🚁 Create a staging environment deployment for pull requests #1965
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: 🚀 Deploy | |
| on: | |
| push: | |
| branches: | |
| - main | |
| pull_request: | |
| types: [opened, reopened, synchronize, closed] | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.ref }} | |
| cancel-in-progress: true | |
| permissions: | |
| actions: write | |
| contents: read | |
| env: | |
| FLY_API_TOKEN: ${{ secrets.FLY_API_TOKEN }} | |
| # Change this if you want to deploy to a different org | |
| FLY_ORG: personal | |
| jobs: | |
| lint: | |
| name: ⬣ ESLint | |
| runs-on: ubuntu-22.04 | |
| steps: | |
| - name: ⬇️ Checkout repo | |
| uses: actions/checkout@v4 | |
| - name: ⎔ Setup node | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: 22 | |
| - name: 📥 Download deps | |
| uses: bahmutov/npm-install@v1 | |
| - name: 🏄 Copy test env vars | |
| run: cp .env.example .env | |
| - name: 🛠 Setup Database | |
| run: npx prisma migrate deploy && npx prisma generate --sql | |
| - name: 🔬 Lint | |
| run: npm run lint | |
| typecheck: | |
| name: ʦ TypeScript | |
| runs-on: ubuntu-22.04 | |
| steps: | |
| - name: ⬇️ Checkout repo | |
| uses: actions/checkout@v4 | |
| - name: ⎔ Setup node | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: 22 | |
| - name: 📥 Download deps | |
| uses: bahmutov/npm-install@v1 | |
| - name: 🏗 Build | |
| run: npm run build | |
| - name: 🏄 Copy test env vars | |
| run: cp .env.example .env | |
| - name: 🛠 Setup Database | |
| run: npx prisma migrate deploy && npx prisma generate --sql | |
| - name: 🔎 Type check | |
| run: npm run typecheck --if-present | |
| vitest: | |
| name: ⚡ Vitest | |
| runs-on: ubuntu-22.04 | |
| steps: | |
| - name: ⬇️ Checkout repo | |
| uses: actions/checkout@v4 | |
| - name: ⎔ Setup node | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: 22 | |
| - name: 📥 Download deps | |
| uses: bahmutov/npm-install@v1 | |
| - name: 🏄 Copy test env vars | |
| run: cp .env.example .env | |
| - name: 🛠 Setup Database | |
| run: npx prisma migrate deploy && npx prisma generate --sql | |
| - name: ⚡ Run vitest | |
| run: npm run test -- --coverage | |
| playwright: | |
| name: 🎭 Playwright | |
| runs-on: ubuntu-22.04 | |
| timeout-minutes: 60 | |
| steps: | |
| - name: ⬇️ Checkout repo | |
| uses: actions/checkout@v4 | |
| - name: 🏄 Copy test env vars | |
| run: cp .env.example .env | |
| - name: ⎔ Setup node | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: 22 | |
| - name: 📥 Download deps | |
| uses: bahmutov/npm-install@v1 | |
| - name: 📥 Install Playwright Browsers | |
| run: npm run test:e2e:install | |
| - name: 🛠 Setup Database | |
| run: npx prisma migrate deploy && npx prisma generate --sql | |
| - name: 🏦 Cache Database | |
| id: db-cache | |
| uses: actions/cache@v4 | |
| with: | |
| path: prisma/data.db | |
| key: | |
| db-cache-schema_${{ hashFiles('./prisma/schema.prisma') | |
| }}-migrations_${{ hashFiles('./prisma/migrations/*/migration.sql') | |
| }} | |
| - name: 🌱 Seed Database | |
| if: steps.db-cache.outputs.cache-hit != 'true' | |
| run: npx prisma migrate reset --force | |
| - name: 🏗 Build | |
| run: npm run build | |
| - name: 🎭 Playwright tests | |
| run: npx playwright test | |
| - name: 📊 Upload report | |
| uses: actions/upload-artifact@v4 | |
| if: always() | |
| with: | |
| name: playwright-report | |
| path: playwright-report/ | |
| retention-days: 30 | |
| container: | |
| name: 📦 Prepare Container | |
| runs-on: ubuntu-24.04 | |
| if: ${{ github.event_name == 'push' && github.ref == 'refs/heads/main' }} | |
| steps: | |
| - name: ⬇️ Checkout repo | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 50 | |
| - name: 👀 Read app name | |
| uses: SebRollen/[email protected] | |
| id: app_name | |
| with: | |
| file: 'fly.toml' | |
| field: 'app' | |
| - name: 🎈 Setup Fly | |
| uses: superfly/flyctl-actions/[email protected] | |
| - name: 📦 Build Production Container | |
| run: | | |
| flyctl deploy \ | |
| --build-only \ | |
| --push \ | |
| --image-label ${{ github.sha }} \ | |
| --build-arg COMMIT_SHA=${{ github.sha }} \ | |
| --build-secret SENTRY_AUTH_TOKEN=${{ secrets.SENTRY_AUTH_TOKEN }} \ | |
| --app ${{ steps.app_name.outputs.value }} | |
| deploy-staging: | |
| name: 🚁 Deploy staging app for PR | |
| runs-on: ubuntu-24.04 | |
| env: | |
| SENTRY_AUTH_TOKEN: 'bla' | |
| if: ${{ github.event.action != 'closed' && 'bla' }} | |
| outputs: | |
| url: ${{ steps.deploy.outputs.url }} | |
| environment: | |
| name: staging | |
| url: ${{ steps.deploy.outputs.url }} | |
| steps: | |
| - name: ⬇️ Checkout repo | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: '50' | |
| - name: 👀 Read app name | |
| uses: SebRollen/[email protected] | |
| id: app_name | |
| with: | |
| file: 'fly.toml' | |
| field: 'app' | |
| - name: 🎈 Setup Fly | |
| uses: superfly/flyctl-actions/[email protected] | |
| - name: 🚁️ Deploy PR app to Fly.io | |
| if: github.event.action != 'closed' | |
| run: | | |
| FLY_APP_NAME="${{ steps.app_name.outputs.value }}-pr-${{ github.event.number }}" | |
| FLY_REGION=$(flyctl config show | jq -r '.primary_region') | |
| # Create app if it doesn't exist | |
| if ! flyctl status --app "$FLY_APP_NAME"; then | |
| # change org name if needed | |
| flyctl apps create $FLY_APP_NAME --org $FLY_ORG | |
| flyctl secrets --app $FLY_APP_NAME set SESSION_SECRET=$(openssl rand -hex 32) HONEYPOT_SECRET=$(openssl rand -hex 32) SENTRY_DSN=${{ secrets.SENTRY_DSN }} RESEND_API_KEY=${{ secrets.RESEND_API_KEY }} | |
| flyctl consul attach --app $FLY_APP_NAME | |
| # Don't log the created tigris secrets! | |
| flyctl storage create --app $FLY_APP_NAME --name epic-stack-$FLY_APP_NAME --yes > /dev/null 2>&1 | |
| fi | |
| flyctl deploy . \ | |
| --ha=false \ # use only one machine for staging | |
| --regions $FLY_REGION \ | |
| --vm-size shared-cpu-1x \ | |
| --env APP_ENV=staging \ | |
| --env ALLOW_INDEXING=false \ | |
| --app $FLY_APP_NAME \ | |
| --image-label ${{ github.sha }} \ | |
| --build-arg COMMIT_SHA=${{ github.sha }} \ | |
| --build-secret SENTRY_AUTH_TOKEN=${{ secrets.SENTRY_AUTH_TOKEN }} | |
| - name: 🧹 Cleanup resources when PR is closed | |
| if: github.event.action == 'closed' | |
| run: | | |
| FLY_APP_NAME="${{ steps.app_name.outputs.value }}-pr-${{ github.event.number }}" | |
| flyctl storage destroy epic-stack-$FLY_APP_NAME --yes || true | |
| flyctl apps destroy "$app" -y || true | |
| deploy: | |
| name: 🚀 Deploy production | |
| runs-on: ubuntu-24.04 | |
| needs: [lint, typecheck, vitest, playwright, container] | |
| if: ${{ github.event_name == 'push' && github.ref == 'refs/heads/main' }} | |
| environment: | |
| name: production | |
| url: https://${{ steps.app_name.outputs.value }}.fly.dev | |
| steps: | |
| - name: ⬇️ Checkout repo | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: '50' | |
| - name: 👀 Read app name | |
| uses: SebRollen/[email protected] | |
| id: app_name | |
| with: | |
| file: 'fly.toml' | |
| field: 'app' | |
| - name: 🎈 Setup Fly | |
| uses: superfly/flyctl-actions/[email protected] | |
| - name: 🚀 Deploy Production | |
| run: | | |
| flyctl deploy \ | |
| --image "registry.fly.io/${{ steps.app_name.outputs.value }}:${{ github.sha }}" |