Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Deploy to marquee using GitHub actions #321

Merged
merged 3 commits into from
Jun 11, 2020
Merged

Conversation

foolip
Copy link
Member

@foolip foolip commented Jun 10, 2020

No description provided.

@foolip
Copy link
Member Author

foolip commented Jun 10, 2020

The main purpose of this is to make it easier to upgrade marquee, by putting the stuff that would change into org secrets.

I don't suggest merging this right away, but if folks like it I could do something similar for the other repos that deploy to marquee as well.

@foolip foolip force-pushed the github-actions-deploy branch from c7b2a01 to 678b0fc Compare June 10, 2020 14:28
@annevk
Copy link
Member

annevk commented Jun 10, 2020

  1. Would this allow for removal of the other deploy_key references in .gitignore too? These simplifications seem nice.
  2. Why didn't it run here? Because it's not enabled yet?
  3. Is there a concrete reason to abandon Travis? Is it just that a first-party CI is likely better?

@foolip
Copy link
Member Author

foolip commented Jun 10, 2020

Would this allow for removal of the other deploy_key references in .gitignore too? These simplifications seem nice.

Yes, I've pushed that change now.

Why didn't it run here? Because it's not enabled yet?

It's because of this bit:

on:
  push:
    branches:
      - master

I tested it all out using an experimental marquee instance though, by changing that condition. It finally worked in https://github.com/whatwg/whatwg.org/runs/758125141?check_suite_focus=true

Is there a concrete reason to abandon Travis? Is it just that a first-party CI is likely better?

It's mainly because GitHub Actions has org secrets, and that would be a way to manage a transition like whatwg/misc-server#129 without updating the server name and keys in every repo.

But I also do think that GitHub Actions has a brighter future, and have good experiences with it.

That being said, I think we should consider this at a higher level, and not switch over in an entirely piecemeal fashion.

@annevk
Copy link
Member

annevk commented Jun 10, 2020

At some point there was a thought that this might make it easier for us to return the tweeting bots? That seems kind of true with organization secrets?

I saw @hober migrating a repository. Perhaps she has some useful insights.

@foolip
Copy link
Member Author

foolip commented Jun 10, 2020

Yeah, assuming a tweet bot only needs an API key, that'd be fairly easy to do. Some people have already built actions for this it seems, see https://github.com/marketplace?query=twitter.

If the infrastructure ever flakes it would miss announcing a tweet, however.

@annevk
Copy link
Member

annevk commented Jun 10, 2020

That seems a lot better than the status quo, which is not tweeting at all :-)

Copy link
Member

@domenic domenic left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I like this. I think GitHub actions does indeed have a brighter future.

I think migrating all non-spec repos first, then perhaps spec repos, would make sense as a reasonable transition plan.

How do we manage these secrets variables? Is that something only you can do, or is there some page I should be visiting, or...?

deploy.sh Outdated
echo "Full rsync log at https://whatwg.org/rsync-log.txt"
echo "$SERVER_DEPLOY_KEY" | ssh-add -
mkdir -p ~/.ssh/ && echo "$SERVER $SERVER_PUBLIC_KEY" > ~/.ssh/known_hosts
rsync --archive --chmod="D755,F644" --compress --delete --verbose ./whatwg.org ./*.whatwg.org "deploy@$SERVER:/var/www/"
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This changes --stats --log-file="rsync-log.txt" to --verbose. I don't remember the reasoning but we did decide to output the log to https://whatwg.org/rsync-log.txt so this would be going back on that.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yeah, that's okay though. I put it external because of the size causing problems and presumably GitHub Actions is better on that?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes, GitHub Actions doesn't have a problem with the log size. If it does become a problem, we should solve it by uploading a build artifact instead, we need not deploy the logs :)

@hober
Copy link

hober commented Jun 10, 2020

I saw @hober migrating a repository. Perhaps she has some useful insights.

We've been switching to GitHub Actions for TAG documents mostly because there's less overhead in setting it up (you don't need an account on another service, you don't have to generate a new SSH key, etc.).

@foolip
Copy link
Member Author

foolip commented Jun 10, 2020

How do we manage these secrets variables?

Org admins can see them in https://github.com/organizations/whatwg/settings/secrets. You can't see the values, though, which might be a little inconvenient for MARQUEE_SERVER in particular, but I think it's OK.

This is also where we could put secrets if we want to deploy to a bucket instead of a VM (whatwg/misc-server#107) or if we wanted to change the deploy story around PR Preview (whatwg/misc-server#98).

@annevk
Copy link
Member

annevk commented Jun 11, 2020

To be clear, I'm convinced it's worth going in this direction. Feel free to land this.

@foolip foolip mentioned this pull request Jun 11, 2020
25 tasks
@foolip
Copy link
Member Author

foolip commented Jun 11, 2020

I've filed whatwg/meta#173 to track the migration for all of our repositories. Before I land this I'll prepare a PR for a few other repos too, to shake out any unexpected issues with the different types of setups we have.

@foolip
Copy link
Member Author

foolip commented Jun 11, 2020

Alright, I'll make a backup of marquee (marquee-1591888355843) and deploy this now, to see that this doesn't blow up the world before proceeding with other things that deploy to marquee.

@foolip foolip merged commit 988c10c into master Jun 11, 2020
@foolip foolip deleted the github-actions-deploy branch June 11, 2020 15:32
@foolip
Copy link
Member Author

foolip commented Jun 11, 2020

https://github.com/whatwg/whatwg.org/runs/762311824 worked after I fixed the secrets.

@annevk
Copy link
Member

annevk commented Jun 11, 2020

I think this regressed us a tiny bit as before we had shellcheck run always and deploy only run on master.

@foolip
Copy link
Member Author

foolip commented Jun 11, 2020

You're right, I'll fix that.

foolip added a commit that referenced this pull request Jun 11, 2020
foolip added a commit that referenced this pull request Jun 11, 2020
Also take this chance to simplify the TODO waiting for Bash 4.4. Ubuntu
20.04 appears to have Bash 5.

This regressed in #321.
foolip added a commit that referenced this pull request Jun 11, 2020
Also take this chance to simplify the TODO waiting for Bash 4.4. Ubuntu
20.04 appears to have Bash 5.

This regressed in #321.
@foolip
Copy link
Member Author

foolip commented Jun 11, 2020

Fixed in #323.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Development

Successfully merging this pull request may close these issues.

4 participants