fix: refactor stream variants #393

Workflow file for this run

.github/workflows/lint-test-build.yml at 4a7486e

	name: Lint, Test & Build

	on:
	workflow_dispatch:

	pull_request:
	branches:
	- main
	- feature/*
	push:
	branches:
	- main
	- feature/*

	concurrency:
	group: lint-test-build-${{ github.ref }}
	cancel-in-progress: true

	jobs:
	should_run:
	name: Should run?
	runs-on: ubuntu-latest
	outputs:
	should-run: "${{ (github.event_name == 'workflow_dispatch' \|\| steps.regex-match.outputs.match != 'ci: skip') && (github.event_name != 'pull_request' \|\| !github.event.pull_request.draft \|\| steps.regex-match.outputs.match == 'ci: force') }}"
	steps:
	- uses: actions/checkout@v3
	with:
	fetch-depth: 0

	- name: Get last commit message
	run: \|
	git log -1 --no-merges --pretty=format:"%B" -n 1 HEAD \| tee commit_message.txt
	COMMIT_MSG=$(cat commit_message.txt)

	echo "COMMIT_MSG<<EOF" >> $GITHUB_ENV
	echo "$COMMIT_MSG" >> $GITHUB_ENV
	echo "EOF" >> $GITHUB_ENV

	- uses: actions-ecosystem/action-regex-match@v2
	id: regex-match
	with:
	text: ${{ env.COMMIT_MSG }}
	regex: '\bci: (force\|skip)\b'

	lint-test:
	name: Run Lint + Test
	runs-on: ubuntu-latest
	container: ghcr.io/scuffletv/build:latest
	needs: [should_run]
	if: ${{ needs.should_run.outputs.should-run == 'true' }}
	environment: ${{ (github.ref != 'refs/heads/main' && github.ref != 'refs/heads/feature/*' && github.event_name != 'workflow_dispatch') && 'lint-test-build' \|\| '' }}
	services:
	cockroach:
	image: ghcr.io/scuffletv/cockroach:latest
	ports:
	- 26257:26257
	rmq:
	image: bitnami/rabbitmq:latest
	ports:
	- 5672:5672
	env:
	RABBITMQ_USERNAME: rabbitmq
	RABBITMQ_PASSWORD: rabbitmq
	RABBITMQ_VHOSTS: scuffle
	redis:
	image: redis:latest
	ports:
	- 6379:6379
	env:
	DATABASE_URL: postgres://root@cockroach:26257/scuffle
	RMQ_URL: amqp://rabbitmq:rabbitmq@rmq:5672/scuffle
	REDIS_URL: redis://redis:6379

	steps:
	- uses: actions/checkout@v3
	with:
	fetch-depth: 0

	- uses: pnpm/action-setup@v2
	with:
	version: latest

	- name: Install Node
	uses: actions/setup-node@v3
	with:
	cache: "pnpm"
	node-version: 18

	- name: Setup Terraform
	uses: hashicorp/setup-terraform@v2

	- name: Cargo Cache
	uses: Swatinem/rust-cache@v2
	continue-on-error: false
	with:
	prefix-key: lint-test

	- name: Install dependencies
	run: mask bootstrap --no-db --no-docker --no-env --no-rust

	- name: Run migrations
	run: mask db migrate

	- name: Run Lint
	run: mask lint

	- name: Run Test Rust
	run: mask test --no-js --ci

	- name: Upload coverage to Codecov
	uses: codecov/codecov-action@v3
	with:
	token: ${{ secrets.CODECOV_TOKEN }}
	files: lcov.info
	fail_ci_if_error: true

	- name: Install Playwright Dependencies
	run: pnpm --filter website exec playwright install-deps

	- name: Run Test JavaScript
	run: mask test --no-rust

	build:
	name: Run Build
	runs-on: ubuntu-latest
	container: ghcr.io/scuffletv/build:latest
	needs: [lint-test]

	steps:
	- uses: actions/checkout@v3
	with:
	fetch-depth: 0

	- uses: pnpm/action-setup@v2
	with:
	version: latest

	- name: Setup Node
	uses: actions/setup-node@v3
	with:
	cache: "pnpm"
	node-version: 18

	- name: Cargo Cache
	uses: Swatinem/rust-cache@v2
	continue-on-error: false
	with:
	prefix-key: build

	- name: Install dependencies
	run: mask bootstrap --no-db --no-docker --no-env --no-js-tests --no-rust

	- name: Run Build
	run: mask build

	- name: Upload build artifacts
	uses: actions/upload-artifact@v3
	with:
	name: build
	path: \|
	target/x86_64-unknown-linux-gnu/release/api
	target/x86_64-unknown-linux-gnu/release/edge
	target/x86_64-unknown-linux-gnu/release/ingest
	target/x86_64-unknown-linux-gnu/release/edge
	target/x86_64-unknown-linux-gnu/release/transcoder
	frontend/website/build
	frontend/player/dist
	frontend/player/pkg
	frontend/player/demo-dist

	docker:
	name: Build docker images
	runs-on: ubuntu-latest
	needs: [build]
	permissions:
	contents: read
	packages: write

	steps:
	- uses: actions/checkout@v3
	with:
	fetch-depth: 0

	- name: Download build artifacts
	uses: actions/download-artifact@v3
	with:
	name: build

	- name: Set up Docker Buildx
	uses: docker/[email protected]

	- name: Login to GitHub Container Registry
	uses: docker/[email protected]
	with:
	registry: ghcr.io
	username: ${{ github.actor }}
	password: ${{ secrets.GITHUB_TOKEN }}

	- name: Build and push API image
	id: docker_build_api
	uses: docker/[email protected]
	with:
	context: .
	file: ./docker/api.Dockerfile
	load: true
	tags: ghcr.io/scuffletv/api:${{ github.sha }}

	- name: Build and push Edge image
	id: docker_build_edge
	uses: docker/[email protected]
	with:
	context: .
	file: ./docker/edge.Dockerfile
	load: true
	tags: ghcr.io/scuffletv/edge:${{ github.sha }}

	- name: Build and push Ingest image
	id: docker_build_ingest
	uses: docker/[email protected]
	with:
	context: .
	file: ./docker/ingest.Dockerfile
	load: true
	tags: ghcr.io/scuffletv/ingest:${{ github.sha }}

	- name: Build and push Transcoder image
	id: docker_build_transcoder
	uses: docker/[email protected]
	with:
	context: .
	file: ./docker/transcoder.Dockerfile
	load: true
	tags: ghcr.io/scuffletv/transcoder:${{ github.sha }}

	- name: Build and push Website image
	id: docker_build_website
	uses: docker/[email protected]
	with:
	context: .
	file: ./docker/website.Dockerfile
	load: true
	tags: ghcr.io/scuffletv/website:${{ github.sha }}

	- name: Scan API image
	uses: aquasecurity/trivy-action@master
	if: ${{ always() && steps.docker_build_api.outcome == 'success' }}
	with:
	image-ref: ghcr.io/scuffletv/api:${{ github.sha }}
	format: "table"
	exit-code: "1"
	ignore-unfixed: true
	vuln-type: "os,library"
	severity: "CRITICAL,HIGH"

	- name: Scan Edge image
	uses: aquasecurity/trivy-action@master
	if: ${{ always() && steps.docker_build_edge.outcome == 'success' }}
	with:
	image-ref: ghcr.io/scuffletv/edge:${{ github.sha }}
	format: "table"
	exit-code: "1"
	ignore-unfixed: true
	vuln-type: "os,library"
	severity: "CRITICAL,HIGH"

	- name: Scan Ingest image
	uses: aquasecurity/trivy-action@master
	if: ${{ always() && steps.docker_build_ingest.outcome == 'success' }}
	with:
	image-ref: ghcr.io/scuffletv/ingest:${{ github.sha }}
	format: "table"
	exit-code: "1"
	ignore-unfixed: true
	vuln-type: "os,library"
	severity: "CRITICAL,HIGH"

	- name: Scan Transcoder image
	uses: aquasecurity/trivy-action@master
	if: ${{ always() && steps.docker_build_transcoder.outcome == 'success' }}
	with:
	image-ref: ghcr.io/scuffletv/transcoder:${{ github.sha }}
	format: "table"
	exit-code: "1"
	ignore-unfixed: true
	vuln-type: "os,library"
	severity: "CRITICAL,HIGH"

	- name: Scan Website image
	uses: aquasecurity/trivy-action@master
	if: ${{ always() && steps.docker_build_website.outcome == 'success' }}
	with:
	image-ref: ghcr.io/scuffletv/website:${{ github.sha }}
	format: "table"
	exit-code: "1"
	ignore-unfixed: true
	vuln-type: "os,library"
	severity: "CRITICAL,HIGH"

	- name: Tag images and push
	if: ${{ (github.event_name == 'push' && (github.ref == 'refs/heads/main' \|\| startsWith(github.ref, 'refs/heads/feature/'))) \|\| github.event_name == 'workflow_dispatch' }}
	# If the push is to the main branch, tag the image as latest
	# If the workflow is triggered by a workflow_dispatch event, tag the image as workflow_dispatch
	# Otherwise, tag the image with the branch name, in the format of feature-branch-name
	env:
	TAG: ${{ github.ref == 'refs/heads/main' && 'latest' \|\| github.event_name == 'workflow_dispatch' && 'workflow_dispatch' \|\| github.ref_name }}
	run: \|
	# We need to replace the / in the branch name with a - so that it can be used as a tag
	TAG="${TAG//\//-}"

	docker tag ghcr.io/scuffletv/api:${{ github.sha }} ghcr.io/scuffletv/api:$TAG
	docker tag ghcr.io/scuffletv/edge:${{ github.sha }} ghcr.io/scuffletv/edge:$TAG
	docker tag ghcr.io/scuffletv/ingest:${{ github.sha }} ghcr.io/scuffletv/ingest:$TAG
	docker tag ghcr.io/scuffletv/transcoder:${{ github.sha }} ghcr.io/scuffletv/transcoder:$TAG
	docker tag ghcr.io/scuffletv/website:${{ github.sha }} ghcr.io/scuffletv/website:$TAG

	docker push ghcr.io/scuffletv/api:${{ github.sha }}
	docker push ghcr.io/scuffletv/api:$TAG

	docker push ghcr.io/scuffletv/edge:${{ github.sha }}
	docker push ghcr.io/scuffletv/edge:$TAG

	docker push ghcr.io/scuffletv/ingest:${{ github.sha }}
	docker push ghcr.io/scuffletv/ingest:$TAG

	docker push ghcr.io/scuffletv/transcoder:${{ github.sha }}
	docker push ghcr.io/scuffletv/transcoder:$TAG

	docker push ghcr.io/scuffletv/website:${{ github.sha }}
	docker push ghcr.io/scuffletv/website:$TAG

	deploy:
	name: Deploy to Production
	runs-on: ubuntu-latest
	needs: [docker]
	environment: prod
	if: ${{ (github.event_name == 'push' && github.ref == 'refs/heads/main') \|\| github.event_name == 'workflow_dispatch' }}
	steps:
	- uses: actions/checkout@v3
	with:
	fetch-depth: 0

	- name: Setup Terraform
	uses: hashicorp/setup-terraform@v2
	with:
	cli_config_credentials_token: ${{ secrets.TF_API_TOKEN }}

	- name: Run Terraform Apply
	run: \|
	terraform -chdir=terraform init
	terraform -chdir=terraform workspace select prod

	cat > terraform/terraform.tfvars <<EOT
	api_docker_image = "ghcr.io/scuffletv/api:${{ github.sha }}"
	edge_docker_image = "ghcr.io/scuffletv/edge:${{ github.sha }}"
	ingest_docker_image = "ghcr.io/scuffletv/ingest:${{ github.sha }}"
	transcoder_docker_image = "ghcr.io/scuffletv/transcoder:${{ github.sha }}"
	website_docker_image = "ghcr.io/scuffletv/website:${{ github.sha }}"
	EOT

	terraform -chdir=terraform apply

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

fix: refactor stream variants #393

Workflow file

fix: refactor stream variants #393

Jobs

Run details

Workflow file for this run