add fly.io PR review apps (#9069)

* add fly.io PR review apps * add fly.toml to dockerignore * merge branch instead of applying diff --------- Co-authored-by: repo-ranger[bot] <39074581+repo-ranger[bot]@users.noreply.github.com>
2023-04-16 13:14:01 +01:00
parent 6af9328e6d
commit 8d060fd419
6 changed files with 160 additions and 0 deletions
--- a/.dockerignore
+++ b/.dockerignore
@@ -3,6 +3,7 @@ shields.env
 .git/
 .gitignore
 .vscode/
+fly.toml

 # Improve layer cacheability.
 Dockerfile
--- a/.github/scripts/cleanup-review-apps.sh
+++ b/.github/scripts/cleanup-review-apps.sh
@@ -0,0 +1,10 @@
+#!/bin/bash
+
+set -euxo pipefail
+
+apps=$(flyctl apps list --json | jq -r .[].ID | grep -E "pr-[0-9]+-badges-shields") || exit 0
+
+for app in $apps
+do
+  flyctl apps destroy "$app" -y
+done
--- a/.github/scripts/deploy-review-app.sh
+++ b/.github/scripts/deploy-review-app.sh
@@ -0,0 +1,35 @@
+#!/bin/bash
+
+set -euxo pipefail
+
+app="pr-$PR_NUMBER-badges-shields"
+region="ewr"
+org="shields-io"
+
+# Get PR JSON from the API
+# This will fail if $PR_NUMBER is not a valid PR
+pr_json=$(curl --fail "https://api.github.com/repos/badges/shields/pulls/$PR_NUMBER")
+
+# Attempt to apply the PR diff to the target branch
+# This will fail if it does not merge cleanly
+git config user.name "actions[bot]"
+git config user.email "actions@users.noreply.github.com"
+git fetch origin "pull/$PR_NUMBER/head:pr-$PR_NUMBER"
+git merge "pr-$PR_NUMBER"
+
+# If the app does not already exist, create it
+if ! flyctl status --app "$app"; then
+  flyctl launch --no-deploy --copy-config --name "$app" --region "$region" --org "$org"
+  echo $SECRETS | tr " " "\n" | flyctl secrets import --app "$app"
+fi
+
+# Deploy
+flyctl deploy --app "$app" --region "$region"
+
+# Post a comment on the PR
+app_url=$(flyctl status --app "$app" --json | jq -r .Hostname)
+comment_url=$(echo "$pr_json" | jq .comments_url -r)
+curl "$comment_url" \
+    -X POST \
+    -H "Authorization: token $GITHUB_TOKEN" \
+    --data "{\"body\":\"🚀 Updated review app: https://$app_url\"}"
--- a/.github/workflows/cleanup-review-apps.yml
+++ b/.github/workflows/cleanup-review-apps.yml
@@ -0,0 +1,24 @@
+name: Cleanup Review Apps
+on:
+  schedule:
+    - cron: '0 7 * * *'
+    # At 07:00, daily
+  workflow_dispatch:
+
+jobs:
+  cleanup-review-apps:
+    runs-on: ubuntu-latest
+    environment: 'Review Apps'
+    steps:
+      - uses: actions/checkout@v3
+      - uses: superfly/flyctl-actions/setup-flyctl@master
+
+      - name: install jq
+        run: |
+          sudo apt-get -qq update
+          sudo apt-get install -y jq
+
+      - run: .github/scripts/cleanup-review-apps.sh
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          FLY_API_TOKEN: ${{ secrets.FLY_API_TOKEN }}
--- a/.github/workflows/deploy-review-app.yml
+++ b/.github/workflows/deploy-review-app.yml
@@ -0,0 +1,43 @@
+name: Create/Update Review App
+on:
+  workflow_dispatch:
+    inputs:
+      pr_number:
+        description: 'PR Number to deploy e.g: 1234'
+        required: true
+
+permissions:
+  pull-requests: write
+
+jobs:
+  deploy-review-app:
+    runs-on: ubuntu-latest
+    environment: 'Review Apps'
+    steps:
+      - uses: actions/checkout@v3
+        with:
+          fetch-depth: 0
+      - uses: superfly/flyctl-actions/setup-flyctl@master
+
+      - name: install jq
+        run: |
+          sudo apt-get -qq update
+          sudo apt-get install -y jq
+
+      - run: .github/scripts/deploy-review-app.sh
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          FLY_API_TOKEN: ${{ secrets.FLY_API_TOKEN }}
+          PR_NUMBER: ${{ github.event.inputs.pr_number }}
+          # credentials to set when we create the review app
+          SECRETS: |
+            GH_TOKEN=${{ secrets.GH_PAT }}
+            LIBRARIESIO_TOKENS=${{ secrets.SERVICETESTS_LIBRARIESIO_TOKENS }}
+            OBS_USER=${{ secrets.SERVICETESTS_OBS_USER }}
+            OBS_PASS=${{ secrets.SERVICETESTS_OBS_PASS }}
+            SL_INSIGHT_API_TOKEN=${{ secrets.SERVICETESTS_SL_INSIGHT_USER_UUID }}
+            SL_INSIGHT_USER_UUID=${{ secrets.SERVICETESTS_SL_INSIGHT_API_TOKEN }}
+            TWITCH_CLIENT_ID=${{ secrets.SERVICETESTS_TWITCH_CLIENT_ID }}
+            TWITCH_CLIENT_SECRET=${{ secrets.SERVICETESTS_TWITCH_CLIENT_SECRET }}
+            WHEELMAP_TOKEN=${{ secrets.SERVICETESTS_WHEELMAP_TOKEN }}
+            YOUTUBE_API_KEY=${{ secrets.SERVICETESTS_YOUTUBE_API_KEY }}
--- a/fly.toml
+++ b/fly.toml
@@ -0,0 +1,47 @@
+app = "shields-io-review-apps"
+
+kill_signal = "SIGINT"
+kill_timeout = 5
+processes = []
+
+[env]
+  HTTPS="false"
+  GITLAB_ORIGINS = "https://gitlab.com"
+  METRICS_PROMETHEUS_ENABLED = "false"
+  REQUEST_TIMEOUT_SECONDS = "20"
+  REQUIRE_CLOUDFLARE = "false"
+  USER_AGENT_BASE = "Shields-Review-App"
+
+[deploy]
+  strategy = "immediate"
+
+[experimental]
+  allowed_public_ports = []
+  auto_rollback = true
+
+[[services]]
+  http_checks = []
+  internal_port = 80
+  processes = ["app"]
+  protocol = "tcp"
+  script_checks = []
+
+  [services.concurrency]
+    hard_limit = 25
+    soft_limit = 20
+    type = "connections"
+
+  [[services.ports]]
+    force_https = true
+    handlers = ["http"]
+    port = 80
+
+  [[services.ports]]
+    handlers = ["tls", "http"]
+    port = 443
+
+  [[services.tcp_checks]]
+    grace_period = "1s"
+    interval = "15s"
+    restart_limit = 0
+    timeout = "2s"