: | | |
| mkdir -p /tmp/android-sdk-dummy | |
| # Clear npm cache to avoid EEXIST conflicts | |
| npm cache clean --force || true | |
| # Try npm ci first, fallback to npm install if lock file is out of sync | |
| npm ci --prefer-offline || npm install --prefer-offline | |
| - name: Run postinstall (if cache hit) | |
| if: steps.cache-node-modules.outputs.cache-hit == 'true' | |
| env: | |
| CI: true | |
| SKIP_POD_INSTALL: true | |
| SKIP_ANDROID_INSTALL: true | |
| ANDROID_HOME: /tmp/android-sdk-dummy | |
| NODE_OPTIONS: --max-old-space-size=8192 | |
| run: | | |
| mkdir -p /tmp/android-sdk-dummy | |
| npm run postinstall | |
| - name: Download builds | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: builds | |
| path: packages/web | |
| - name: Move sourcemaps | |
| run: | | |
| cd packages/web | |
| mkdir -p sourcemaps/assets | |
| mv build-production/assets/*.map sourcemaps/assets | |
| mv build-ssr-production/client/assets/chunks/*.map sourcemaps/assets | |
| mv build-ssr-production/client/assets/entries/*.map sourcemaps/assets | |
| mv build-ssr-production/server/chunks/*.map sourcemaps/assets | |
| mv build-ssr-production/server/entries/*.map sourcemaps/assets | |
| - name: Move build | |
| run: | | |
| cd packages/web | |
| mv build-production build | |
| mv build-ssr-production build-ssr | |
| - name: Copy robots.txt | |
| run: | | |
| cd packages/web | |
| cp ./robots.txt build | |
| cp ./robots.txt build-ssr/client | |
| - name: Copy .well-known files | |
| run: | | |
| cd packages/web | |
| cp -r ./public/.well-known build | |
| - name: Deploy to Cloudflare (Production) | |
| env: | |
| CLOUDFLARE_API_TOKEN: ${{ secrets.CLOUDFLARE_API_TOKEN }} | |
| run: | | |
| cd packages/web | |
| npm_config_yes=true npx [email protected] deploy --config ./src/ssr/wrangler.toml --env production | |
| npm_config_yes=true npx [email protected] deploy --config ./wrangler.toml --env production | |
| - name: Slack notification | |
| if: success() | |
| env: | |
| SLACK_WEBHOOK: ${{ secrets.SLACK_DAILY_DEPLOY_WEBHOOK }} | |
| run: | | |
| cd packages/web | |
| deploying_version=$(jq -r '.version' package.json) | |
| job_url="${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}" | |
| json_content="{ \"blocks\": [{ \"type\": \"section\", \"text\": { \"type\": \"mrkdwn\", \"text\": \"Deployed production <${job_url}|v${deploying_version}> to web \n\" } }]}" | |
| curl -f -X POST -H 'Content-type: application/json' --data "$json_content" $SLACK_WEBHOOK | |
| web-deploy-sentry-sourcemaps: | |
| name: Web Deploy Sentry Sourcemaps | |
| runs-on: ubuntu-latest | |
| needs: [web-build, web-check-ssr-bundlesize] | |
| if: github.ref == 'refs/heads/main' | |
| environment: | |
| name: production | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Setup Node.js | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: ${{ env.NODE_VERSION }} | |
| - name: Create concatenated patch file | |
| id: patch-file | |
| run: | | |
| ls -d -- packages/*/patches/*.patch 2>/dev/null | xargs cat > combined-patch-file.txt || touch combined-patch-file.txt | |
| echo "patch_checksum=$(sha256sum combined-patch-file.txt | cut -d' ' -f1)" >> $GITHUB_OUTPUT | |
| - name: Cache node modules | |
| id: cache-node-modules | |
| uses: actions/cache@v4 | |
| with: | |
| path: | | |
| node_modules | |
| packages/web/node_modules | |
| packages/harmony/node_modules | |
| packages/common/node_modules | |
| packages/libs/node_modules | |
| packages/sdk/node_modules | |
| key: npm-cache-${{ runner.os }}-node-${{ env.NODE_VERSION }}-${{ hashFiles('package-lock.json') }}-${{ steps.patch-file.outputs.patch_checksum }} | |
| restore-keys: | | |
| npm-cache-${{ runner.os }}-node-${{ env.NODE_VERSION }}-${{ hashFiles('package-lock.json') }}- | |
| - name: Install dependencies (if cache miss) | |
| if: steps.cache-node-modules.outputs.cache-hit != 'true' | |
| env: | |
| CI: true | |
| SKIP_POD_INSTALL: true | |
| SKIP_ANDROID_INSTALL: true | |
| ANDROID_HOME: /tmp/android-sdk-dummy | |
| NODE_OPTIONS: --max-old-space-size=8192 | |
| run: | | |
| mkdir -p /tmp/android-sdk-dummy | |
| npm ci --prefer-offline | |
| - name: Run postinstall (if cache hit) | |
| if: steps.cache-node-modules.outputs.cache-hit == 'true' | |
| env: | |
| CI: true | |
| SKIP_POD_INSTALL: true | |
| SKIP_ANDROID_INSTALL: true | |
| ANDROID_HOME: /tmp/android-sdk-dummy | |
| NODE_OPTIONS: --max-old-space-size=8192 | |
| run: | | |
| mkdir -p /tmp/android-sdk-dummy | |
| npm run postinstall | |
| - name: Download builds | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: builds | |
| path: packages/web | |
| - name: Cut Sentry release | |
| env: | |
| SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }} | |
| run: | | |
| cd packages/web | |
| ../../node_modules/.bin/sentry-cli --auth-token ${SENTRY_AUTH_TOKEN} releases --org audius --project audius-client new ${{ github.sha }} | |
| - name: Upload sourcemaps | |
| env: | |
| SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }} | |
| run: | | |
| cd packages/web | |
| ../../node_modules/.bin/sentry-cli --auth-token ${SENTRY_AUTH_TOKEN} sourcemaps upload --org audius --project audius-client --release ${{ github.sha }} build-production/static/js | |
| - name: Finalize release | |
| env: | |
| SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }} | |
| run: | | |
| cd packages/web | |
| ../../node_modules/.bin/sentry-cli --auth-token ${SENTRY_AUTH_TOKEN} releases --org audius --project audius-client finalize ${{ github.sha }} | |