build: containerize apps #46
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI | ||
| on: | ||
| push: | ||
| branches: | ||
| - main | ||
| pull_request: | ||
| permissions: | ||
| actions: read | ||
| contents: read | ||
| env: | ||
| NX_CLOUD_ACCESS_TOKEN: ${{ secrets.NX_CLOUD_ACCESS_TOKEN }} | ||
| jobs: | ||
| main: | ||
| runs-on: ubuntu-latest | ||
| permissions: | ||
| packages: write | ||
| contents: write | ||
| steps: | ||
| - name: Set up Docker Buildx | ||
| uses: docker/setup-buildx-action@v3 | ||
| - uses: actions/checkout@v4 | ||
| with: | ||
| fetch-depth: 0 | ||
| ref: ${{ github.head_ref }} | ||
| - name: Setup git | ||
| id: git | ||
| uses: ./.github/actions/setup-git | ||
| # This enables task distribution via Nx Cloud | ||
| # Run this command as early as possible, before dependencies are installed | ||
| # Learn more at https://nx.dev/ci/reference/nx-cloud-cli#npx-nxcloud-startcirun | ||
| # - run: npx nx-cloud start-ci-run --distribute-on="3 linux-medium-js" --stop-agents-after="build" | ||
| # Cache node_modules | ||
| - uses: actions/setup-node@v4 | ||
| with: | ||
| node-version: 20 | ||
| cache: 'npm' | ||
| - run: npm ci --legacy-peer-deps | ||
| - uses: nrwl/nx-set-shas@v4 | ||
| # Prepend any command with "nx-cloud record --" to record its logs to Nx Cloud | ||
| # - run: npx nx-cloud record -- echo Hello World | ||
| # Nx Affected runs only tasks affected by the changes in this PR/commit. Learn more: https://nx.dev/ci/features/affected | ||
| - run: npx nx affected -t lint test build typecheck | ||
| - name: Version | ||
| env: | ||
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | ||
| THDK_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | ||
| run: | | ||
| if [[ "${{ steps.git.outputs.branch-name }}" == "main" ]]; then | ||
| npx nx release --skip-publish | ||
| else | ||
| npx nx release version --preid ${{ steps.git.outputs.commit-sha-short }} --no-git-commit --no-git-tag | ||
| fi | ||
| - name: Push version bumps, tags and changelogs | ||
| if: ${{ steps.git.outputs.branch-name == 'main' }} | ||
| run: | | ||
| git push | ||
| git push --tags | ||
| env: | ||
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | ||
| - name: Publish | ||
| run: | | ||
| npx nx release publish --group packages --yes | ||
| env: | ||
| THDK_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | ||
| # Excluding dependendencies as they should have been already executed and | ||
| # we can't rely on the cache to detect the dependencies no longer need to be ran | ||
| # since it is busted by writing versions to generated pacakge.json files | ||
| - name: Containerize | ||
| run: | | ||
| npx nx run-many --target docker-build --exclude-task-dependencies | ||
