Dev 336/amplify webhook builds #2906
Conversation
|
WalkthroughThis pull request introduces three new GitHub Actions workflow files (deploy-backoffice.yml, deploy-dashboard.yml, and deploy-kyb.yml) to automate build and deployment processes for different applications. Each workflow is designed to trigger builds manually and supports external invocation, allowing users to select an environment from predefined options. The workflows consist of three primary jobs: a Changes
Possibly related PRs
Suggested reviewers
Poem
Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media? 🪧 TipsChatThere are 3 ways to chat with CodeRabbit:
Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments. CodeRabbit Commands (Invoked using PR comments)
Other keywords and placeholders
CodeRabbit Configuration File (
|
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
There was a problem hiding this comment.
Actionable comments posted: 4
🧹 Nitpick comments (3)
.github/workflows/deploy-kyb.yml (1)
49-51: Remove unnecessary permissionsThe
packages: writepermission is not used in this job and should be removed.permissions: contents: read - packages: write.github/workflows/deploy-backoffice.yml (2)
40-42: Enhance webhook payload with environment informationThe webhook payload is empty but could include useful context about the build.
- name: Trigger Build webhook run: | - curl -X POST -d {} "${{ secrets.BACKOFFICE_WEBHOOK_URL }}" -H "Content-Type:application/json" + curl -X POST \ + -d "{\"environment\":\"${{ github.event_name == 'push' && github.ref_name || inputs.environment }}\",\"trigger\":\"${{ github.event_name }}\"}" \ + "${{ secrets.BACKOFFICE_WEBHOOK_URL }}" \ + -H "Content-Type:application/json"
58-59: Improve Slack message formattingConsider using Slack's block kit for better message formatting and visibility.
with: channel-id: '${{ secrets.ARGO_SLACK_CHANNEL_ID }}' - slack-message: "Back-office Build initialized in ${{ github.event_name == 'push' && github.ref_name || inputs.environment }}." + payload: | + { + "blocks": [ + { + "type": "header", + "text": { + "type": "plain_text", + "text": "🏗️ Back-office Build Started" + } + }, + { + "type": "section", + "fields": [ + { + "type": "mrkdwn", + "text": "*Environment:*\n${{ github.event_name == 'push' && github.ref_name || inputs.environment }}" + }, + { + "type": "mrkdwn", + "text": "*Triggered by:*\n${{ github.event_name }}" + } + ] + } + ] + }
📜 Review details
Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro
📒 Files selected for processing (3)
.github/workflows/deploy-backoffice.yml(1 hunks).github/workflows/deploy-dashboard.yml(1 hunks).github/workflows/deploy-kyb.yml(1 hunks)
🧰 Additional context used
🪛 actionlint (1.7.4)
.github/workflows/deploy-dashboard.yml
27-27: input "environment" of workflow_call event has the default value "dev", but it is also required. if an input is marked as required, its default value will never be used
(events)
37-37: the runner of "actions/checkout@v3" action is too old to run on GitHub Actions. update the action's version to fix this issue
(action)
.github/workflows/deploy-kyb.yml
27-27: input "environment" of workflow_call event has the default value "dev", but it is also required. if an input is marked as required, its default value will never be used
(events)
37-37: the runner of "actions/checkout@v3" action is too old to run on GitHub Actions. update the action's version to fix this issue
(action)
.github/workflows/deploy-backoffice.yml
27-27: input "environment" of workflow_call event has the default value "dev", but it is also required. if an input is marked as required, its default value will never be used
(events)
37-37: the runner of "actions/checkout@v3" action is too old to run on GitHub Actions. update the action's version to fix this issue
(action)
There was a problem hiding this comment.
Actionable comments posted: 3
♻️ Duplicate comments (5)
.github/workflows/deploy-kyb.yml (4)
22-27:⚠️ Potential issueFix workflow_call input configuration
The
environmentinput is marked as both required and has a default value, which is contradictory. The default value will never be used if the input is required.Apply this diff to fix the configuration:
workflow_call: inputs: environment: type: string description: 'Environment' - required: true - default: 'dev' + required: false + default: 'dev'🧰 Tools
🪛 actionlint (1.7.4)
27-27: input "environment" of workflow_call event has the default value "dev", but it is also required. if an input is marked as required, its default value will never be used
(events)
36-37:⚠️ Potential issueUpdate actions/checkout to the latest version
The current version (@V3) is outdated. Update to the latest stable version for security fixes and improvements.
- uses: actions/checkout@v3 + uses: actions/checkout@v4🧰 Tools
🪛 actionlint (1.7.4)
37-37: the runner of "actions/checkout@v3" action is too old to run on GitHub Actions. update the action's version to fix this issue
(action)
40-42:⚠️ Potential issueAdd error handling to webhook trigger
The current webhook implementation lacks error handling and validation. Consider adding proper error handling and response validation.
- name: Trigger Build webhook run: | - curl -X POST -d {} "${{ secrets.KYB_WEBHOOK_URL }}" -H "Content-Type:application/json" + response=$(curl -s -w "\n%{http_code}" -X POST -d {} "${{ secrets.KYB_WEBHOOK_URL }}" -H "Content-Type:application/json") + status_code=$(echo "$response" | tail -n 1) + if [ "$status_code" -lt 200 ] || [ "$status_code" -ge 300 ]; then + echo "Error: Webhook request failed with status $status_code" + echo "Response: $(echo "$response" | head -n -1)" + exit 1 + fi
1-79: 🛠️ Refactor suggestionConsider implementing reusable workflow pattern
All three workflows share identical structure and logic, differing only in application-specific values. Consider refactoring into a reusable workflow.
Create a new file
.github/workflows/deploy-app.ymlwith a reusable workflow pattern that accepts application-specific inputs and secrets. Then simplify each app-specific workflow to use the reusable workflow. This will:
- Reduce code duplication
- Centralize maintenance
- Ensure consistent behavior across applications
🧰 Tools
🪛 actionlint (1.7.4)
27-27: input "environment" of workflow_call event has the default value "dev", but it is also required. if an input is marked as required, its default value will never be used
(events)
37-37: the runner of "actions/checkout@v3" action is too old to run on GitHub Actions. update the action's version to fix this issue
(action)
.github/workflows/deploy-backoffice.yml (1)
1-79: 🛠️ Refactor suggestionImplement reusable workflow pattern
This workflow shares identical structure with deploy-dashboard.yml. Consider refactoring into a reusable workflow to reduce duplication and improve maintainability.
See the previous review comment for detailed implementation of the reusable workflow pattern.
🧰 Tools
🪛 actionlint (1.7.4)
27-27: input "environment" of workflow_call event has the default value "dev", but it is also required. if an input is marked as required, its default value will never be used
(events)
37-37: the runner of "actions/checkout@v3" action is too old to run on GitHub Actions. update the action's version to fix this issue
(action)
🪛 yamllint (1.35.1)
[warning] 9-9: wrong indentation: expected 6 but found 4
(indentation)
[error] 79-79: no new line character at the end of file
(new-line-at-end-of-file)
🧹 Nitpick comments (2)
.github/workflows/deploy-backoffice.yml (2)
49-51: Remove unnecessary permissionsThe
packages:writepermission is not required for sending Slack notifications.permissions: contents: read - packages: write
54-61: Enhance Slack notifications with rich formattingThe current Slack messages are basic text. Consider using Slack's block kit for better formatting and more context.
- name: Send alert to Slack channel id: slack uses: slackapi/[email protected] with: channel-id: '${{ secrets.ARGO_SLACK_CHANNEL_ID }}' - slack-message: "Back-office Build initialized in ${{ github.event_name == 'push' && github.ref_name || inputs.environment }}." + payload: | + { + "blocks": [ + { + "type": "header", + "text": { + "type": "plain_text", + "text": "🏗️ Back-office Build Started" + } + }, + { + "type": "section", + "fields": [ + { + "type": "mrkdwn", + "text": "*Environment:*\n${{ github.event_name == 'push' && github.ref_name || inputs.environment }}" + }, + { + "type": "mrkdwn", + "text": "*Triggered by:*\n${{ github.event_name }}" + } + ] + } + ] + } env: SLACK_BOT_TOKEN: ${{ secrets.ARGO_SLACK_BOT_TOKEN }}
📜 Review details
Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro
📒 Files selected for processing (3)
.github/workflows/deploy-backoffice.yml(1 hunks).github/workflows/deploy-dashboard.yml(1 hunks).github/workflows/deploy-kyb.yml(1 hunks)
🧰 Additional context used
🪛 actionlint (1.7.4)
.github/workflows/deploy-kyb.yml
27-27: input "environment" of workflow_call event has the default value "dev", but it is also required. if an input is marked as required, its default value will never be used
(events)
37-37: the runner of "actions/checkout@v3" action is too old to run on GitHub Actions. update the action's version to fix this issue
(action)
.github/workflows/deploy-dashboard.yml
27-27: input "environment" of workflow_call event has the default value "dev", but it is also required. if an input is marked as required, its default value will never be used
(events)
37-37: the runner of "actions/checkout@v3" action is too old to run on GitHub Actions. update the action's version to fix this issue
(action)
.github/workflows/deploy-backoffice.yml
27-27: input "environment" of workflow_call event has the default value "dev", but it is also required. if an input is marked as required, its default value will never be used
(events)
37-37: the runner of "actions/checkout@v3" action is too old to run on GitHub Actions. update the action's version to fix this issue
(action)
🪛 yamllint (1.35.1)
.github/workflows/deploy-dashboard.yml
[warning] 9-9: wrong indentation: expected 6 but found 4
(indentation)
[error] 79-79: no new line character at the end of file
(new-line-at-end-of-file)
.github/workflows/deploy-backoffice.yml
[warning] 9-9: wrong indentation: expected 6 but found 4
(indentation)
[error] 79-79: no new line character at the end of file
(new-line-at-end-of-file)
🔇 Additional comments (1)
.github/workflows/deploy-dashboard.yml (1)
1-79: Address identical issues as in deploy-backoffice.yml
This workflow has the same issues as identified in deploy-backoffice.yml:
- Workflow_call input configuration
- Outdated checkout action
- Basic webhook implementation
- Unnecessary permissions
- Basic Slack notifications
- Need for reusable workflow pattern
Please apply the same fixes as suggested for deploy-backoffice.yml.
🧰 Tools
🪛 actionlint (1.7.4)
27-27: input "environment" of workflow_call event has the default value "dev", but it is also required. if an input is marked as required, its default value will never be used
(events)
37-37: the runner of "actions/checkout@v3" action is too old to run on GitHub Actions. update the action's version to fix this issue
(action)
🪛 yamllint (1.35.1)
[warning] 9-9: wrong indentation: expected 6 but found 4
(indentation)
[error] 79-79: no new line character at the end of file
(new-line-at-end-of-file)
There was a problem hiding this comment.
Actionable comments posted: 0
♻️ Duplicate comments (3)
.github/workflows/deploy-kyb.yml (3)
21-27:⚠️ Potential issueFix contradictory workflow_call input configuration
The
environmentinput is marked as both required and has a default value, which is contradictory as the default value will never be used.Apply this fix:
workflow_call: inputs: environment: type: string description: 'Environment' - required: true - default: 'dev' + required: false + default: 'dev'🧰 Tools
🪛 actionlint (1.7.4)
27-27: input "environment" of workflow_call event has the default value "dev", but it is also required. if an input is marked as required, its default value will never be used
(events)
36-37:⚠️ Potential issueUpdate actions/checkout to the latest version
The current version (@V3) is outdated. Update to the latest stable version for security fixes and improvements.
- uses: actions/checkout@v3 + uses: actions/checkout@v4🧰 Tools
🪛 actionlint (1.7.4)
37-37: the runner of "actions/checkout@v3" action is too old to run on GitHub Actions. update the action's version to fix this issue
(action)
1-86: 🛠️ Refactor suggestionConsider implementing reusable workflow pattern
All three workflows share identical structure and logic, differing only in application-specific values. Consider refactoring into a reusable workflow to improve maintainability and reduce duplication.
Create a new file
.github/workflows/deploy-app.ymlthat accepts app-specific parameters. Then simplify each app-specific workflow to call this reusable workflow. Would you like me to provide the implementation details for this refactoring?🧰 Tools
🪛 actionlint (1.7.4)
27-27: input "environment" of workflow_call event has the default value "dev", but it is also required. if an input is marked as required, its default value will never be used
(events)
37-37: the runner of "actions/checkout@v3" action is too old to run on GitHub Actions. update the action's version to fix this issue
(action)
🧹 Nitpick comments (2)
.github/workflows/deploy-kyb.yml (1)
41-49: Enhance webhook payload with build contextWhile error handling is implemented correctly, the webhook payload is empty and doesn't provide context about the build.
- name: Trigger Build webhook run: | response=$(curl -s -w "\n%{http_code}" -X POST \ - -d {} \ + -d "{\"app\":\"kyb\",\"environment\":\"${{ github.event_name == 'push' && github.ref_name || inputs.environment }}\",\"trigger\":\"${{ github.event_name }}\"}" \ "${{ secrets.KYB_WEBHOOK_URL }}" \ -H "Content-Type:application/json").github/workflows/deploy-backoffice.yml (1)
66-66: Maintain consistent naming convention in Slack messagesThe application name is inconsistently formatted in Slack messages:
- Line 66: "Back-office"
- Line 84: "Backoffice"
Standardize the naming across all messages.
- slack-message: "Back-office Build initialized in ${{ github.event_name == 'push' && github.ref_name || inputs.environment }}." + slack-message: "Backoffice Build initialized in ${{ github.event_name == 'push' && github.ref_name || inputs.environment }}."Also applies to: 84-84
📜 Review details
Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro
📒 Files selected for processing (3)
.github/workflows/deploy-backoffice.yml(1 hunks).github/workflows/deploy-dashboard.yml(1 hunks).github/workflows/deploy-kyb.yml(1 hunks)
🧰 Additional context used
🪛 actionlint (1.7.4)
.github/workflows/deploy-backoffice.yml
27-27: input "environment" of workflow_call event has the default value "dev", but it is also required. if an input is marked as required, its default value will never be used
(events)
37-37: the runner of "actions/checkout@v3" action is too old to run on GitHub Actions. update the action's version to fix this issue
(action)
.github/workflows/deploy-kyb.yml
27-27: input "environment" of workflow_call event has the default value "dev", but it is also required. if an input is marked as required, its default value will never be used
(events)
37-37: the runner of "actions/checkout@v3" action is too old to run on GitHub Actions. update the action's version to fix this issue
(action)
.github/workflows/deploy-dashboard.yml
27-27: input "environment" of workflow_call event has the default value "dev", but it is also required. if an input is marked as required, its default value will never be used
(events)
37-37: the runner of "actions/checkout@v3" action is too old to run on GitHub Actions. update the action's version to fix this issue
(action)
🪛 yamllint (1.35.1)
.github/workflows/deploy-backoffice.yml
[warning] 9-9: wrong indentation: expected 6 but found 4
(indentation)
[error] 86-86: no new line character at the end of file
(new-line-at-end-of-file)
.github/workflows/deploy-dashboard.yml
[warning] 9-9: wrong indentation: expected 6 but found 4
(indentation)
[error] 86-86: no new line character at the end of file
(new-line-at-end-of-file)
🔇 Additional comments (1)
.github/workflows/deploy-dashboard.yml (1)
1-86: Review completed
The issues found in this file are identical to those in deploy-kyb.yml. Please apply the same fixes suggested in the previous review comments.
🧰 Tools
🪛 actionlint (1.7.4)
27-27: input "environment" of workflow_call event has the default value "dev", but it is also required. if an input is marked as required, its default value will never be used
(events)
37-37: the runner of "actions/checkout@v3" action is too old to run on GitHub Actions. update the action's version to fix this issue
(action)
🪛 yamllint (1.35.1)
[warning] 9-9: wrong indentation: expected 6 but found 4
(indentation)
[error] 86-86: no new line character at the end of file
(new-line-at-end-of-file)
There was a problem hiding this comment.
Actionable comments posted: 1
♻️ Duplicate comments (1)
.github/workflows/deploy-kyb.yml (1)
22-27:⚠️ Potential issueFix contradictory workflow_call input configuration
The
environmentinput is marked as both required and has a default value, which is contradictory as the default value will never be used.workflow_call: inputs: environment: type: string description: 'Environment' - required: true - default: 'dev' + required: false + default: 'dev'🧰 Tools
🪛 actionlint (1.7.4)
27-27: input "environment" of workflow_call event has the default value "dev", but it is also required. if an input is marked as required, its default value will never be used
(events)
🧹 Nitpick comments (8)
.github/workflows/deploy-kyb.yml (2)
52-54: Optimize job permissionsThe jobs only need Slack notifications functionality but have additional permissions:
contents: read- Not needed for Slack notificationspackages: write- Not needed for Slack notificationsConsider removing unnecessary permissions to follow the principle of least privilege.
permissions: - contents: read - packages: writeAlso applies to: 71-73
61-62: Enhance Slack notifications with more contextThe current Slack messages could be more informative by including:
- The PR/commit that triggered the build
- Link to the GitHub Actions run
- Build duration (for success message)
- slack-message: "KYB Build initialized in ${{ github.event_name == 'push' && github.ref_name || inputs.environment }}." + slack-message: | + KYB Build initialized in ${{ github.event_name == 'push' && github.ref_name || inputs.environment }} + Trigger: ${{ github.event_name == 'push' && format('Commit {0}', github.sha) || 'Manual trigger' }} + Run: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}Also applies to: 79-80
.github/workflows/deploy-backoffice.yml (4)
1-1: Clarify the testing status in the workflow nameThe workflow name includes "Under Testing" which might cause confusion. Consider either:
- Removing "Under Testing" if the workflow is ready for production
- Adding a comment explaining what aspects are being tested
-name: Under Testing - Build and Deploy Backoffice Application +name: Build and Deploy Backoffice Application
5-7: Consider making the path filter more specificThe current path filter includes all files under
apps/backoffice-v2/**. Consider making it more specific to only trigger on relevant file changes (e.g., excluding test files or documentation).paths: # Run this pipeline only if there are changes in specified path - - 'apps/backoffice-v2/**' + - 'apps/backoffice-v2/src/**' + - 'apps/backoffice-v2/package.json' + - 'apps/backoffice-v2/package-lock.json'
33-33: Refactor repeated environment determination logicThe environment determination logic
${{ github.event_name == 'push' && github.ref_name || inputs.environment }}is repeated across multiple jobs. Consider using a job output or environment variable to maintain DRY principles.jobs: + set-environment: + runs-on: ubuntu-latest + outputs: + env_name: ${{ github.event_name == 'push' && github.ref_name || inputs.environment }} + steps: + - run: echo "Setting environment" build: name: Build Backoffice App + needs: [set-environment] runs-on: ubuntu-latest - environment: ${{ github.event_name == 'push' && github.ref_name || inputs.environment }} + environment: ${{ needs.set-environment.outputs.env_name }}Also applies to: 51-51, 70-70
47-82: Optimize Slack notification jobsConsider the following improvements:
- Consolidate duplicate Slack notification logic into a reusable workflow
- Add timeout configuration to prevent long-running jobs
- Add concurrency configuration to prevent multiple builds for the same environment
+ concurrency: + group: ${{ github.workflow }}-${{ github.event_name == 'push' && github.ref_name || inputs.environment }} + cancel-in-progress: true jobs: build: + timeout-minutes: 10 + notify-slack: + runs-on: ubuntu-latest + needs: [build] + if: always() + environment: ${{ github.event_name == 'push' && github.ref_name || inputs.environment }} + permissions: + contents: read + packages: write + steps: + - name: Send alert to Slack channel + id: slack + uses: slackapi/[email protected] + with: + channel-id: '${{ secrets.ARGO_SLACK_CHANNEL_ID }}' + slack-message: "Back-office Build ${{ needs.build.result == 'success' && 'initialized' || 'failed' }} in ${{ github.event_name == 'push' && github.ref_name || inputs.environment }}." + env: + SLACK_BOT_TOKEN: ${{ secrets.ARGO_SLACK_BOT_TOKEN }} - send-to-slack: - # Remove duplicate job - on-failure: - # Remove duplicate job🧰 Tools
🪛 yamllint (1.35.1)
[error] 82-82: no new line character at the end of file
(new-line-at-end-of-file)
.github/workflows/deploy-dashboard.yml (2)
52-55: Remove unnecessary permissionsBoth Slack notification jobs include
packages: writepermission which is not required for sending Slack messages.Remove the unnecessary permission:
permissions: contents: read - packages: writeAlso applies to: 71-74
47-82: Enhance Slack notifications with rich formattingThe current Slack messages are basic text. Consider using block kit formatting to provide richer, more informative notifications.
Replace both Slack notification steps with this enhanced version:
- name: Send alert to Slack channel id: slack uses: slackapi/[email protected] with: channel-id: '${{ secrets.ARGO_SLACK_CHANNEL_ID }}' - slack-message: "Dashboard Build initialized in ${{ github.event_name == 'push' && github.ref_name || inputs.environment }}." + payload: | + { + "blocks": [ + { + "type": "header", + "text": { + "type": "plain_text", + "text": "🏗️ Dashboard Build ${{ job.status == 'success' && 'Started' || 'Failed' }}" + } + }, + { + "type": "section", + "fields": [ + { + "type": "mrkdwn", + "text": "*Environment:*\n${{ github.event_name == 'push' && github.ref_name || inputs.environment }}" + }, + { + "type": "mrkdwn", + "text": "*Triggered by:*\n${{ github.event_name }}" + } + ] + } + ] + }Also, consider consolidating both Slack notification jobs into a single reusable job to reduce code duplication.
🧰 Tools
🪛 yamllint (1.35.1)
[error] 82-82: no new line character at the end of file
(new-line-at-end-of-file)
📜 Review details
Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro
📒 Files selected for processing (3)
.github/workflows/deploy-backoffice.yml(1 hunks).github/workflows/deploy-dashboard.yml(1 hunks).github/workflows/deploy-kyb.yml(1 hunks)
🧰 Additional context used
🪛 actionlint (1.7.4)
.github/workflows/deploy-kyb.yml
27-27: input "environment" of workflow_call event has the default value "dev", but it is also required. if an input is marked as required, its default value will never be used
(events)
.github/workflows/deploy-backoffice.yml
27-27: input "environment" of workflow_call event has the default value "dev", but it is also required. if an input is marked as required, its default value will never be used
(events)
.github/workflows/deploy-dashboard.yml
27-27: input "environment" of workflow_call event has the default value "dev", but it is also required. if an input is marked as required, its default value will never be used
(events)
🪛 yamllint (1.35.1)
.github/workflows/deploy-backoffice.yml
[warning] 9-9: wrong indentation: expected 6 but found 4
(indentation)
[error] 82-82: no new line character at the end of file
(new-line-at-end-of-file)
.github/workflows/deploy-dashboard.yml
[warning] 9-9: wrong indentation: expected 6 but found 4
(indentation)
[error] 82-82: no new line character at the end of file
(new-line-at-end-of-file)
🔇 Additional comments (6)
.github/workflows/deploy-kyb.yml (2)
1-1: Clarify the testing status in the workflow name
The workflow name includes "Under Testing" - is this intended for production use? Consider removing this prefix once testing is complete.
34-45: 🛠️ Refactor suggestion
Add repository checkout step
The build job is missing the checkout step which might be needed for accessing repository contents.
steps:
+ - name: Checkout
+ uses: actions/checkout@v4
# Trigger a webhook
- name: Trigger Build webhookLikely invalid or redundant comment.
.github/workflows/deploy-backoffice.yml (2)
21-27: Fix workflow_call input configuration
The environment input in the workflow_call event is marked as both required and has a default value. This is redundant as the default value will never be used when the input is required.
workflow_call:
inputs:
environment:
type: string
description: 'Environment'
- required: true
- default: 'dev'
+ required: false
+ default: 'dev'🧰 Tools
🪛 actionlint (1.7.4)
27-27: input "environment" of workflow_call event has the default value "dev", but it is also required. if an input is marked as required, its default value will never be used
(events)
36-45: Enhance webhook implementation
The current webhook implementation can be improved in several ways:
- Add proper request headers for authentication
- Include meaningful payload with build context
- Add retry mechanism for transient failures
- name: Trigger Build webhook
run: |
+ MAX_RETRIES=3
+ retry_count=0
+ while [ $retry_count -lt $MAX_RETRIES ]; do
response=$(curl -s -w "\n%{http_code}" -X POST \
- -d {} \
+ -d "{\"app\":\"backoffice\",\"environment\":\"${{ github.event_name == 'push' && github.ref_name || inputs.environment }}\",\"trigger\":\"${{ github.event_name }}\",\"sha\":\"${{ github.sha }}\"}" \
"${{ secrets.BACKOFFICE_WEBHOOK_URL }}" \
- -H "Content-Type:application/json"
+ -H "Content-Type:application/json" \
+ -H "X-GitHub-Event: ${{ github.event_name }}" \
+ -H "X-Hub-Signature: ${{ github.sha }}"
status_code=$(echo "$response" | tail -n 1)
if [ "$status_code" -lt 200 ] || [ "$status_code" -ge 300 ]; then
+ retry_count=$((retry_count + 1))
+ if [ $retry_count -lt $MAX_RETRIES ]; then
+ echo "Attempt $retry_count failed. Retrying in 5 seconds..."
+ sleep 5
+ continue
+ fi
echo "Error: Webhook request failed with status $status_code"
echo "Response: $(echo "$response" | head -n -1)"
exit 1
fi
+ break
+ done.github/workflows/deploy-dashboard.yml (2)
1-82: Consider implementing reusable workflow pattern
As suggested in a previous review, all three workflows (dashboard, backoffice, and kyb) share identical structure and logic. Consider refactoring into a reusable workflow to improve maintainability.
The previous review provided a detailed implementation suggestion for creating a reusable workflow pattern. Please refer to that comment for the implementation details.
🧰 Tools
🪛 actionlint (1.7.4)
27-27: input "environment" of workflow_call event has the default value "dev", but it is also required. if an input is marked as required, its default value will never be used
(events)
🪛 yamllint (1.35.1)
[warning] 9-9: wrong indentation: expected 6 but found 4
(indentation)
[error] 82-82: no new line character at the end of file
(new-line-at-end-of-file)
36-45: 🛠️ Refactor suggestion
Enhance webhook payload with build context
The webhook request is sent with an empty payload (-d {}), which misses important context about the build. Consider including relevant information such as:
- Environment
- Trigger source (push/manual)
- Repository information
- Branch/commit details
Apply this diff to enhance the webhook payload:
- name: Trigger Build webhook
run: |
- response=$(curl -s -w "\n%{http_code}" -X POST -d {} "${{ secrets.DASHBOARD_WEBHOOK_URL }}" -H "Content-Type:application/json")
+ response=$(curl -s -w "\n%{http_code}" -X POST \
+ -d "{\"app\":\"dashboard\",\"environment\":\"${{ github.event_name == 'push' && github.ref_name || inputs.environment }}\",\"trigger\":\"${{ github.event_name }}\",\"repo\":\"${{ github.repository }}\",\"ref\":\"${{ github.ref }}\"}" \
+ "${{ secrets.DASHBOARD_WEBHOOK_URL }}" \
+ -H "Content-Type:application/json")
status_code=$(echo "$response" | tail -n 1)
if [ "$status_code" -lt 200 ] || [ "$status_code" -ge 300 ]; then
echo "Error: Webhook request failed with status $status_code"Likely invalid or redundant comment.
There was a problem hiding this comment.
Actionable comments posted: 0
♻️ Duplicate comments (3)
.github/workflows/deploy-kyb.yml (1)
21-28: 🛠️ Refactor suggestionUpdate workflow_call input configuration for "environment".
The input is defined with both a default value ('dev') and marked as required, which makes the default value ineffective. To allow the default to be applied when no input is provided, set "required" to false.Proposed diff:
- environment: - type: string - description: 'Environment' - required: true - default: 'dev' + environment: + type: string + description: 'Environment' + required: false + default: 'dev'🧰 Tools
🪛 actionlint (1.7.4)
27-27: input "environment" of workflow_call event has the default value "dev", but it is also required. if an input is marked as required, its default value will never be used
(events)
.github/workflows/deploy-dashboard.yml (1)
21-28: 🛠️ Refactor suggestionUpdate workflow_call input configuration for "environment".
Similar to the KYB workflow, the workflow_call input here is marked as required while also providing a default value. Changing "required" to false will let the default value ('dev') take effect when no input is provided.Proposed diff:
- required: true - default: 'dev' + required: false + default: 'dev'🧰 Tools
🪛 actionlint (1.7.4)
27-27: input "environment" of workflow_call event has the default value "dev", but it is also required. if an input is marked as required, its default value will never be used
(events)
.github/workflows/deploy-backoffice.yml (1)
21-28: 🛠️ Refactor suggestionUpdate workflow_call input configuration for "environment".
As with the other workflows, the "environment" input is set as required while also having a default value. To enable the default value to be used, adjust the input by setting "required" to false.Proposed diff:
- required: true - default: 'dev' + required: false + default: 'dev'🧰 Tools
🪛 actionlint (1.7.4)
27-27: input "environment" of workflow_call event has the default value "dev", but it is also required. if an input is marked as required, its default value will never be used
(events)
🧹 Nitpick comments (4)
.github/workflows/deploy-kyb.yml (1)
29-35: Maintain consistency and consider refactoring shared logic.
The workflow’s jobs (build, send-to-slack, on-failure) follow a pattern very similar to the other application workflows. For long-term maintainability, consider extracting the common webhook trigger and Slack notification steps into a reusable workflow. This flexible approach would reduce duplication..github/workflows/deploy-dashboard.yml (2)
81-82: Ensure a new line at end-of-file.
YAMLlint reports a missing new line at the end of the file. Adding a newline improves compatibility with various tools and editors.🧰 Tools
🪛 YAMLlint (1.35.1)
[error] 82-82: no new line character at the end of file
(new-line-at-end-of-file)
29-35: Consider consolidating repetitive workflow logic.
The build, send-to-slack, and on-failure jobs mirror those in the KYB and Backoffice workflows. Refactoring the shared logic into a reusable workflow file can ease maintenance and reduce duplication across your deployment pipelines..github/workflows/deploy-backoffice.yml (1)
81-82: Add a newline at the end of the file.
YAMLlint indicates that there is no new line at EOF, which can lead to issues with certain tooling. Please add a newline at the end.🧰 Tools
🪛 YAMLlint (1.35.1)
[error] 82-82: no new line character at the end of file
(new-line-at-end-of-file)
📜 Review details
Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro
📒 Files selected for processing (3)
.github/workflows/deploy-backoffice.yml(1 hunks).github/workflows/deploy-dashboard.yml(1 hunks).github/workflows/deploy-kyb.yml(1 hunks)
🧰 Additional context used
🪛 actionlint (1.7.4)
.github/workflows/deploy-backoffice.yml
27-27: input "environment" of workflow_call event has the default value "dev", but it is also required. if an input is marked as required, its default value will never be used
(events)
.github/workflows/deploy-dashboard.yml
27-27: input "environment" of workflow_call event has the default value "dev", but it is also required. if an input is marked as required, its default value will never be used
(events)
.github/workflows/deploy-kyb.yml
27-27: input "environment" of workflow_call event has the default value "dev", but it is also required. if an input is marked as required, its default value will never be used
(events)
🪛 YAMLlint (1.35.1)
.github/workflows/deploy-backoffice.yml
[error] 82-82: no new line character at the end of file
(new-line-at-end-of-file)
.github/workflows/deploy-dashboard.yml
[error] 82-82: no new line character at the end of file
(new-line-at-end-of-file)
⏰ Context from checks skipped due to timeout of 90000ms (8)
- GitHub Check: test_windows
- GitHub Check: test_linux
- GitHub Check: spell_check
- GitHub Check: lint
- GitHub Check: build (windows-latest)
- GitHub Check: build (ubuntu-latest)
- GitHub Check: format
- GitHub Check: Analyze (javascript)
🔇 Additional comments (1)
.github/workflows/deploy-backoffice.yml (1)
29-35: Overall structure looks consistent.
The error handling in the webhook trigger and the branching logic for determining the environment are well implemented. Ensuring consistency with similar workflows is beneficial. Consider tracking common workflow patterns for future refactoring into a centralized reusable workflow.
New Actions for Amplify Applications to build manually
Summary by CodeRabbit
New Features
Chores