The latest articles on DEV Community by Teakowa (@teakowa). https://dev.to/teakowa https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F636376%2F809831c6-8875-423e-95f0-5c7f09d0ec14.jpeg https://dev.to/teakowa en Teakowa Fri, 01 Jul 2022 11:06:25 +0000 https://dev.to/teakowa/xnxk-s-web-front-end-automated-publishing-practice-l82 https://dev.to/teakowa/xnxk-s-web-front-end-automated-publishing-practice-l82 <p><a href="https://teakowa.me/archives/%E8%99%9A%E6%8B%9F%E6%98%9F%E7%A9%BA%E7%9A%84-web-%E5%89%8D%E7%AB%AF%E8%87%AA%E5%8A%A8%E5%8C%96%E5%8F%91%E5%B8%83%E5%AE%9E%E8%B7%B5/">The Chinese version is here</a></p> <p>Hello, my name is Teakowa, this article will introduce to you how our virtual starry sky builds a web front-end automated publishing pipeline based on GitHub Action, and the problems we encountered.</p> <h2> Some Prerequisites </h2> <p>Our development is All in GitHub, if you want to do CI /CD integration on GitHub in 2022, then I don't have any reason not to recommend GitHub Action, GitHub Action very convenient, it integrates natively with GitHub, the community is active, the configuration is simple (not necessarily), and it is the most suitable for us at present.</p> <p>Our release process is relatively simple, the PR will be released immediately after the merger:</p> <p><a href="https://res.cloudinary.com/practicaldev/image/fetch/s--aoyUbD2r--/c_limit%2Cf_auto%2Cfl_progressive%2Cq_auto%2Cw_880/https://dev-to-uploads.s3.amazonaws.com/uploads/articles/ly3kjijjk32fzz5cssod.png" class="article-body-image-wrapper"><img src="https://res.cloudinary.com/practicaldev/image/fetch/s--aoyUbD2r--/c_limit%2Cf_auto%2Cfl_progressive%2Cq_auto%2Cw_880/https://dev-to-uploads.s3.amazonaws.com/uploads/articles/ly3kjijjk32fzz5cssod.png" alt="Image description" width="800" height="65"></a> </p> <h2> Automation version </h2> <p>Before the production release process, there is another step, which is to automatically generate the version. All our projects follow the <a href="https://semver.org/">semantic version</a> specification to release candidates, and use <a href="https://github.com/semantic-release/semantic-release">semantic-release</a> to automate this process. Whenever our Pull Request is merged into the main branch, Release Workflow will run, and automatically create new tags and releases according to the rules.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="s">.github/workflows/release.yml</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Release</span> <span class="na">on</span><span class="pi">:</span> <span class="na">push</span><span class="pi">:</span> <span class="na">branches</span><span class="pi">:</span> <span class="pi">-</span> <span class="s">main</span> <span class="pi">-</span> <span class="s">rc</span> <span class="pi">-</span> <span class="s">beta</span> <span class="pi">-</span> <span class="s">alpha</span> <span class="na">workflow_dispatch</span><span class="pi">:</span> <span class="na">jobs</span><span class="pi">:</span> <span class="na">release</span><span class="pi">:</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Release</span> <span class="na">uses</span><span class="pi">:</span> <span class="s">XNXKTech/workflows/.github/workflows/release.yml@main</span> <span class="na">secrets</span><span class="pi">:</span> <span class="na">CI_PAT</span><span class="pi">:</span> <span class="s">${{ secrets.CI_PAT }}</span> </code></pre> </div> <p>Here we use GitHub's <a href="https://docs.github.com/en/actions/using-workflows/reusing-workflows#calling-a-reusable-workflow">reusable workflow</a>, the complete reusable workflow is as follows:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="na">name</span><span class="pi">:</span> <span class="s">Release</span> <span class="na">on</span><span class="pi">:</span> <span class="na">workflow_call</span><span class="pi">:</span> <span class="na">outputs</span><span class="pi">:</span> <span class="na">new_release_published</span><span class="pi">:</span> <span class="na">description</span><span class="pi">:</span> <span class="s2">"</span><span class="s">New</span><span class="nv"> </span><span class="s">release</span><span class="nv"> </span><span class="s">published"</span> <span class="na">value</span><span class="pi">:</span> <span class="s">${{ jobs.release.outputs.new_release_published }}</span> <span class="na">new_release_version</span><span class="pi">:</span> <span class="na">description</span><span class="pi">:</span> <span class="s2">"</span><span class="s">New</span><span class="nv"> </span><span class="s">release</span><span class="nv"> </span><span class="s">version"</span> <span class="na">value</span><span class="pi">:</span> <span class="s">${{ jobs.release.outputs.new_release_version }}</span> <span class="na">new_release_major_version</span><span class="pi">:</span> <span class="na">description</span><span class="pi">:</span> <span class="s2">"</span><span class="s">New</span><span class="nv"> </span><span class="s">major</span><span class="nv"> </span><span class="s">version"</span> <span class="na">value</span><span class="pi">:</span> <span class="s">${{ jobs.release.outputs.new_release_major_version }}</span> <span class="na">new_release_minor_version</span><span class="pi">:</span> <span class="na">description</span><span class="pi">:</span> <span class="s2">"</span><span class="s">New</span><span class="nv"> </span><span class="s">minor</span><span class="nv"> </span><span class="s">version"</span> <span class="na">value</span><span class="pi">:</span> <span class="s">${{ jobs.release.outputs.new_release_minor_version }}</span> <span class="na">new_release_patch_version</span><span class="pi">:</span> <span class="na">description</span><span class="pi">:</span> <span class="s2">"</span><span class="s">New</span><span class="nv"> </span><span class="s">patch</span><span class="nv"> </span><span class="s">version"</span> <span class="na">value</span><span class="pi">:</span> <span class="s">${{ jobs.release.outputs.new_release_patch_version }}</span> <span class="na">new_release_channel</span><span class="pi">:</span> <span class="na">description</span><span class="pi">:</span> <span class="s2">"</span><span class="s">New</span><span class="nv"> </span><span class="s">release</span><span class="nv"> </span><span class="s">channel"</span> <span class="na">value</span><span class="pi">:</span> <span class="s">${{ jobs.release.outputs.new_release_channel }}</span> <span class="na">new_release_notes</span><span class="pi">:</span> <span class="na">description</span><span class="pi">:</span> <span class="s2">"</span><span class="s">New</span><span class="nv"> </span><span class="s">release</span><span class="nv"> </span><span class="s">notes"</span> <span class="na">value</span><span class="pi">:</span> <span class="s">${{ jobs.release.outputs.new_release_notes }}</span> <span class="na">last_release_version</span><span class="pi">:</span> <span class="na">description</span><span class="pi">:</span> <span class="s2">"</span><span class="s">Last</span><span class="nv"> </span><span class="s">release</span><span class="nv"> </span><span class="s">version"</span> <span class="na">value</span><span class="pi">:</span> <span class="s">${{ jobs.release.outputs.last_release_version }}</span> <span class="na">inputs</span><span class="pi">:</span> <span class="na">semantic_version</span><span class="pi">:</span> <span class="na">required</span><span class="pi">:</span> <span class="no">false</span> <span class="na">description</span><span class="pi">:</span> <span class="s">Semantic version</span> <span class="na">default</span><span class="pi">:</span> <span class="m">19</span> <span class="na">type</span><span class="pi">:</span> <span class="s">string</span> <span class="na">extra_plugins</span><span class="pi">:</span> <span class="na">required</span><span class="pi">:</span> <span class="no">false</span> <span class="na">description</span><span class="pi">:</span> <span class="s">Extra plugins</span> <span class="na">default</span><span class="pi">:</span> <span class="pi">|</span> <span class="s">@semantic-release/changelog</span> <span class="s">@semantic-release/git</span> <span class="s">conventional-changelog-conventionalcommits</span> <span class="na">type</span><span class="pi">:</span> <span class="s">string</span> <span class="na">dry_run</span><span class="pi">:</span> <span class="na">required</span><span class="pi">:</span> <span class="no">false</span> <span class="na">description</span><span class="pi">:</span> <span class="s">Dry run</span> <span class="na">default</span><span class="pi">:</span> <span class="no">false</span> <span class="na">type</span><span class="pi">:</span> <span class="s">string</span> <span class="na">secrets</span><span class="pi">:</span> <span class="na">CI_PAT</span><span class="pi">:</span> <span class="na">required</span><span class="pi">:</span> <span class="no">false</span> <span class="na">GH_TOKEN</span><span class="pi">:</span> <span class="na">description</span><span class="pi">:</span> <span class="s1">'</span><span class="s">Personal</span><span class="nv"> </span><span class="s">access</span><span class="nv"> </span><span class="s">token</span><span class="nv"> </span><span class="s">passed</span><span class="nv"> </span><span class="s">from</span><span class="nv"> </span><span class="s">the</span><span class="nv"> </span><span class="s">caller</span><span class="nv"> </span><span class="s">workflow'</span> <span class="na">required</span><span class="pi">:</span> <span class="no">false</span> <span class="na">NPM_TOKEN</span><span class="pi">:</span> <span class="na">required</span><span class="pi">:</span> <span class="no">true</span> <span class="na">env</span><span class="pi">:</span> <span class="na">GITHUB_TOKEN</span><span class="pi">:</span> <span class="s">${{ secrets.GH_TOKEN == '' &amp;&amp; secrets.CI_PAT || secrets.GH_TOKEN }}</span> <span class="na">GH_TOKEN</span><span class="pi">:</span> <span class="s">${{ secrets.GH_TOKEN == '' &amp;&amp; secrets.CI_PAT || secrets.GH_TOKEN }}</span> <span class="na">token</span><span class="pi">:</span> <span class="s">${{ secrets.GH_TOKEN == '' &amp;&amp; secrets.CI_PAT || secrets.GH_TOKEN }}</span> <span class="na">jobs</span><span class="pi">:</span> <span class="na">release</span><span class="pi">:</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Release</span> <span class="na">runs-on</span><span class="pi">:</span> <span class="s">ubuntu-latest</span> <span class="na">outputs</span><span class="pi">:</span> <span class="na">new_release_published</span><span class="pi">:</span> <span class="s">${{ steps.semantic.outputs.new_release_published }}</span> <span class="na">new_release_version</span><span class="pi">:</span> <span class="s">${{ steps.semantic.outputs.new_release_version }}</span> <span class="na">new_release_major_version</span><span class="pi">:</span> <span class="s">${{ steps.semantic.outputs.new_release_major_version }}</span> <span class="na">new_release_minor_version</span><span class="pi">:</span> <span class="s">${{ steps.semantic.outputs.new_release_minor_version }}</span> <span class="na">new_release_patch_version</span><span class="pi">:</span> <span class="s">${{ steps.semantic.outputs.new_release_patch_version }}</span> <span class="na">new_release_channel</span><span class="pi">:</span> <span class="s">${{ steps.semantic.outputs.new_release_channel }}</span> <span class="na">new_release_notes</span><span class="pi">:</span> <span class="s">${{ steps.semantic.outputs.new_release_notes }}</span> <span class="na">last_release_version</span><span class="pi">:</span> <span class="s">${{ steps.semantic.outputs.last_release_version }}</span> <span class="na">steps</span><span class="pi">:</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Checkout</span> <span class="na">uses</span><span class="pi">:</span> <span class="s">actions/checkout@v3.0.2</span> <span class="na">with</span><span class="pi">:</span> <span class="na">persist-credentials</span><span class="pi">:</span> <span class="no">false</span> <span class="na">fetch-depth</span><span class="pi">:</span> <span class="m">0</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Use remote configuration</span> <span class="na">if</span><span class="pi">:</span> <span class="s">contains(fromJson('["XNXKTech", "StarUbiquitous", "terraform-xnxk-modules"]'), github.event.repository.owner.name) == </span><span class="no">true</span> <span class="na">run</span><span class="pi">:</span> <span class="pi">|</span> <span class="s">wget -qO- https://raw.githubusercontent.com/XNXKTech/workflows/main/release/.releaserc.json &gt; .releaserc.json</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Semantic Release</span> <span class="na">uses</span><span class="pi">:</span> <span class="s">cycjimmy/semantic-release-action@v2</span> <span class="na">id</span><span class="pi">:</span> <span class="s">semantic</span> <span class="na">with</span><span class="pi">:</span> <span class="na">semantic_version</span><span class="pi">:</span> <span class="s">${{ inputs.semantic_version }}</span> <span class="na">extra_plugins</span><span class="pi">:</span> <span class="pi">|</span> <span class="s">@semantic-release/changelog</span> <span class="s">@semantic-release/git</span> <span class="s">conventional-changelog-conventionalcommits</span> <span class="na">dry_run</span><span class="pi">:</span> <span class="s">${{ inputs.dry_run }}</span> <span class="na">env</span><span class="pi">:</span> <span class="na">GITHUB_TOKEN</span><span class="pi">:</span> <span class="s">${{ env.GH_TOKEN }}</span> <span class="na">NPM_TOKEN</span><span class="pi">:</span> <span class="s">${{ secrets.NPM_TOKEN }}</span> </code></pre> </div> <p>By reusable workflow, we can maintain only one workflow and let all codebase reuse, reduce our maintenance cost, after all, it is very painful to change the workflow one by one after more repository 😑</p> <p>It also unifies the <code>releaserc.json</code> used by each warehouse, allowing us to further reduce maintenance costs.<br> More about our reusable workflow practices will be published if there is a chance, welcome to pay attention.</p> <h2> Automatic publishing </h2> <p>First the complete workflow:</p> <p><a href="https://res.cloudinary.com/practicaldev/image/fetch/s--K2Q402mG--/c_limit%2Cf_auto%2Cfl_progressive%2Cq_auto%2Cw_880/https://dev-to-uploads.s3.amazonaws.com/uploads/articles/o3190z2jii1f48zl0za8.png" class="article-body-image-wrapper"><img src="https://res.cloudinary.com/practicaldev/image/fetch/s--K2Q402mG--/c_limit%2Cf_auto%2Cfl_progressive%2Cq_auto%2Cw_880/https://dev-to-uploads.s3.amazonaws.com/uploads/articles/o3190z2jii1f48zl0za8.png" alt="Image description" width="800" height="307"></a></p> <p>Our Production workflow is triggered by the release event, which is done by the GitHub webhook and doesn't require our attention, but we also use <code>workflow_dispatch</code> events that allow us to run the Production workflow manually:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="s">.github/workflows/production.yml</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Production</span> <span class="na">on</span><span class="pi">:</span> <span class="na">release</span><span class="pi">:</span> <span class="na">types</span><span class="pi">:</span> <span class="pi">[</span> <span class="nv">published</span> <span class="pi">]</span> <span class="na">workflow_dispatch</span><span class="pi">:</span> </code></pre> </div> <h2> Build </h2> <p>The first is the Build part, which needs to compile the front-end static resource files for subsequent workflow processing:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="na">jobs</span><span class="pi">:</span> <span class="na">build</span><span class="pi">:</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Build</span> <span class="na">runs-on</span><span class="pi">:</span> <span class="s">ubuntu-latest</span> <span class="na">timeout-minutes</span><span class="pi">:</span> <span class="m">10</span> <span class="na">steps</span><span class="pi">:</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Split string</span> <span class="na">uses</span><span class="pi">:</span> <span class="s">jungwinter/split@v2</span> <span class="na">id</span><span class="pi">:</span> <span class="s">split</span> <span class="na">with</span><span class="pi">:</span> <span class="na">separator</span><span class="pi">:</span> <span class="s1">'</span><span class="s">/'</span> <span class="na">msg</span><span class="pi">:</span> <span class="s">${{ github.ref }}</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Checkout ${{ steps.split.outputs._2 }}</span> <span class="na">uses</span><span class="pi">:</span> <span class="s">actions/checkout@v3</span> <span class="na">with</span><span class="pi">:</span> <span class="na">ref</span><span class="pi">:</span> <span class="s">${{ steps.split.outputs._2 }}</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Setup Node ${{ matrix.node }}</span> <span class="na">uses</span><span class="pi">:</span> <span class="s">actions/setup-node@v3.3.0</span> <span class="na">with</span><span class="pi">:</span> <span class="na">node-version</span><span class="pi">:</span> <span class="s">${{ matrix.node }}</span> <span class="na">cache</span><span class="pi">:</span> <span class="s">npm</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Setup yarn</span> <span class="na">run</span><span class="pi">:</span> <span class="s">npm install -g yarn</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Setup Nodejs with yarn caching</span> <span class="na">uses</span><span class="pi">:</span> <span class="s">actions/setup-node@v3.3.0</span> <span class="na">with</span><span class="pi">:</span> <span class="na">node-version</span><span class="pi">:</span> <span class="s">${{ matrix.node }}</span> <span class="na">cache</span><span class="pi">:</span> <span class="s">yarn</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Cache dependencies</span> <span class="na">uses</span><span class="pi">:</span> <span class="s">actions/cache@v3.0.4</span> <span class="na">id</span><span class="pi">:</span> <span class="s">node-modules-cache</span> <span class="na">with</span><span class="pi">:</span> <span class="na">path</span><span class="pi">:</span> <span class="pi">|</span> <span class="s">node_modules</span> <span class="na">key</span><span class="pi">:</span> <span class="s">${{ runner.os }}-yarn-${{ hashFiles('**/yarn.lock') }}</span> <span class="na">restore-keys</span><span class="pi">:</span> <span class="pi">|</span> <span class="s">${{ runner.os }}-yarn</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Install package.json dependencies with Yarn</span> <span class="na">if</span><span class="pi">:</span> <span class="s">steps.node-modules-cache.outputs.cache-hit != 'true'</span> <span class="na">run</span><span class="pi">:</span> <span class="s">yarn --frozen-lockfile</span> <span class="na">env</span><span class="pi">:</span> <span class="na">PUPPETEER_SKIP_CHROMIUM_DOWNLOAD</span><span class="pi">:</span> <span class="no">true</span> <span class="na">HUSKY_SKIP_INSTALL</span><span class="pi">:</span> <span class="no">true</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Cache build</span> <span class="na">uses</span><span class="pi">:</span> <span class="s">actions/cache@v3.0.4</span> <span class="na">id</span><span class="pi">:</span> <span class="s">build-cache</span> <span class="na">with</span><span class="pi">:</span> <span class="na">path</span><span class="pi">:</span> <span class="pi">|</span> <span class="s">build</span> <span class="na">key</span><span class="pi">:</span> <span class="s">${{ runner.os }}-build-${{ github.sha }}</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Build</span> <span class="na">if</span><span class="pi">:</span> <span class="s">steps.build-cache.outputs.cache-hit != 'true'</span> <span class="na">run</span><span class="pi">:</span> <span class="s">yarn build</span> </code></pre> </div> <p>Here are a few places to expand on, our Checkout section is not quite the same as the common one, which may be just one checkout.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="pi">-</span> <span class="na">uses</span><span class="pi">:</span> <span class="s">actions/checkout@v2</span> </code></pre> </div> <p>But we encountered a small problem, checkout by default will use the <code>default branch</code> set in the code repository, and some of our CD workflow are <code>workflow_dispatch</code> and other such <code>push</code> and <code>release</code> events coexist. we can not use the default parameters, we must pass a ref in to ensure that the action will be in accordance with our expectations checkout, we have tried to do support for release.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Get the version</span> <span class="na">id</span><span class="pi">:</span> <span class="s">get_version</span> <span class="na">run</span><span class="pi">:</span> <span class="s">echo ::set-output name=VERSION::${GITHUB_REF/refs\/tags\//}</span> </code></pre> </div> <p>However, it turns out that it doesn't work for other events because the webhook playload for other events doesn't have <code>/refs/tags</code> in it, which results in not getting the ref we expect when the webhook event is something other than a release.</p> <p><code>$GITHUB_REF</code> is available, but not in the format we expect, because the content of <code>$GITHUB_REF</code> varies depending on the event.</p> <p>For example, <code>workflow_dispatch</code> supports selecting branch and tag to run manually, then <code>$GITHUB_REF</code> may be <code>refs/heads/main</code> or <code>refs/tags/v1.111.1-beta.4</code>.</p> <p>So in the end I decided to be brutal, and since <code>$GITHUB_REF</code> will exist regardless of any event, just split it:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Split string</span> <span class="na">uses</span><span class="pi">:</span> <span class="s">jungwinter/split@v2</span> <span class="na">id</span><span class="pi">:</span> <span class="s">split</span> <span class="na">with</span><span class="pi">:</span> <span class="na">separator</span><span class="pi">:</span> <span class="s1">'</span><span class="s">/'</span> <span class="na">msg</span><span class="pi">:</span> <span class="s">${{ github.ref }}</span> </code></pre> </div> <p>I don't care whether it is <code>main</code> or <code>v1.111.1</code>, because we can always checkout the correct ref as we expect.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Checkout ${{ steps.split.outputs._2 }}</span> <span class="na">uses</span><span class="pi">:</span> <span class="s">actions/checkout@v3</span> <span class="na">with</span><span class="pi">:</span> <span class="na">ref</span><span class="pi">:</span> <span class="s">${{ steps.split.outputs._2 }}</span> </code></pre> </div> <p>Next is the caching and compilation step. Since the Build part is only responsible for compilation, we only need to cache the result of Build and let subsequent workflows reuse it through action cache.</p> <p>It is important to make efficient use of caching, and there are two key locations in the Build process where caching is used.</p> <ol> <li>Project dependencies</li> <li>Compile file</li> </ol> <h2> Project dependencies </h2> <p>As we all know, the dependency of front-end projects is a cosmic problem.</p> <p><a href="https://res.cloudinary.com/practicaldev/image/fetch/s--rpFxtgbO--/c_limit%2Cf_auto%2Cfl_progressive%2Cq_auto%2Cw_880/https://dev-to-uploads.s3.amazonaws.com/uploads/articles/2ny3c4u9faygoasvyfcs.png" class="article-body-image-wrapper"><img src="https://res.cloudinary.com/practicaldev/image/fetch/s--rpFxtgbO--/c_limit%2Cf_auto%2Cfl_progressive%2Cq_auto%2Cw_880/https://dev-to-uploads.s3.amazonaws.com/uploads/articles/2ny3c4u9faygoasvyfcs.png" alt="Image description" width="700" height="503"></a> </p> <p>We can't reinstall project dependencies at every Build, that would make the whole Workflow execution very long (and the bill would be long)</p> <p>That's why the project dependency cache is set in Build workflow.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Cache dependencies</span> <span class="na">uses</span><span class="pi">:</span> <span class="s">actions/cache@v3.0.4</span> <span class="na">id</span><span class="pi">:</span> <span class="s">node-modules-cache</span> <span class="na">with</span><span class="pi">:</span> <span class="na">path</span><span class="pi">:</span> <span class="pi">|</span> <span class="s">node_modules</span> <span class="na">key</span><span class="pi">:</span> <span class="s">${{ runner.os }}-yarn-${{ hashFiles('**/yarn.lock') }}</span> <span class="na">restore-keys</span><span class="pi">:</span> <span class="pi">|</span> <span class="s">${{ runner.os }}-yarn</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Install package.json dependencies with Yarn</span> <span class="na">if</span><span class="pi">:</span> <span class="s">steps.node-modules-cache.outputs.cache-hit != 'true'</span> <span class="na">run</span><span class="pi">:</span> <span class="s">yarn --frozen-lockfile</span> <span class="na">env</span><span class="pi">:</span> <span class="na">PUPPETEER_SKIP_CHROMIUM_DOWNLOAD</span><span class="pi">:</span> <span class="no">true</span> <span class="na">HUSKY_SKIP_INSTALL</span><span class="pi">:</span> <span class="no">true</span> </code></pre> </div> <p>Briefly introduce the magic of <a href="https://github.com/actions/cache">actions/cache</a> :</p> <ul> <li>10 GB cache capacity per repository</li> <li>Unlimited of cache keys</li> <li>Each cache key is valid for a minimum of 7 days (will be deleted if there is no access within 7 days)</li> <li>If the capacity limit is exceeded, GitHub will save the latest cache and delete the previous one</li> </ul> <p>My God these rules we can theoretically reuse a cache infinitely across multiple workflows!</p> <p>The <code>path</code>, <code>key</code>, and <code>restore-keys</code> of the cache are set to maximize the reuse of the project dependency cache, where <code>key</code> and <code>restore-keys</code> are critical:</p> <ul> <li> <code>Key</code> - the key used to recover and save the cache</li> <li> <code>Restore-keys</code> - If the <code>key</code> does not have a cache hit, it will find and restore the cache in order according to the provided recovery key, and the <code>cache-hit</code> will return <code>false</code>.</li> </ul> <p>The key is the basis for making sure we can get the most out of the cache. For yarn or npm, it's just a matter of hashing the lock file and setting the cache key:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="s">${{ runner.os }}-yarn-${{ hashFiles('**/yarn.lock') }}</span> </code></pre> </div> <p>If the file hash of the lock is consistent, it will hit the cache directly, but if the file hash is inconsistent and no cache is hit, do we have no node_modules at this point?</p> <p>No, by setting the <code>restore-keys</code> to <code>${{runner.os}} -yarn</code> , even if the key misses the cache, we can still recover most of the cache from the previous key:</p> <p><a href="https://res.cloudinary.com/practicaldev/image/fetch/s--DrKdXbGW--/c_limit%2Cf_auto%2Cfl_progressive%2Cq_auto%2Cw_880/https://dev-to-uploads.s3.amazonaws.com/uploads/articles/xpd7hzkvvftjo85b00x4.png" class="article-body-image-wrapper"><img src="https://res.cloudinary.com/practicaldev/image/fetch/s--DrKdXbGW--/c_limit%2Cf_auto%2Cfl_progressive%2Cq_auto%2Cw_880/https://dev-to-uploads.s3.amazonaws.com/uploads/articles/xpd7hzkvvftjo85b00x4.png" alt="Image description" width="800" height="403"></a></p> <p>At this point, <code>cache-hit</code> returns <code>false</code> , no cache hit, so we do yarn install dependencies, but only install changed dependencies, which ensures that even if no cache hit, we still don't need to reinstall all dependencies from start to finish.</p> <p>These two steps exist in the CI process of all our projects (depending on the language details, but the essence is to ensure that multiple workflows reuse the cache), for example, Build/ESLint/Test workflow will contain these two steps, and these CI workflows will be executed in the PR Review link. Basically, the project depends on the cache from PR.</p> <p>When the cache hits, the action will skip the following dependency installation steps and restore the <code>node_modules</code> directly to the project directory:</p> <p><a href="https://res.cloudinary.com/practicaldev/image/fetch/s--p7nqnkY8--/c_limit%2Cf_auto%2Cfl_progressive%2Cq_auto%2Cw_880/https://dev-to-uploads.s3.amazonaws.com/uploads/articles/t8s1nd1xvk5dlrfdg9ms.png" class="article-body-image-wrapper"><img src="https://res.cloudinary.com/practicaldev/image/fetch/s--p7nqnkY8--/c_limit%2Cf_auto%2Cfl_progressive%2Cq_auto%2Cw_880/https://dev-to-uploads.s3.amazonaws.com/uploads/articles/t8s1nd1xvk5dlrfdg9ms.png" alt="Image description" width="800" height="159"></a> </p> <p>And we update dependencies periodically, we can use a single dependency cache for a very long time, so we get a highly reusable project dependency cache (and short bills)</p> <h3> Compile file </h3> <p>The static resource cache of the project is also a problem. We want to compile and reuse it multi-line like the project depends on the cache to save unnecessary build time, so here we also use the cache for compilation:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Cache build</span> <span class="na">uses</span><span class="pi">:</span> <span class="s">actions/cache@v3.0.4</span> <span class="na">id</span><span class="pi">:</span> <span class="s">build-cache</span> <span class="na">with</span><span class="pi">:</span> <span class="na">path</span><span class="pi">:</span> <span class="pi">|</span> <span class="s">build</span> <span class="na">key</span><span class="pi">:</span> <span class="s">${{ runner.os }}-build-${{ github.sha }}</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Build</span> <span class="na">if</span><span class="pi">:</span> <span class="s">steps.build-cache.outputs.cache-hit != 'true'</span> <span class="na">run</span><span class="pi">:</span> <span class="s">yarn build</span> </code></pre> </div> <p>However, there is no <code>restore-keys</code> set here, because there may be new changes in the compilation process every time, resulting in inconsistent compiled filenames. We can't use a lock like relying on the cache to judge. Here, we directly give up the <code>restore-keys</code> and use Git SHA as the key to compile the cache. Just ensure that the subsequent workflow and workflow re-run can use the compilation cache.</p> <p>At this point, the mission of Build is completed, and the next step is to deploy.</p> <h2> TCB </h2> <p>Our front-end projects are all based on TCB (Tencent Cloudbase) and Kubernetes deployment, TCB is responsible for the main user access, Kubernetes play the role of hot backup, when we find that there is a problem with the TCB version, it will directly cut to the Kubernetes through the CDN node, and try to ensure that user access is not affected.</p> <p>The deployment of TCB uses a <a href="https://docs.github.com/en/actions/using-workflows/reusing-workflows#calling-a-reusable-workflow">reusable workflow</a> and also uses our own GitHub Action Runner:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code> <span class="na">cloudbase</span><span class="pi">:</span> <span class="na">name</span><span class="pi">:</span> <span class="s">TCB</span> <span class="na">needs</span><span class="pi">:</span> <span class="pi">-</span> <span class="s">build</span> <span class="na">uses</span><span class="pi">:</span> <span class="s">XNXKTech/workflows/.github/workflows/cloudbase.yml@main</span> <span class="na">with</span><span class="pi">:</span> <span class="na">runs-on</span><span class="pi">:</span> <span class="s2">"</span><span class="s">['self-hosted']"</span> <span class="na">environment</span><span class="pi">:</span> <span class="s">Production</span> <span class="na">environment_url</span><span class="pi">:</span> <span class="s">https://demo.xnxktech.net</span> <span class="na">secrets</span><span class="pi">:</span> <span class="na">SECRET_ID</span><span class="pi">:</span> <span class="s">${{ secrets.TCB_SECRET_ID }}</span> <span class="na">SECRET_KEY</span><span class="pi">:</span> <span class="s">${{ secrets.TCB_SECRET_KEY }}</span> <span class="na">ENV_ID</span><span class="pi">:</span> <span class="s">${{ secrets.ENV_ID }}</span> </code></pre> </div> <p>The reusable workflow of TCB can be seen <a href="https://github.com/XNXKTech/workflows/blob/main/.github/workflows/cloudbase.yml">in this</a> details section, and it will not be shown in full here.</p> <h3> Why not use the action provided by TCB official? </h3> <p>As mentioned earlier, one of the reasons why we use GitHub Action is that the community is active, there are a lot of Actions on GitHub that can be used directly, and even Actions can be used through Docker.</p> <p>TCB officially provides a <a href="https://github.com/TencentCloudBase/cloudbase-action">cloudbase-action</a> to implement the deployment of TCB. But we found some problems in use:</p> <ul> <li>Every execution needs to be downloaded @cloudbase/cli &gt; Yeah, I don't want to spend that time</li> <li>Deployment failed without error &gt; <img src="https://res.cloudinary.com/practicaldev/image/fetch/s--8k_otyiv--/c_limit%2Cf_auto%2Cfl_progressive%2Cq_auto%2Cw_880/https://dev-to-uploads.s3.amazonaws.com/uploads/articles/her56602pmazmkgusshy.png" alt="Image description" width="800" height="558"> </li> <li>Sometimes deployment is very, very slow &gt; This is not to blame TCB, GitHub Action's machines are all in North America, it is fine to push to china during the day, and I don't know if it is the international network speed limit or what at night. We once waited for half an hour for the release and it has not been pushed to china… The above problem is the reason why we package TCB Action ourselves. Our solution is to build our own Runner in Hong Kong and build TCB into the Runner system image to ensure the deployment efficiency of TCB</li> </ul> <p><a href="https://res.cloudinary.com/practicaldev/image/fetch/s--TwoOsIGN--/c_limit%2Cf_auto%2Cfl_progressive%2Cq_auto%2Cw_880/https://dev-to-uploads.s3.amazonaws.com/uploads/articles/hyd5yi96f7frk66sxpqk.png" class="article-body-image-wrapper"><img src="https://res.cloudinary.com/practicaldev/image/fetch/s--TwoOsIGN--/c_limit%2Cf_auto%2Cfl_progressive%2Cq_auto%2Cw_880/https://dev-to-uploads.s3.amazonaws.com/uploads/articles/hyd5yi96f7frk66sxpqk.png" alt="Image description" width="800" height="390"></a></p> <p>In this way, the deployment time of TCB can be controlled at about 1 minute</p> <h2> Kubernetes </h2> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code> <span class="na">deploy</span><span class="pi">:</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Kubernetes</span> <span class="na">needs</span><span class="pi">:</span> <span class="pi">-</span> <span class="s">build</span> <span class="na">uses</span><span class="pi">:</span> <span class="s">XNXKTech/workflows/.github/workflows/deploy-k8s.yml@main</span> <span class="na">with</span><span class="pi">:</span> <span class="na">environment</span><span class="pi">:</span> <span class="s">Production</span> <span class="na">environment_url</span><span class="pi">:</span> <span class="s">https://prod.example.com</span> <span class="na">secrets</span><span class="pi">:</span> <span class="na">K8S_CONFIG</span><span class="pi">:</span> <span class="s">${{ secrets.K8S_CONFIG }}</span> </code></pre> </div> <p>Our Kubernetes deployment is also a reusable workflow, and since our Docker image compilation is a separate workflow (at a different price), it's not covered here.</p> <h2> Static </h2> <p>Our front-end projects involve a large number of static files such as js/ css /image, we will use a CDN domain name to deploy:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="na">static</span><span class="pi">:</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Static</span> <span class="na">needs</span><span class="pi">:</span> <span class="pi">-</span> <span class="s">build</span> <span class="na">uses</span><span class="pi">:</span> <span class="s">XNXKTech/workflows/.github/workflows/uptoc.yml@main</span> <span class="na">with</span><span class="pi">:</span> <span class="na">cache_dir</span><span class="pi">:</span> <span class="s">build</span> <span class="na">cache_key</span><span class="pi">:</span> <span class="s">build</span> <span class="na">dist</span><span class="pi">:</span> <span class="s">build/static</span> <span class="na">saveroot</span><span class="pi">:</span> <span class="s">./static</span> <span class="na">bucket</span><span class="pi">:</span> <span class="s">qc-frontend-assets-***</span> <span class="na">secrets</span><span class="pi">:</span> <span class="na">UPTOC_UPLOADER_AK</span><span class="pi">:</span> <span class="s">${{ secrets.TENCENTCLOUD_COS_SECRET_ID }}</span> <span class="na">UPTOC_UPLOADER_SK</span><span class="pi">:</span> <span class="s">${{ secrets.TENCENTCLOUD_COS_SECRET_KEY }}</span> </code></pre> </div> <p>Without exception this is also a reusable workflow, and we use the Action provided by <a href="https://github.com/saltbo/uptoc">saltbo/uptoc</a> to upload these static files to the object store and provide access to the CDN.</p> <h2> CDN </h2> <p>When the TCB/Kubernetes /Static are successfully executed, it will enter the CDN refresh step. We use the CDN components provided by Serverless:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="na">app</span><span class="pi">:</span> <span class="s">app</span> <span class="na">stage</span><span class="pi">:</span> <span class="s">prod</span> <span class="na">component</span><span class="pi">:</span> <span class="s">cdn</span> <span class="na">name</span><span class="pi">:</span> <span class="s">cdn</span> <span class="na">inputs</span><span class="pi">:</span> <span class="na">area</span><span class="pi">:</span> <span class="s">mainland</span> <span class="na">domain</span><span class="pi">:</span> <span class="s">prod.example.com</span> <span class="na">origin</span><span class="pi">:</span> <span class="na">origins</span><span class="pi">:</span> <span class="pi">-</span> <span class="s">prod-example.tcloudbaseapp.com</span> <span class="na">originType</span><span class="pi">:</span> <span class="s">domain</span> <span class="na">originPullProtocol</span><span class="pi">:</span> <span class="s">http</span> <span class="na">onlyRefresh</span><span class="pi">:</span> <span class="no">true</span> <span class="na">refreshCdn</span><span class="pi">:</span> <span class="na">urls</span><span class="pi">:</span> <span class="pi">-</span> <span class="s">https://prod.example.com/</span> <span class="na">cdn</span><span class="pi">:</span> <span class="na">runs-on</span><span class="pi">:</span> <span class="s">ubuntu-latest</span> <span class="na">needs</span><span class="pi">:</span> <span class="pi">-</span> <span class="s">deploy</span> <span class="pi">-</span> <span class="s">cloudbase</span> <span class="pi">-</span> <span class="s">static</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Refresh CDN</span> <span class="na">steps</span><span class="pi">:</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Checkout</span> <span class="na">uses</span><span class="pi">:</span> <span class="s">actions/checkout@v2.4.0</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Setup Serverless</span> <span class="na">uses</span><span class="pi">:</span> <span class="s">teakowa/setup-serverless@v2</span> <span class="na">with</span><span class="pi">:</span> <span class="na">provider</span><span class="pi">:</span> <span class="s">tencent</span> <span class="na">env</span><span class="pi">:</span> <span class="na">TENCENT_APPID</span><span class="pi">:</span> <span class="s">${{ secrets.TENCENTCLOUD_APP_ID }}</span> <span class="na">TENCENT_SECRET_ID</span><span class="pi">:</span> <span class="s">${{ secrets.TENCENTCLOUD_SLS_SECRET_ID }}</span> <span class="na">TENCENT_SECRET_KEY</span><span class="pi">:</span> <span class="s">${{ secrets.TENCENTCLOUD_SLS_SECRET_KEY}}</span> <span class="na">SERVERLESS_PLATFORM_VENDOR</span><span class="pi">:</span> <span class="s">tencent</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Refresh CDN</span> <span class="na">run</span><span class="pi">:</span> <span class="s">sls deploy</span> </code></pre> </div> <p>Define a CDN through Serverless to perform a "refresh only" operation on our CDN to ensure that new versions are released to the user as soon as possible.</p> <h2> Notification </h2> <p>After the current Workflow is successfully executed, the last Workflow will send the execution result of the entire Production to our channel through the Lark robot:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="na">notification</span><span class="pi">:</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Deploy notification</span> <span class="na">needs</span><span class="pi">:</span> <span class="pi">-</span> <span class="s">cdn</span> <span class="na">uses</span><span class="pi">:</span> <span class="s">XNXKTech/workflows/.github/workflows/lark-notification.yml@main</span> <span class="na">with</span><span class="pi">:</span> <span class="na">stage</span><span class="pi">:</span> <span class="s">Production</span> <span class="na">secrets</span><span class="pi">:</span> <span class="na">LARK_WEBHOOK_URL</span><span class="pi">:</span> <span class="s">${{ secrets.SERVICE_UPDATES_ECHO_LARK_BOT_HOOK }}</span> </code></pre> </div> <p><a href="https://res.cloudinary.com/practicaldev/image/fetch/s--qmQPpQO_--/c_limit%2Cf_auto%2Cfl_progressive%2Cq_auto%2Cw_880/https://dev-to-uploads.s3.amazonaws.com/uploads/articles/fujy7vphkzd09u5tr1ji.png" class="article-body-image-wrapper"><img src="https://res.cloudinary.com/practicaldev/image/fetch/s--qmQPpQO_--/c_limit%2Cf_auto%2Cfl_progressive%2Cq_auto%2Cw_880/https://dev-to-uploads.s3.amazonaws.com/uploads/articles/fujy7vphkzd09u5tr1ji.png" alt="Image description" width="697" height="490"></a> </p> <p>Now, the release of our entire Production is completed.</p> <h2> End </h2> <p>This is our practice for front-end releases. Currently, all of our front-end projects go live in about 5 minutes at most (including CDN node refreshes), allowing users to see our new changes faster, while unifying the CI/CD process for all front-end projects through reusable workflows also reduces maintenance costs for the team.</p> <p>However, I personally feel that there are some small problems:</p> <ul> <li>I think the whole Production workflow execution efficiency can be further improved, for example, the self-built runner can be covered to more jobs, and some of our strong dependencies can be integrated into the self-built runner image to save the time of action setup.</li> <li>Inadequate engineer intervention in the online environment, for example, if there is a problem online and you need to cut traffic/versions, you can't easily do it through GitHub Action.</li> </ul> <p>Written by XNXK's Teakowa in Chengdu</p> devops github