From 22317652eba6921c5a3f688b87d2851db8332178 Mon Sep 17 00:00:00 2001 From: vinu-deriv Date: Mon, 20 Jan 2025 11:33:57 +0400 Subject: [PATCH 01/20] feat: added vercel workflow --- .github/workflows/deploy-preview.yml | 50 +++++++++++++++++++++++++ .github/workflows/deploy-production.yml | 37 ++++++++++++++++++ src/common/utils/index.tsx | 10 ----- src/pages/trading/index.tsx | 3 +- 4 files changed, 88 insertions(+), 12 deletions(-) create mode 100644 .github/workflows/deploy-preview.yml create mode 100644 .github/workflows/deploy-production.yml diff --git a/.github/workflows/deploy-preview.yml b/.github/workflows/deploy-preview.yml new file mode 100644 index 0000000..631ca4c --- /dev/null +++ b/.github/workflows/deploy-preview.yml @@ -0,0 +1,50 @@ +name: Deploy Preview +on: + pull_request: + types: [opened, synchronize, reopened] + +env: + VERCEL_ORG_ID: ${{ secrets.VERCEL_ORG_ID }} + VERCEL_PROJECT_ID: ${{ secrets.VERCEL_PROJECT_ID }} + REACT_APP_WS_PORT: ${{ secrets.REACT_APP_WS_PORT }} + REACT_APP_WS_URL: ${{ secrets.REACT_APP_WS_URL }} + REACT_CURRENT_ENVIRONMENT: preview + REACT_OAUTH_URL: ${{ secrets.REACT_OAUTH_URL }} + +jobs: + Deploy-Preview: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v3 + + - name: Setup Node.js + uses: actions/setup-node@v3 + with: + node-version: '18' + cache: 'npm' + + - name: Install Dependencies + run: npm ci + + - name: Install Vercel CLI + run: npm install --global vercel@latest + + - name: Build Project + run: npm run build + + - name: Deploy to Vercel + run: | + DEPLOYMENT_URL=$(vercel deploy --token=${{ secrets.VERCEL_TOKEN }} --yes) + echo "DEPLOYMENT_URL=$DEPLOYMENT_URL" >> $GITHUB_ENV + + - name: Comment on PR + uses: actions/github-script@v6 + with: + script: | + const deploymentUrl = process.env.DEPLOYMENT_URL; + github.rest.issues.createComment({ + issue_number: context.issue.number, + owner: context.repo.owner, + repo: context.repo.repo, + body: `šŸš€ Preview deployment is ready! \n\nDeployed to: ${deploymentUrl}` + }); diff --git a/.github/workflows/deploy-production.yml b/.github/workflows/deploy-production.yml new file mode 100644 index 0000000..5764a26 --- /dev/null +++ b/.github/workflows/deploy-production.yml @@ -0,0 +1,37 @@ +name: Deploy Production +on: + push: + branches: + - main # or master, depending on your default branch + +env: + VERCEL_ORG_ID: ${{ secrets.VERCEL_ORG_ID }} + VERCEL_PROJECT_ID: ${{ secrets.VERCEL_PROJECT_ID }} + REACT_APP_WS_PORT: ${{ secrets.REACT_APP_WS_PORT }} + REACT_APP_WS_URL: ${{ secrets.REACT_APP_WS_URL }} + REACT_CURRENT_ENVIRONMENT: production + REACT_OAUTH_URL: ${{ secrets.REACT_OAUTH_URL }} + +jobs: + Deploy-Production: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v3 + + - name: Setup Node.js + uses: actions/setup-node@v3 + with: + node-version: '18' + cache: 'npm' + + - name: Install Dependencies + run: npm ci + + - name: Install Vercel CLI + run: npm install --global vercel@latest + + - name: Build Project + run: npm run build + + - name: Deploy to Vercel + run: vercel deploy --prod --token=${{ secrets.VERCEL_TOKEN }} --yes diff --git a/src/common/utils/index.tsx b/src/common/utils/index.tsx index d6c139c..345fda8 100644 --- a/src/common/utils/index.tsx +++ b/src/common/utils/index.tsx @@ -11,16 +11,6 @@ export const isBrowser = (): boolean => typeof window !== "undefined"; * @param path - Optional path to append to the base URL * @returns The complete URL path */ -/** - * Gets the chart URL based on environment - * @param path - Path to append to the chart URL - * @returns The complete chart URL - */ -export const getChartUrl = (): string => { - const baseUrl = - process.env.REACT_CURRENT_ENVIRONMENT === "local" ? "" : "/trade-rise-fall"; - return `${baseUrl}/js/smartcharts/`; -}; export const isLogged = (): boolean => { return authStore.isAuthenticated; diff --git a/src/pages/trading/index.tsx b/src/pages/trading/index.tsx index eed5945..7c9ae9f 100644 --- a/src/pages/trading/index.tsx +++ b/src/pages/trading/index.tsx @@ -1,12 +1,11 @@ import React, { useEffect } from "react"; import DerivTrading from "../../features/DerivTrading"; import { setSmartChartsPublicPath } from "@deriv/deriv-charts"; -import { getChartUrl } from "../../common/utils"; const TradingPage: React.FC = () => { useEffect(() => { try { - const chartsPath = getChartUrl(); + const chartsPath = "/js/smartcharts/"; setSmartChartsPublicPath(chartsPath); } catch (error) { console.error("Failed to initialize charts:", error); From 45bbfcccaf5892ad74f5e8653c10607aace7dd79 Mon Sep 17 00:00:00 2001 From: vinu-deriv Date: Mon, 20 Jan 2025 11:39:50 +0400 Subject: [PATCH 02/20] fix: add permission for github workflow --- .github/workflows/deploy-preview.yml | 4 ++++ .github/workflows/deploy-production.yml | 2 +- 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/.github/workflows/deploy-preview.yml b/.github/workflows/deploy-preview.yml index 631ca4c..83afb63 100644 --- a/.github/workflows/deploy-preview.yml +++ b/.github/workflows/deploy-preview.yml @@ -11,6 +11,10 @@ env: REACT_CURRENT_ENVIRONMENT: preview REACT_OAUTH_URL: ${{ secrets.REACT_OAUTH_URL }} +permissions: + pull-requests: write + contents: read + jobs: Deploy-Preview: runs-on: ubuntu-latest diff --git a/.github/workflows/deploy-production.yml b/.github/workflows/deploy-production.yml index 5764a26..90e8111 100644 --- a/.github/workflows/deploy-production.yml +++ b/.github/workflows/deploy-production.yml @@ -2,7 +2,7 @@ name: Deploy Production on: push: branches: - - main # or master, depending on your default branch + - master env: VERCEL_ORG_ID: ${{ secrets.VERCEL_ORG_ID }} From ccf6d838c259b295b157e026d4d3ad19d38cbe5a Mon Sep 17 00:00:00 2001 From: vinu-deriv Date: Mon, 20 Jan 2025 11:52:13 +0400 Subject: [PATCH 03/20] fix: create PR link even for forked branch --- .github/workflows/deploy-preview.yml | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/.github/workflows/deploy-preview.yml b/.github/workflows/deploy-preview.yml index 83afb63..55cb200 100644 --- a/.github/workflows/deploy-preview.yml +++ b/.github/workflows/deploy-preview.yml @@ -1,6 +1,6 @@ name: Deploy Preview on: - pull_request: + pull_request_target: types: [opened, synchronize, reopened] env: @@ -14,12 +14,17 @@ env: permissions: pull-requests: write contents: read + deployments: write jobs: Deploy-Preview: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - name: Checkout + uses: actions/checkout@v3 + with: + ref: ${{ github.event.pull_request.head.sha }} + fetch-depth: 0 - name: Setup Node.js uses: actions/setup-node@v3 From e61a2818769ae2e9cb78f21534a3e26e0157bfa7 Mon Sep 17 00:00:00 2001 From: vinu-deriv Date: Mon, 20 Jan 2025 12:59:53 +0400 Subject: [PATCH 04/20] fix: route for app --- rsbuild.config.ts | 2 +- src/App.tsx | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/rsbuild.config.ts b/rsbuild.config.ts index 91a8045..a3da69e 100644 --- a/rsbuild.config.ts +++ b/rsbuild.config.ts @@ -31,7 +31,7 @@ export default defineConfig({ }, }, output: { - assetPrefix: "/trade-rise-fall/", + assetPrefix: "/", copy: [ { from: "node_modules/@deriv/deriv-charts/dist/*", diff --git a/src/App.tsx b/src/App.tsx index 6ee6910..9223bb4 100644 --- a/src/App.tsx +++ b/src/App.tsx @@ -81,7 +81,7 @@ const App: React.FC = observer(() => { return ( - + From 101d48006c02cfd7ed37382f51a7068646c99631 Mon Sep 17 00:00:00 2001 From: vinu-deriv Date: Mon, 20 Jan 2025 13:08:50 +0400 Subject: [PATCH 05/20] fix: rx-build fix --- rsbuild.config.ts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/rsbuild.config.ts b/rsbuild.config.ts index a3da69e..7586f0b 100644 --- a/rsbuild.config.ts +++ b/rsbuild.config.ts @@ -19,7 +19,7 @@ export default defineConfig({ ], source: { entry: { - index: "./src/main.jsx", + index: "./src/main.tsx", }, define: { "process.env": JSON.stringify(process.env), From ef12318622232814139266d3e6ec12faebac79c8 Mon Sep 17 00:00:00 2001 From: vinu-deriv Date: Mon, 20 Jan 2025 13:14:09 +0400 Subject: [PATCH 06/20] fix: fix vercel deployment path --- .github/workflows/deploy-preview.yml | 5 +++-- index.html | 2 +- 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/.github/workflows/deploy-preview.yml b/.github/workflows/deploy-preview.yml index 55cb200..cf31e4a 100644 --- a/.github/workflows/deploy-preview.yml +++ b/.github/workflows/deploy-preview.yml @@ -1,7 +1,8 @@ name: Deploy Preview on: - pull_request_target: - types: [opened, synchronize, reopened] + pull_request: + branches: + - master env: VERCEL_ORG_ID: ${{ secrets.VERCEL_ORG_ID }} diff --git a/index.html b/index.html index 554e4f2..0bba582 100644 --- a/index.html +++ b/index.html @@ -3,7 +3,7 @@ - + Date: Mon, 20 Jan 2025 14:44:28 +0400 Subject: [PATCH 07/20] feat: added vercel actions and workflow --- .../deploy/vercel/development/action.yml | 64 +++++ .../deploy/vercel/production/action.yml | 58 +++++ .github/actions/deployment-status/action.yml | 39 +++ .github/actions/setup-environment/action.yml | 17 ++ .github/workflows/deploy-preview.yml | 223 +++++++++++++++--- .github/workflows/deploy-production.yml | 114 +++++++-- 6 files changed, 458 insertions(+), 57 deletions(-) create mode 100644 .github/actions/deploy/vercel/development/action.yml create mode 100644 .github/actions/deploy/vercel/production/action.yml create mode 100644 .github/actions/deployment-status/action.yml create mode 100644 .github/actions/setup-environment/action.yml diff --git a/.github/actions/deploy/vercel/development/action.yml b/.github/actions/deploy/vercel/development/action.yml new file mode 100644 index 0000000..a830f0c --- /dev/null +++ b/.github/actions/deploy/vercel/development/action.yml @@ -0,0 +1,64 @@ +name: 'Deploy to Vercel Development' +description: 'Deploys the application to Vercel Preview environment' + +inputs: + vercel-token: + description: 'Vercel authentication token' + required: true + vercel-org-id: + description: 'Vercel organization ID' + required: true + vercel-project-id: + description: 'Vercel project ID' + required: true + pr-number: + description: 'Pull request number' + required: true + +outputs: + deployment-url: + description: 'The URL of the deployed application' + value: ${{ steps.deploy.outputs.url }} + deployment-id: + description: 'The ID of the deployment' + value: ${{ steps.deploy.outputs.id }} + +runs: + using: 'composite' + steps: + - name: Pull Vercel Environment Information + shell: bash + run: vercel pull --yes --environment=preview --token=${{ inputs.vercel-token }} + env: + VERCEL_ORG_ID: ${{ inputs.vercel-org-id }} + VERCEL_PROJECT_ID: ${{ inputs.vercel-project-id }} + + - name: Build Project + shell: bash + run: | + # Export all GitHub secrets as environment variables + for secret in $(env | grep "GITHUB_.*=" | cut -d= -f1); do + echo "$secret=${!secret}" >> $GITHUB_ENV + done + for secret in $(env | grep "INPUT_.*=" | cut -d= -f1); do + # Convert INPUT_VERCEL_TOKEN to VERCEL_TOKEN etc. + clean_name=$(echo "$secret" | sed 's/^INPUT_//' | tr '[:upper:]' '[:lower:]') + echo "$clean_name=${!secret}" >> $GITHUB_ENV + done + npm run build + env: + VERCEL_ORG_ID: ${{ inputs.vercel-org-id }} + VERCEL_PROJECT_ID: ${{ inputs.vercel-project-id }} + + - name: Deploy to Vercel + id: deploy + shell: bash + run: | + DEPLOYMENT=$(vercel deploy --prebuilt --token=${{ inputs.vercel-token }} --yes) + DEPLOYMENT_URL="$DEPLOYMENT" + DEPLOYMENT_ID=$(echo "$DEPLOYMENT" | rev | cut -d'/' -f1 | rev) + echo "url=$DEPLOYMENT_URL" >> $GITHUB_OUTPUT + echo "id=$DEPLOYMENT_ID" >> $GITHUB_OUTPUT + env: + VERCEL_ORG_ID: ${{ inputs.vercel-org-id }} + VERCEL_PROJECT_ID: ${{ inputs.vercel-project-id }} diff --git a/.github/actions/deploy/vercel/production/action.yml b/.github/actions/deploy/vercel/production/action.yml new file mode 100644 index 0000000..bcf400f --- /dev/null +++ b/.github/actions/deploy/vercel/production/action.yml @@ -0,0 +1,58 @@ +name: 'Deploy to Vercel Production' +description: 'Deploys the application to Vercel Production environment' + +inputs: + vercel-token: + description: 'Vercel authentication token' + required: true + vercel-org-id: + description: 'Vercel organization ID' + required: true + vercel-project-id: + description: 'Vercel project ID' + required: true + sha: + description: 'Git commit SHA' + required: true + +outputs: + deployment-url: + description: 'The URL of the deployed application' + value: ${{ steps.deploy.outputs.url }} + +runs: + using: 'composite' + steps: + - name: Pull Vercel Environment Information + shell: bash + run: vercel pull --yes --environment=production --token=${{ inputs.vercel-token }} + env: + VERCEL_ORG_ID: ${{ inputs.vercel-org-id }} + VERCEL_PROJECT_ID: ${{ inputs.vercel-project-id }} + + - name: Build Project + shell: bash + run: | + # Export all GitHub secrets as environment variables + for secret in $(env | grep "GITHUB_.*=" | cut -d= -f1); do + echo "$secret=${!secret}" >> $GITHUB_ENV + done + for secret in $(env | grep "INPUT_.*=" | cut -d= -f1); do + # Convert INPUT_VERCEL_TOKEN to VERCEL_TOKEN etc. + clean_name=$(echo "$secret" | sed 's/^INPUT_//' | tr '[:upper:]' '[:lower:]') + echo "$clean_name=${!secret}" >> $GITHUB_ENV + done + npm run build + env: + VERCEL_ORG_ID: ${{ inputs.vercel-org-id }} + VERCEL_PROJECT_ID: ${{ inputs.vercel-project-id }} + + - name: Deploy to Vercel + id: deploy + shell: bash + run: | + DEPLOYMENT_URL=$(vercel deploy --prebuilt --prod --token=${{ inputs.vercel-token }} --yes) + echo "url=$DEPLOYMENT_URL" >> $GITHUB_OUTPUT + env: + VERCEL_ORG_ID: ${{ inputs.vercel-org-id }} + VERCEL_PROJECT_ID: ${{ inputs.vercel-project-id }} diff --git a/.github/actions/deployment-status/action.yml b/.github/actions/deployment-status/action.yml new file mode 100644 index 0000000..f5fc98b --- /dev/null +++ b/.github/actions/deployment-status/action.yml @@ -0,0 +1,39 @@ +name: 'Update Deployment Status' +description: 'Updates the deployment status in GitHub' + +inputs: + environment: + description: 'The deployment environment (production/preview)' + required: true + deployment-url: + description: 'The URL of the deployed application' + required: true + sha: + description: 'Git commit SHA' + required: true + status: + description: 'Deployment status (success/failure)' + required: true + description: + description: 'Status description' + required: true + +runs: + using: 'composite' + steps: + - name: Update deployment status + shell: bash + run: | + # Create deployment + DEPLOYMENT_ID=$(curl -s -X POST \ + -H "Authorization: token ${{ github.token }}" \ + -H "Accept: application/vnd.github.v3+json" \ + -d "{\"ref\":\"${{ inputs.sha }}\",\"environment\":\"${{ inputs.environment }}\",\"auto_merge\":false}" \ + "https://api.github.com/repos/${{ github.repository }}/deployments" | jq -r '.id') + + # Update deployment status + curl -s -X POST \ + -H "Authorization: token ${{ github.token }}" \ + -H "Accept: application/vnd.github.v3+json" \ + -d "{\"state\":\"${{ inputs.status }}\",\"environment_url\":\"${{ inputs.deployment-url }}\",\"description\":\"${{ inputs.description }}\"}" \ + "https://api.github.com/repos/${{ github.repository }}/deployments/$DEPLOYMENT_ID/statuses" diff --git a/.github/actions/setup-environment/action.yml b/.github/actions/setup-environment/action.yml new file mode 100644 index 0000000..96daff1 --- /dev/null +++ b/.github/actions/setup-environment/action.yml @@ -0,0 +1,17 @@ +name: 'Setup Environment' +description: 'Sets up Node.js and installs dependencies' + +runs: + using: 'composite' + steps: + - name: Setup Node.js + uses: actions/setup-node@v3 + with: + node-version: '18' + cache: 'npm' + + - name: Install dependencies + shell: bash + run: | + npm ci + npm install --global vercel@latest diff --git a/.github/workflows/deploy-preview.yml b/.github/workflows/deploy-preview.yml index cf31e4a..05ef1ac 100644 --- a/.github/workflows/deploy-preview.yml +++ b/.github/workflows/deploy-preview.yml @@ -1,60 +1,215 @@ name: Deploy Preview -on: - pull_request: - branches: - - master -env: - VERCEL_ORG_ID: ${{ secrets.VERCEL_ORG_ID }} - VERCEL_PROJECT_ID: ${{ secrets.VERCEL_PROJECT_ID }} - REACT_APP_WS_PORT: ${{ secrets.REACT_APP_WS_PORT }} - REACT_APP_WS_URL: ${{ secrets.REACT_APP_WS_URL }} - REACT_CURRENT_ENVIRONMENT: preview - REACT_OAUTH_URL: ${{ secrets.REACT_OAUTH_URL }} +on: + pull_request_target: + branches: [ master ] + types: [opened, synchronize, reopened] permissions: - pull-requests: write contents: read + packages: read + pull-requests: write deployments: write + id-token: write + +concurrency: + group: preview-${{ github.event.pull_request.number }}-${{ github.event.pull_request.head.ref }} + cancel-in-progress: true + +env: + NODE_ENV: development + HUSKY: 0 jobs: - Deploy-Preview: + security-check: + name: Security Check + runs-on: ubuntu-latest + timeout-minutes: 5 + permissions: + pull-requests: read + outputs: + is-fork: ${{ steps.check.outputs.is-fork }} + is-authorized: ${{ steps.check.outputs.is-authorized }} + steps: + - name: Check PR source and permissions + id: check + uses: actions/github-script@v7 + with: + script: | + const pr = context.payload.pull_request; + const isFork = pr.head.repo.full_name !== pr.base.repo.full_name; + + let isAuthorized = false; + try { + const { data: permission } = await github.rest.repos.getCollaboratorPermissionLevel({ + owner: context.repo.owner, + repo: context.repo.repo, + username: pr.user.login + }); + isAuthorized = ['admin', 'write'].includes(permission.permission); + } catch (e) { + console.error('Error checking permissions:', e); + isAuthorized = false; + } + + core.setOutput('is-fork', isFork.toString()); + core.setOutput('is-authorized', isAuthorized.toString()); + + if (isFork && !isAuthorized) { + core.notice('āš ļø This PR is from a fork and requires approval from maintainers'); + } + + preview: + name: Deploy Preview + needs: security-check runs-on: ubuntu-latest + if: | + github.event.workflow_run.conclusion != 'action_required' || + github.event.workflow_run.conclusion == 'approved' + environment: + name: preview + url: ${{ steps.deploy.outputs.deployment-url }} + permissions: + deployments: write + issues: write + pull-requests: write + contents: read steps: - - name: Checkout - uses: actions/checkout@v3 + - name: Checkout repository + uses: actions/checkout@v4 with: ref: ${{ github.event.pull_request.head.sha }} fetch-depth: 0 - - name: Setup Node.js - uses: actions/setup-node@v3 - with: - node-version: '18' - cache: 'npm' + - name: Additional security checks for forks + id: security_checks + if: needs.security-check.outputs.is-fork == 'true' + run: | + # Function to check file patterns + check_patterns() { + local file="$1" + local patterns=( + "crypto\." + "eval[\s]*\(" + "child_process" + "exec[A-Z][a-z]*\(" + "http[s]?\." + "net\." + "process\.env" + "require\(['\"]child_process" + "fs\." + "new\s+Function" + "__proto__" + "Function\(" + "require\(['\"]\.\." + "require\(['\"]~" + "process\.binding" + "v8\." + "vm\." + "\.constructor\." + "Object\.prototype" + "Object\.defineProperty" + "Object\.setPrototypeOf" + ) + + for pattern in "${patterns[@]}"; do + if grep -q "$pattern" "$file"; then + echo "āš ļø Suspicious pattern found in $file: $pattern" + return 1 + fi + done + return 0 + } + + exit_code=0 + while IFS= read -r file; do + if [ -f "$file" ]; then + if file "$file" | grep -q "binary"; then + echo "āŒ Binary file detected: $file" + exit_code=1 + fi - - name: Install Dependencies - run: npm ci + if ! file "$file" | grep -q "binary"; then + if ! check_patterns "$file"; then + exit_code=1 + fi + fi + fi + done < <(git diff --name-only ${{ github.event.pull_request.base.sha }} ${{ github.event.pull_request.head.sha }}) - - name: Install Vercel CLI - run: npm install --global vercel@latest + if [ $exit_code -eq 0 ]; then + echo "SECURITY_CHECK_RESULT=āœ… All security checks passed" >> $GITHUB_ENV + else + echo "SECURITY_CHECK_RESULT=āš ļø Security review required - See above for details" >> $GITHUB_ENV + exit 1 + fi - - name: Build Project - run: npm run build + - name: Setup environment + uses: ./.github/actions/setup-environment - name: Deploy to Vercel - run: | - DEPLOYMENT_URL=$(vercel deploy --token=${{ secrets.VERCEL_TOKEN }} --yes) - echo "DEPLOYMENT_URL=$DEPLOYMENT_URL" >> $GITHUB_ENV + id: deploy + timeout-minutes: 10 + uses: ./.github/actions/deploy/vercel/development + env: + # Pass all repository secrets to the action + REACT_APP_WS_PORT: ${{ secrets.REACT_APP_WS_PORT }} + REACT_APP_WS_URL: ${{ secrets.REACT_APP_WS_URL }} + REACT_OAUTH_URL: ${{ secrets.REACT_OAUTH_URL }} + REACT_CURRENT_ENVIRONMENT: preview + with: + vercel-token: ${{ secrets.VERCEL_TOKEN }} + vercel-org-id: ${{ secrets.VERCEL_ORG_ID }} + vercel-project-id: ${{ secrets.VERCEL_PROJECT_ID }} + pr-number: ${{ github.event.pull_request.number }} - - name: Comment on PR - uses: actions/github-script@v6 + - name: Add preview URL to pull request + uses: actions/github-script@v7 with: script: | - const deploymentUrl = process.env.DEPLOYMENT_URL; - github.rest.issues.createComment({ + const isFork = '${{ needs.security-check.outputs.is-fork }}' === 'true'; + const isAuthorized = '${{ needs.security-check.outputs.is-authorized }}' === 'true'; + + let securityStatus = ''; + if (isFork) { + securityStatus = `\n\nšŸ”’ Security Status: + - PR is from a fork repository + - Author permission level: ${isAuthorized ? 'āœ… Authorized' : 'āš ļø Requires Approval'} + - Security checks: ${process.env.SECURITY_CHECK_RESULT || 'āœ… Passed'} + + Note: First-time contributors require maintainer approval for workflow runs.`; + } + + const deploymentUrl = '${{ steps.deploy.outputs.deployment-url }}'; + const comment = `āœØ Preview deployment is ready! + + šŸ”— Preview URL: ${deploymentUrl} + šŸ“ Commit: ${context.sha.substring(0, 7)} + šŸ•’ Deployed at: ${new Date().toISOString()}${securityStatus}`; + + await github.rest.issues.createComment({ issue_number: context.issue.number, owner: context.repo.owner, repo: context.repo.repo, - body: `šŸš€ Preview deployment is ready! \n\nDeployed to: ${deploymentUrl}` + body: comment }); + + - name: Update deployment status + uses: ./.github/actions/deployment-status + if: success() + with: + environment: 'preview' + deployment-url: ${{ steps.deploy.outputs.deployment-url }} + sha: ${{ github.event.pull_request.head.sha }} + status: 'success' + description: 'āœØ Preview deployment completed' + + - name: Handle deployment failure + if: failure() + uses: ./.github/actions/deployment-status + with: + environment: 'preview' + deployment-url: ${{ steps.deploy.outputs.deployment-url }} + sha: ${{ github.event.pull_request.head.sha }} + status: 'failure' + description: 'āŒ Preview deployment failed' diff --git a/.github/workflows/deploy-production.yml b/.github/workflows/deploy-production.yml index 90e8111..9427e15 100644 --- a/.github/workflows/deploy-production.yml +++ b/.github/workflows/deploy-production.yml @@ -1,37 +1,105 @@ name: Deploy Production + on: push: - branches: - - master + tags: + - 'v*' + +permissions: + contents: read + packages: read + pull-requests: write + deployments: write + id-token: write + +concurrency: + group: production + cancel-in-progress: false env: - VERCEL_ORG_ID: ${{ secrets.VERCEL_ORG_ID }} - VERCEL_PROJECT_ID: ${{ secrets.VERCEL_PROJECT_ID }} - REACT_APP_WS_PORT: ${{ secrets.REACT_APP_WS_PORT }} - REACT_APP_WS_URL: ${{ secrets.REACT_APP_WS_URL }} - REACT_CURRENT_ENVIRONMENT: production - REACT_OAUTH_URL: ${{ secrets.REACT_OAUTH_URL }} + NODE_ENV: production + HUSKY: 0 + REQUIRED_SECRETS: >- + VERCEL_TOKEN + VERCEL_ORG_ID + VERCEL_PROJECT_ID jobs: - Deploy-Production: + validate: + name: Validate Deployment runs-on: ubuntu-latest + timeout-minutes: 5 + outputs: + secrets-valid: ${{ steps.check-secrets.outputs.valid }} steps: - - uses: actions/checkout@v3 + - name: Validate Required Secrets + id: check-secrets + run: | + missing_secrets=() + for secret in $REQUIRED_SECRETS; do + if [ -z "${!secret}" ]; then + missing_secrets+=($secret) + fi + done - - name: Setup Node.js - uses: actions/setup-node@v3 - with: - node-version: '18' - cache: 'npm' - - - name: Install Dependencies - run: npm ci + if [ ${#missing_secrets[@]} -ne 0 ]; then + echo "Missing required secrets: ${missing_secrets[*]}" + echo "valid=false" >> $GITHUB_OUTPUT + exit 1 + fi + echo "valid=true" >> $GITHUB_OUTPUT - - name: Install Vercel CLI - run: npm install --global vercel@latest + deploy: + name: Deploy Production + needs: validate + runs-on: ubuntu-latest + timeout-minutes: 15 + environment: + name: production + url: ${{ steps.deploy.outputs.deployment-url }} + permissions: + deployments: write + statuses: write + contents: read + steps: + - name: Checkout repository + uses: actions/checkout@v4 - - name: Build Project - run: npm run build + - name: Setup environment + uses: ./.github/actions/setup-environment - name: Deploy to Vercel - run: vercel deploy --prod --token=${{ secrets.VERCEL_TOKEN }} --yes + id: deploy + timeout-minutes: 10 + uses: ./.github/actions/deploy/vercel/production + env: + # Pass all repository secrets to the action + REACT_APP_WS_PORT: ${{ secrets.REACT_APP_WS_PORT }} + REACT_APP_WS_URL: ${{ secrets.REACT_APP_WS_URL }} + REACT_OAUTH_URL: ${{ secrets.REACT_OAUTH_URL }} + REACT_CURRENT_ENVIRONMENT: production + with: + vercel-token: ${{ secrets.VERCEL_TOKEN }} + vercel-org-id: ${{ secrets.VERCEL_ORG_ID }} + vercel-project-id: ${{ secrets.VERCEL_PROJECT_ID }} + sha: ${{ github.sha }} + + - name: Update deployment status + uses: ./.github/actions/deployment-status + if: success() + with: + environment: 'production' + deployment-url: ${{ steps.deploy.outputs.deployment-url }} + sha: ${{ github.sha }} + status: 'success' + description: 'āœØ Production deployment completed' + + - name: Handle deployment failure + if: failure() + uses: ./.github/actions/deployment-status + with: + environment: 'production' + deployment-url: ${{ steps.deploy.outputs.deployment-url }} + sha: ${{ github.sha }} + status: 'failure' + description: 'āŒ Production deployment failed' From 20f1c58439534098fc4c398c22eb6ceb40641503 Mon Sep 17 00:00:00 2001 From: vinu-deriv Date: Mon, 20 Jan 2025 14:53:29 +0400 Subject: [PATCH 08/20] fix: provide necessary env variables --- .github/actions/deploy/vercel/development/action.yml | 4 ++++ .github/actions/deploy/vercel/production/action.yml | 4 ++++ .github/workflows/deploy-preview.yml | 6 ------ .github/workflows/deploy-production.yml | 6 ------ 4 files changed, 8 insertions(+), 12 deletions(-) diff --git a/.github/actions/deploy/vercel/development/action.yml b/.github/actions/deploy/vercel/development/action.yml index a830f0c..569d88b 100644 --- a/.github/actions/deploy/vercel/development/action.yml +++ b/.github/actions/deploy/vercel/development/action.yml @@ -49,6 +49,10 @@ runs: env: VERCEL_ORG_ID: ${{ inputs.vercel-org-id }} VERCEL_PROJECT_ID: ${{ inputs.vercel-project-id }} + REACT_APP_WS_PORT: ${{ secrets.REACT_APP_WS_PORT }} + REACT_APP_WS_URL: ${{ secrets.REACT_APP_WS_URL }} + REACT_OAUTH_URL: ${{ secrets.REACT_OAUTH_URL }} + REACT_CURRENT_ENVIRONMENT: preview - name: Deploy to Vercel id: deploy diff --git a/.github/actions/deploy/vercel/production/action.yml b/.github/actions/deploy/vercel/production/action.yml index bcf400f..1175f47 100644 --- a/.github/actions/deploy/vercel/production/action.yml +++ b/.github/actions/deploy/vercel/production/action.yml @@ -29,6 +29,10 @@ runs: env: VERCEL_ORG_ID: ${{ inputs.vercel-org-id }} VERCEL_PROJECT_ID: ${{ inputs.vercel-project-id }} + REACT_APP_WS_PORT: ${{ secrets.REACT_APP_WS_PORT }} + REACT_APP_WS_URL: ${{ secrets.REACT_APP_WS_URL }} + REACT_OAUTH_URL: ${{ secrets.REACT_OAUTH_URL }} + REACT_CURRENT_ENVIRONMENT: production - name: Build Project shell: bash diff --git a/.github/workflows/deploy-preview.yml b/.github/workflows/deploy-preview.yml index 05ef1ac..8785d76 100644 --- a/.github/workflows/deploy-preview.yml +++ b/.github/workflows/deploy-preview.yml @@ -151,12 +151,6 @@ jobs: id: deploy timeout-minutes: 10 uses: ./.github/actions/deploy/vercel/development - env: - # Pass all repository secrets to the action - REACT_APP_WS_PORT: ${{ secrets.REACT_APP_WS_PORT }} - REACT_APP_WS_URL: ${{ secrets.REACT_APP_WS_URL }} - REACT_OAUTH_URL: ${{ secrets.REACT_OAUTH_URL }} - REACT_CURRENT_ENVIRONMENT: preview with: vercel-token: ${{ secrets.VERCEL_TOKEN }} vercel-org-id: ${{ secrets.VERCEL_ORG_ID }} diff --git a/.github/workflows/deploy-production.yml b/.github/workflows/deploy-production.yml index 9427e15..e873162 100644 --- a/.github/workflows/deploy-production.yml +++ b/.github/workflows/deploy-production.yml @@ -72,12 +72,6 @@ jobs: id: deploy timeout-minutes: 10 uses: ./.github/actions/deploy/vercel/production - env: - # Pass all repository secrets to the action - REACT_APP_WS_PORT: ${{ secrets.REACT_APP_WS_PORT }} - REACT_APP_WS_URL: ${{ secrets.REACT_APP_WS_URL }} - REACT_OAUTH_URL: ${{ secrets.REACT_OAUTH_URL }} - REACT_CURRENT_ENVIRONMENT: production with: vercel-token: ${{ secrets.VERCEL_TOKEN }} vercel-org-id: ${{ secrets.VERCEL_ORG_ID }} From 353f940ad7ad5542c204d0a51172287471ac97a1 Mon Sep 17 00:00:00 2001 From: vinu-deriv Date: Mon, 20 Jan 2025 14:56:18 +0400 Subject: [PATCH 09/20] fix: the github workflow for preview deploy --- .github/workflows/deploy-preview.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/deploy-preview.yml b/.github/workflows/deploy-preview.yml index 8785d76..5e894cb 100644 --- a/.github/workflows/deploy-preview.yml +++ b/.github/workflows/deploy-preview.yml @@ -3,7 +3,6 @@ name: Deploy Preview on: pull_request_target: branches: [ master ] - types: [opened, synchronize, reopened] permissions: contents: read From 2fc09379962e3b5fb265707ba67b123382e6b224 Mon Sep 17 00:00:00 2001 From: vinu-deriv Date: Mon, 20 Jan 2025 15:14:54 +0400 Subject: [PATCH 10/20] fix: the github workflow for preview deploy --- .github/workflows/deploy-preview.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/deploy-preview.yml b/.github/workflows/deploy-preview.yml index 5e894cb..9fa39ba 100644 --- a/.github/workflows/deploy-preview.yml +++ b/.github/workflows/deploy-preview.yml @@ -1,7 +1,7 @@ name: Deploy Preview on: - pull_request_target: + pull_request: branches: [ master ] permissions: From df4ab8aa9572c9eea82fb025a3f6af0659c74242 Mon Sep 17 00:00:00 2001 From: vinu-deriv Date: Mon, 20 Jan 2025 15:19:15 +0400 Subject: [PATCH 11/20] fix: the env variables --- .github/workflows/deploy-preview.yml | 7 +++++++ .github/workflows/deploy-production.yml | 6 ++++++ 2 files changed, 13 insertions(+) diff --git a/.github/workflows/deploy-preview.yml b/.github/workflows/deploy-preview.yml index 9fa39ba..ebe3384 100644 --- a/.github/workflows/deploy-preview.yml +++ b/.github/workflows/deploy-preview.yml @@ -3,6 +3,7 @@ name: Deploy Preview on: pull_request: branches: [ master ] + types: [opened, synchronize, reopened] permissions: contents: read @@ -150,6 +151,12 @@ jobs: id: deploy timeout-minutes: 10 uses: ./.github/actions/deploy/vercel/development + env: + # Pass all repository secrets to the action + REACT_APP_WS_PORT: ${{ secrets.REACT_APP_WS_PORT }} + REACT_APP_WS_URL: ${{ secrets.REACT_APP_WS_URL }} + REACT_APP_OAUTH_URL: ${{ secrets.REACT_APP_OAUTH_URL }} + REACT_APP_CURRENT_ENVIRONMENT: preview with: vercel-token: ${{ secrets.VERCEL_TOKEN }} vercel-org-id: ${{ secrets.VERCEL_ORG_ID }} diff --git a/.github/workflows/deploy-production.yml b/.github/workflows/deploy-production.yml index e873162..30ac3a3 100644 --- a/.github/workflows/deploy-production.yml +++ b/.github/workflows/deploy-production.yml @@ -72,6 +72,12 @@ jobs: id: deploy timeout-minutes: 10 uses: ./.github/actions/deploy/vercel/production + env: + # Pass all repository secrets to the action + REACT_APP_WS_PORT: ${{ secrets.REACT_APP_WS_PORT }} + REACT_APP_WS_URL: ${{ secrets.REACT_APP_WS_URL }} + REACT_APP_OAUTH_URL: ${{ secrets.REACT_APP_OAUTH_URL }} + REACT_APP_CURRENT_ENVIRONMENT: production with: vercel-token: ${{ secrets.VERCEL_TOKEN }} vercel-org-id: ${{ secrets.VERCEL_ORG_ID }} From b7414849f48a2dc77b6fe06b719693bea1fa0795 Mon Sep 17 00:00:00 2001 From: vinu-deriv Date: Mon, 20 Jan 2025 15:21:36 +0400 Subject: [PATCH 12/20] fix: remove unnecessary env variables from action --- .github/actions/deploy/vercel/development/action.yml | 4 ---- .github/actions/deploy/vercel/production/action.yml | 4 ---- 2 files changed, 8 deletions(-) diff --git a/.github/actions/deploy/vercel/development/action.yml b/.github/actions/deploy/vercel/development/action.yml index 569d88b..a830f0c 100644 --- a/.github/actions/deploy/vercel/development/action.yml +++ b/.github/actions/deploy/vercel/development/action.yml @@ -49,10 +49,6 @@ runs: env: VERCEL_ORG_ID: ${{ inputs.vercel-org-id }} VERCEL_PROJECT_ID: ${{ inputs.vercel-project-id }} - REACT_APP_WS_PORT: ${{ secrets.REACT_APP_WS_PORT }} - REACT_APP_WS_URL: ${{ secrets.REACT_APP_WS_URL }} - REACT_OAUTH_URL: ${{ secrets.REACT_OAUTH_URL }} - REACT_CURRENT_ENVIRONMENT: preview - name: Deploy to Vercel id: deploy diff --git a/.github/actions/deploy/vercel/production/action.yml b/.github/actions/deploy/vercel/production/action.yml index 1175f47..bcf400f 100644 --- a/.github/actions/deploy/vercel/production/action.yml +++ b/.github/actions/deploy/vercel/production/action.yml @@ -29,10 +29,6 @@ runs: env: VERCEL_ORG_ID: ${{ inputs.vercel-org-id }} VERCEL_PROJECT_ID: ${{ inputs.vercel-project-id }} - REACT_APP_WS_PORT: ${{ secrets.REACT_APP_WS_PORT }} - REACT_APP_WS_URL: ${{ secrets.REACT_APP_WS_URL }} - REACT_OAUTH_URL: ${{ secrets.REACT_OAUTH_URL }} - REACT_CURRENT_ENVIRONMENT: production - name: Build Project shell: bash From 6439789cf8acf6b36637a465f9182c42326161f7 Mon Sep 17 00:00:00 2001 From: vinu-deriv Date: Mon, 20 Jan 2025 15:24:15 +0400 Subject: [PATCH 13/20] fix: fixed the workflow --- .github/actions/deploy/vercel/development/action.yml | 2 +- .github/actions/deploy/vercel/production/action.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/actions/deploy/vercel/development/action.yml b/.github/actions/deploy/vercel/development/action.yml index a830f0c..b107011 100644 --- a/.github/actions/deploy/vercel/development/action.yml +++ b/.github/actions/deploy/vercel/development/action.yml @@ -54,7 +54,7 @@ runs: id: deploy shell: bash run: | - DEPLOYMENT=$(vercel deploy --prebuilt --token=${{ inputs.vercel-token }} --yes) + DEPLOYMENT=$(vercel deploy --token=${{ inputs.vercel-token }} --yes) DEPLOYMENT_URL="$DEPLOYMENT" DEPLOYMENT_ID=$(echo "$DEPLOYMENT" | rev | cut -d'/' -f1 | rev) echo "url=$DEPLOYMENT_URL" >> $GITHUB_OUTPUT diff --git a/.github/actions/deploy/vercel/production/action.yml b/.github/actions/deploy/vercel/production/action.yml index bcf400f..87119dd 100644 --- a/.github/actions/deploy/vercel/production/action.yml +++ b/.github/actions/deploy/vercel/production/action.yml @@ -51,7 +51,7 @@ runs: id: deploy shell: bash run: | - DEPLOYMENT_URL=$(vercel deploy --prebuilt --prod --token=${{ inputs.vercel-token }} --yes) + DEPLOYMENT_URL=$(vercel deploy --prod --token=${{ inputs.vercel-token }} --yes) echo "url=$DEPLOYMENT_URL" >> $GITHUB_OUTPUT env: VERCEL_ORG_ID: ${{ inputs.vercel-org-id }} From bc4c678ecc3b07003ecc24180b8869339937339e Mon Sep 17 00:00:00 2001 From: vinu-deriv Date: Mon, 20 Jan 2025 15:36:16 +0400 Subject: [PATCH 14/20] fix: deploy only dist to vercel --- .github/actions/deploy/vercel/development/action.yml | 3 ++- .github/actions/deploy/vercel/production/action.yml | 3 ++- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/.github/actions/deploy/vercel/development/action.yml b/.github/actions/deploy/vercel/development/action.yml index b107011..0186e9b 100644 --- a/.github/actions/deploy/vercel/development/action.yml +++ b/.github/actions/deploy/vercel/development/action.yml @@ -54,7 +54,8 @@ runs: id: deploy shell: bash run: | - DEPLOYMENT=$(vercel deploy --token=${{ inputs.vercel-token }} --yes) + cd dist + DEPLOYMENT=$(vercel deploy --cwd . --token=${{ inputs.vercel-token }} --yes) DEPLOYMENT_URL="$DEPLOYMENT" DEPLOYMENT_ID=$(echo "$DEPLOYMENT" | rev | cut -d'/' -f1 | rev) echo "url=$DEPLOYMENT_URL" >> $GITHUB_OUTPUT diff --git a/.github/actions/deploy/vercel/production/action.yml b/.github/actions/deploy/vercel/production/action.yml index 87119dd..3486086 100644 --- a/.github/actions/deploy/vercel/production/action.yml +++ b/.github/actions/deploy/vercel/production/action.yml @@ -51,7 +51,8 @@ runs: id: deploy shell: bash run: | - DEPLOYMENT_URL=$(vercel deploy --prod --token=${{ inputs.vercel-token }} --yes) + cd dist + DEPLOYMENT_URL=$(vercel deploy --cwd . --prod --token=${{ inputs.vercel-token }} --yes) echo "url=$DEPLOYMENT_URL" >> $GITHUB_OUTPUT env: VERCEL_ORG_ID: ${{ inputs.vercel-org-id }} From 928bb27803233198f1be872ac84dad2b1c15b483 Mon Sep 17 00:00:00 2001 From: vinu-deriv Date: Mon, 20 Jan 2025 15:58:30 +0400 Subject: [PATCH 15/20] fix: added logs to debug --- .../deploy/vercel/development/action.yml | 42 +++++++++++++++++-- .../deploy/vercel/production/action.yml | 38 +++++++++++++++-- .github/actions/deployment-status/action.yml | 21 +++++++--- .github/actions/setup-environment/action.yml | 17 ++++++++ 4 files changed, 107 insertions(+), 11 deletions(-) diff --git a/.github/actions/deploy/vercel/development/action.yml b/.github/actions/deploy/vercel/development/action.yml index 0186e9b..a6ae55a 100644 --- a/.github/actions/deploy/vercel/development/action.yml +++ b/.github/actions/deploy/vercel/development/action.yml @@ -28,7 +28,12 @@ runs: steps: - name: Pull Vercel Environment Information shell: bash - run: vercel pull --yes --environment=preview --token=${{ inputs.vercel-token }} + run: | + echo "šŸ”„ Pulling Vercel environment information..." + echo " - Environment: Preview" + echo " - PR Number: ${{ inputs.pr-number }}" + vercel pull --yes --environment=preview --token=${{ inputs.vercel-token }} + echo "āœ… Successfully pulled Vercel environment information" env: VERCEL_ORG_ID: ${{ inputs.vercel-org-id }} VERCEL_PROJECT_ID: ${{ inputs.vercel-project-id }} @@ -36,16 +41,34 @@ runs: - name: Build Project shell: bash run: | + echo "šŸ—ļø Starting build process for preview deployment..." + echo "šŸ“ Exporting environment variables..." # Export all GitHub secrets as environment variables for secret in $(env | grep "GITHUB_.*=" | cut -d= -f1); do + echo " - Exporting $secret" echo "$secret=${!secret}" >> $GITHUB_ENV done for secret in $(env | grep "INPUT_.*=" | cut -d= -f1); do # Convert INPUT_VERCEL_TOKEN to VERCEL_TOKEN etc. clean_name=$(echo "$secret" | sed 's/^INPUT_//' | tr '[:upper:]' '[:lower:]') + echo " - Converting and exporting $secret as $clean_name" echo "$clean_name=${!secret}" >> $GITHUB_ENV done + + echo "šŸš€ Running build command..." npm run build + + echo "šŸ“¦ Checking build output..." + if [ -d "dist" ]; then + echo " - dist directory exists" + echo " - Contents of dist directory:" + ls -la dist/ + else + echo "āŒ dist directory not found!" + exit 1 + fi + + echo "āœ… Preview build completed successfully" env: VERCEL_ORG_ID: ${{ inputs.vercel-org-id }} VERCEL_PROJECT_ID: ${{ inputs.vercel-project-id }} @@ -54,12 +77,25 @@ runs: id: deploy shell: bash run: | - cd dist - DEPLOYMENT=$(vercel deploy --cwd . --token=${{ inputs.vercel-token }} --yes) + echo "šŸš€ Starting Vercel preview deployment..." + echo "šŸ“‚ Deploying dist directory..." + echo " - Current directory contents:" + ls -la dist/ + + echo "ā˜ļø Deploying to Vercel preview environment..." + DEPLOYMENT=$(vercel deploy --cwd dist --token=${{ inputs.vercel-token }} --yes) DEPLOYMENT_URL="$DEPLOYMENT" DEPLOYMENT_ID=$(echo "$DEPLOYMENT" | rev | cut -d'/' -f1 | rev) + + echo " - Deployment URL: $DEPLOYMENT_URL" + echo " - Deployment ID: $DEPLOYMENT_ID" + + echo "šŸ’¾ Saving deployment information..." echo "url=$DEPLOYMENT_URL" >> $GITHUB_OUTPUT echo "id=$DEPLOYMENT_ID" >> $GITHUB_OUTPUT + + echo "āœ… Preview deployment completed successfully" + echo "šŸŒ Preview URL: $DEPLOYMENT_URL" env: VERCEL_ORG_ID: ${{ inputs.vercel-org-id }} VERCEL_PROJECT_ID: ${{ inputs.vercel-project-id }} diff --git a/.github/actions/deploy/vercel/production/action.yml b/.github/actions/deploy/vercel/production/action.yml index 3486086..13d89a1 100644 --- a/.github/actions/deploy/vercel/production/action.yml +++ b/.github/actions/deploy/vercel/production/action.yml @@ -25,7 +25,10 @@ runs: steps: - name: Pull Vercel Environment Information shell: bash - run: vercel pull --yes --environment=production --token=${{ inputs.vercel-token }} + run: | + echo "šŸ”„ Pulling Vercel environment information..." + vercel pull --yes --environment=production --token=${{ inputs.vercel-token }} + echo "āœ… Successfully pulled Vercel environment information" env: VERCEL_ORG_ID: ${{ inputs.vercel-org-id }} VERCEL_PROJECT_ID: ${{ inputs.vercel-project-id }} @@ -33,16 +36,34 @@ runs: - name: Build Project shell: bash run: | + echo "šŸ—ļø Starting build process..." + echo "šŸ“ Exporting environment variables..." # Export all GitHub secrets as environment variables for secret in $(env | grep "GITHUB_.*=" | cut -d= -f1); do + echo " - Exporting $secret" echo "$secret=${!secret}" >> $GITHUB_ENV done for secret in $(env | grep "INPUT_.*=" | cut -d= -f1); do # Convert INPUT_VERCEL_TOKEN to VERCEL_TOKEN etc. clean_name=$(echo "$secret" | sed 's/^INPUT_//' | tr '[:upper:]' '[:lower:]') + echo " - Converting and exporting $secret as $clean_name" echo "$clean_name=${!secret}" >> $GITHUB_ENV done + + echo "šŸš€ Running build command..." npm run build + + echo "šŸ“¦ Checking build output..." + if [ -d "dist" ]; then + echo " - dist directory exists" + echo " - Contents of dist directory:" + ls -la dist/ + else + echo "āŒ dist directory not found!" + exit 1 + fi + + echo "āœ… Build completed successfully" env: VERCEL_ORG_ID: ${{ inputs.vercel-org-id }} VERCEL_PROJECT_ID: ${{ inputs.vercel-project-id }} @@ -51,9 +72,20 @@ runs: id: deploy shell: bash run: | - cd dist - DEPLOYMENT_URL=$(vercel deploy --cwd . --prod --token=${{ inputs.vercel-token }} --yes) + echo "šŸš€ Starting Vercel deployment..." + echo "šŸ“‚ Deploying dist directory..." + echo " - Current directory contents:" + ls -la dist/ + + echo "ā˜ļø Deploying to Vercel..." + DEPLOYMENT_URL=$(vercel deploy --cwd dist --prod --token=${{ inputs.vercel-token }} --yes) + echo " - Deployment URL: $DEPLOYMENT_URL" + + echo "šŸ’¾ Saving deployment URL..." echo "url=$DEPLOYMENT_URL" >> $GITHUB_OUTPUT + + echo "āœ… Deployment completed successfully" + echo "šŸŒ Production URL: $DEPLOYMENT_URL" env: VERCEL_ORG_ID: ${{ inputs.vercel-org-id }} VERCEL_PROJECT_ID: ${{ inputs.vercel-project-id }} diff --git a/.github/actions/deployment-status/action.yml b/.github/actions/deployment-status/action.yml index f5fc98b..b628b27 100644 --- a/.github/actions/deployment-status/action.yml +++ b/.github/actions/deployment-status/action.yml @@ -24,16 +24,27 @@ runs: - name: Update deployment status shell: bash run: | - # Create deployment + echo "šŸ”„ Updating deployment status..." + echo " - Environment: ${{ inputs.environment }}" + echo " - Status: ${{ inputs.status }}" + echo " - URL: ${{ inputs.deployment-url }}" + echo " - Commit SHA: ${{ inputs.sha }}" + + echo "šŸ“ Creating deployment record..." DEPLOYMENT_ID=$(curl -s -X POST \ -H "Authorization: token ${{ github.token }}" \ -H "Accept: application/vnd.github.v3+json" \ -d "{\"ref\":\"${{ inputs.sha }}\",\"environment\":\"${{ inputs.environment }}\",\"auto_merge\":false}" \ "https://api.github.com/repos/${{ github.repository }}/deployments" | jq -r '.id') - - # Update deployment status - curl -s -X POST \ + + echo " - Created deployment with ID: $DEPLOYMENT_ID" + + echo "šŸ“¤ Updating deployment status..." + STATUS_RESPONSE=$(curl -s -X POST \ -H "Authorization: token ${{ github.token }}" \ -H "Accept: application/vnd.github.v3+json" \ -d "{\"state\":\"${{ inputs.status }}\",\"environment_url\":\"${{ inputs.deployment-url }}\",\"description\":\"${{ inputs.description }}\"}" \ - "https://api.github.com/repos/${{ github.repository }}/deployments/$DEPLOYMENT_ID/statuses" + "https://api.github.com/repos/${{ github.repository }}/deployments/$DEPLOYMENT_ID/statuses") + + echo "āœ… Deployment status updated successfully" + echo " - Description: ${{ inputs.description }}" diff --git a/.github/actions/setup-environment/action.yml b/.github/actions/setup-environment/action.yml index 96daff1..f14e2dd 100644 --- a/.github/actions/setup-environment/action.yml +++ b/.github/actions/setup-environment/action.yml @@ -13,5 +13,22 @@ runs: - name: Install dependencies shell: bash run: | + echo "šŸ”§ Setting up environment..." + echo "šŸ“¦ Node.js version:" + node --version + + echo "šŸ“¦ NPM version:" + npm --version + + echo "šŸ“„ Installing dependencies..." npm ci + + echo "šŸ”§ Installing Vercel CLI..." npm install --global vercel@latest + echo " - Vercel CLI version:" + vercel --version + + echo "šŸ“‹ Listing installed packages:" + npm list --depth=0 + + echo "āœ… Environment setup completed successfully" From db5fc61ce4a040068d7c790c2ccd8341a465bbfa Mon Sep 17 00:00:00 2001 From: vinu-deriv <100689171+vinu-deriv@users.noreply.github.com> Date: Mon, 20 Jan 2025 16:13:08 +0400 Subject: [PATCH 16/20] Update deploy-production.yml --- .github/workflows/deploy-production.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/deploy-production.yml b/.github/workflows/deploy-production.yml index 30ac3a3..97b3819 100644 --- a/.github/workflows/deploy-production.yml +++ b/.github/workflows/deploy-production.yml @@ -2,8 +2,8 @@ name: Deploy Production on: push: - tags: - - 'v*' + branches: + - master permissions: contents: read From dc4dae330a6d592780b78f1b6040dde6ca4fed2c Mon Sep 17 00:00:00 2001 From: vinu-deriv Date: Mon, 20 Jan 2025 16:28:11 +0400 Subject: [PATCH 17/20] fix: added vercel environment for production --- .github/workflows/deploy-production.yml | 31 ++++++++++++++++--------- 1 file changed, 20 insertions(+), 11 deletions(-) diff --git a/.github/workflows/deploy-production.yml b/.github/workflows/deploy-production.yml index 97b3819..27f541b 100644 --- a/.github/workflows/deploy-production.yml +++ b/.github/workflows/deploy-production.yml @@ -19,10 +19,9 @@ concurrency: env: NODE_ENV: production HUSKY: 0 - REQUIRED_SECRETS: >- - VERCEL_TOKEN - VERCEL_ORG_ID - VERCEL_PROJECT_ID + VERCEL_TOKEN: ${{ secrets.VERCEL_TOKEN }} + VERCEL_ORG_ID: ${{ secrets.VERCEL_ORG_ID }} + VERCEL_PROJECT_ID: ${{ secrets.VERCEL_PROJECT_ID }} jobs: validate: @@ -35,18 +34,26 @@ jobs: - name: Validate Required Secrets id: check-secrets run: | + echo "šŸ” Checking required secrets..." missing_secrets=() - for secret in $REQUIRED_SECRETS; do - if [ -z "${!secret}" ]; then - missing_secrets+=($secret) - fi - done + + if [ -z "$VERCEL_TOKEN" ]; then + missing_secrets+=("VERCEL_TOKEN") + fi + if [ -z "$VERCEL_ORG_ID" ]; then + missing_secrets+=("VERCEL_ORG_ID") + fi + if [ -z "$VERCEL_PROJECT_ID" ]; then + missing_secrets+=("VERCEL_PROJECT_ID") + fi if [ ${#missing_secrets[@]} -ne 0 ]; then - echo "Missing required secrets: ${missing_secrets[*]}" + echo "āŒ Missing required secrets: ${missing_secrets[*]}" echo "valid=false" >> $GITHUB_OUTPUT exit 1 fi + + echo "āœ… All required secrets are present" echo "valid=true" >> $GITHUB_OUTPUT deploy: @@ -73,11 +80,13 @@ jobs: timeout-minutes: 10 uses: ./.github/actions/deploy/vercel/production env: - # Pass all repository secrets to the action REACT_APP_WS_PORT: ${{ secrets.REACT_APP_WS_PORT }} REACT_APP_WS_URL: ${{ secrets.REACT_APP_WS_URL }} REACT_APP_OAUTH_URL: ${{ secrets.REACT_APP_OAUTH_URL }} REACT_APP_CURRENT_ENVIRONMENT: production + VERCEL_TOKEN: ${{ secrets.VERCEL_TOKEN }} + VERCEL_ORG_ID: ${{ secrets.VERCEL_ORG_ID }} + VERCEL_PROJECT_ID: ${{ secrets.VERCEL_PROJECT_ID }} with: vercel-token: ${{ secrets.VERCEL_TOKEN }} vercel-org-id: ${{ secrets.VERCEL_ORG_ID }} From 27231199a5120e3d63cfb13ca429d1f67eaeaf89 Mon Sep 17 00:00:00 2001 From: vinu-deriv Date: Mon, 20 Jan 2025 17:46:06 +0400 Subject: [PATCH 18/20] fix: fix the missing dependency --- .github/actions/deploy/vercel/production/action.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/actions/deploy/vercel/production/action.yml b/.github/actions/deploy/vercel/production/action.yml index 13d89a1..5108520 100644 --- a/.github/actions/deploy/vercel/production/action.yml +++ b/.github/actions/deploy/vercel/production/action.yml @@ -50,6 +50,9 @@ runs: echo "$clean_name=${!secret}" >> $GITHUB_ENV done + echo "šŸš€ Installing all dependencies..." + npm ci --include=dev + echo "šŸš€ Running build command..." npm run build From 103148eef08f33fec28bf530c151b7ec1d987cef Mon Sep 17 00:00:00 2001 From: vinu-deriv Date: Mon, 20 Jan 2025 17:57:13 +0400 Subject: [PATCH 19/20] fix: set server url --- .github/workflows/deploy-preview.yml | 2 +- .github/workflows/deploy-production.yml | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/deploy-preview.yml b/.github/workflows/deploy-preview.yml index ebe3384..22b7cd7 100644 --- a/.github/workflows/deploy-preview.yml +++ b/.github/workflows/deploy-preview.yml @@ -155,7 +155,7 @@ jobs: # Pass all repository secrets to the action REACT_APP_WS_PORT: ${{ secrets.REACT_APP_WS_PORT }} REACT_APP_WS_URL: ${{ secrets.REACT_APP_WS_URL }} - REACT_APP_OAUTH_URL: ${{ secrets.REACT_APP_OAUTH_URL }} + REACT_OAUTH_URL: ${{ secrets.REACT_OAUTH_URL }} REACT_APP_CURRENT_ENVIRONMENT: preview with: vercel-token: ${{ secrets.VERCEL_TOKEN }} diff --git a/.github/workflows/deploy-production.yml b/.github/workflows/deploy-production.yml index 27f541b..44cc137 100644 --- a/.github/workflows/deploy-production.yml +++ b/.github/workflows/deploy-production.yml @@ -82,8 +82,8 @@ jobs: env: REACT_APP_WS_PORT: ${{ secrets.REACT_APP_WS_PORT }} REACT_APP_WS_URL: ${{ secrets.REACT_APP_WS_URL }} - REACT_APP_OAUTH_URL: ${{ secrets.REACT_APP_OAUTH_URL }} - REACT_APP_CURRENT_ENVIRONMENT: production + REACT_OAUTH_URL: ${{ secrets.REACT_OAUTH_URL }} + REACT_CURRENT_ENVIRONMENT: production VERCEL_TOKEN: ${{ secrets.VERCEL_TOKEN }} VERCEL_ORG_ID: ${{ secrets.VERCEL_ORG_ID }} VERCEL_PROJECT_ID: ${{ secrets.VERCEL_PROJECT_ID }} From cc7d3b8f4e365556c574e48f24fa8a24681f7cfd Mon Sep 17 00:00:00 2001 From: vinu-deriv Date: Mon, 20 Jan 2025 17:58:56 +0400 Subject: [PATCH 20/20] fix: set server url --- .github/workflows/deploy-preview.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/deploy-preview.yml b/.github/workflows/deploy-preview.yml index 22b7cd7..cfe4301 100644 --- a/.github/workflows/deploy-preview.yml +++ b/.github/workflows/deploy-preview.yml @@ -156,7 +156,7 @@ jobs: REACT_APP_WS_PORT: ${{ secrets.REACT_APP_WS_PORT }} REACT_APP_WS_URL: ${{ secrets.REACT_APP_WS_URL }} REACT_OAUTH_URL: ${{ secrets.REACT_OAUTH_URL }} - REACT_APP_CURRENT_ENVIRONMENT: preview + REACT_CURRENT_ENVIRONMENT: preview with: vercel-token: ${{ secrets.VERCEL_TOKEN }} vercel-org-id: ${{ secrets.VERCEL_ORG_ID }}