feat: building server applications in ARM64 architecture for Docker

.github/workflows/server-application.yml

@@ -0,0 +1,317 @@
+name: Server Application Reusable Workflow
+
+on:
+  workflow_call:
+    inputs:
+      service_name:
+        required: true
+        type: string
+      workspace_name:
+        required: true
+        type: string
+      run_e2e_test_suite:
+        required: true
+        type: boolean
+      e2e_tag_parameter_name:
+        required: false
+        type: string
+      package_path:
+        required: true
+        type: string
+    secrets:
+      DOCKER_USERNAME:
+        required: true
+      DOCKER_PASSWORD:
+        required: true
+      CI_PAT_TOKEN:
+        required: true
+      AWS_ACCESS_KEY_ID:
+        required: true
+      AWS_SECRET_ACCESS_KEY:
+        required: true
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+
+    steps:
+    - uses: actions/checkout@v3
+
+    - name: Cache build
+      id: cache-build
+      uses: actions/cache@v3
+      with:
+        path: packages/**/dist
+        key: ${{ runner.os }}-${{ inputs.service_name }}-build-${{ github.sha }}
+
+    - name: Set up Node
+      uses: actions/setup-node@v3
+      with:
+        registry-url: 'https://registry.npmjs.org'
+        node-version-file: '.nvmrc'
+
+    - name: Build
+      run: yarn build ${{ inputs.package_path }}
+
+  lint:
+    runs-on: ubuntu-latest
+
+    needs: build
+
+    steps:
+    - uses: actions/checkout@v3
+
+    - name: Cache build
+      id: cache-build
+      uses: actions/cache@v3
+      with:
+        path: packages/**/dist
+        key: ${{ runner.os }}-${{ inputs.service_name }}-build-${{ github.sha }}
+
+    - name: Set up Node
+      uses: actions/setup-node@v3
+      with:
+        registry-url: 'https://registry.npmjs.org'
+        node-version-file: '.nvmrc'
+
+    - name: Build
+      if: steps.cache-build.outputs.cache-hit != 'true'
+      run: yarn build ${{ inputs.package_path }}
+
+    - name: Lint
+      run: yarn lint:${{ inputs.service_name }}
+
+  test:
+    runs-on: ubuntu-latest
+
+    needs: build
+
+    steps:
+    - uses: actions/checkout@v3
+
+    - name: Cache build
+      id: cache-build
+      uses: actions/cache@v3
+      with:
+        path: packages/**/dist
+        key: ${{ runner.os }}-${{ inputs.service_name }}-build-${{ github.sha }}
+
+    - name: Set up Node
+      uses: actions/setup-node@v3
+      with:
+        registry-url: 'https://registry.npmjs.org'
+        node-version-file: '.nvmrc'
+
+    - name: Build
+      if: steps.cache-build.outputs.cache-hit != 'true'
+      run: yarn build ${{ inputs.package_path }}
+
+    - name: Test
+      run: yarn test:${{ inputs.service_name }}
+
+  e2e:
+    if: ${{ inputs.run_e2e_test_suite }} == true
+    runs-on: ubuntu-latest
+
+    needs: build
+
+    steps:
+    - uses: actions/checkout@v3
+
+    - name: Cache build
+      id: cache-build
+      uses: actions/cache@v3
+      with:
+        path: packages/**/dist
+        key: ${{ runner.os }}-${{ inputs.service_name }}-build-${{ github.sha }}
+
+    - name: Set up Node
+      uses: actions/setup-node@v3
+      with:
+        registry-url: 'https://registry.npmjs.org'
+        node-version-file: '.nvmrc'
+
+    - name: Build
+      if: steps.cache-build.outputs.cache-hit != 'true'
+      run: yarn build ${{ inputs.package_path }}
+
+    - name: Bundle
+      id: bundle
+      run: |
+        TEMP_DIR=$(mktemp -d -t "${{ inputs.service_name }}-${{ github.sha }}")
+        echo "::set-output name=dir::$TEMP_DIR"
+        yarn workspace ${{ inputs.workspace_name }} bundle --no-compress --output-directory $TEMP_DIR
+
+    - name: Login to Docker Hub
+      uses: docker/login-action@v2
+      with:
+        username: ${{ secrets.DOCKER_USERNAME }}
+        password: ${{ secrets.DOCKER_PASSWORD }}
+
+    - name: Set up QEMU
+      uses: docker/setup-qemu-action@master
+      with:
+        platforms: all
+
+    - name: Set up Docker Buildx
+      id: buildx
+      uses: docker/setup-buildx-action@master
+
+    - name: Publish Docker image for E2E testing
+      uses: docker/build-push-action@v3
+      with:
+        builder: ${{ steps.buildx.outputs.name }}
+        context: ${{ steps.bundle.outputs.dir }}
+        file: ${{ steps.bundle.outputs.dir }}/${{ inputs.package_path }}/Dockerfile
+        platforms: linux/amd64,linux/arm64
+        push: true
+        tags: standardnotes/${{ inputs.service_name }}:${{ github.sha }}
+
+    - name: Run E2E test suite
+      uses: convictional/trigger-workflow-and-wait@v1.6.3
+      with:
+        owner: standardnotes
+        repo: e2e
+        github_token: ${{ secrets.CI_PAT_TOKEN }}
+        workflow_file_name: testing-with-stable-client.yml
+        wait_interval: 30
+        client_payload: '{"${{ inputs.e2e_tag_parameter_name }}": "${{ github.sha }}"}'
+        propagate_failure: true
+        trigger_workflow: true
+        wait_workflow: true
+
+  publish:
+    needs: [ test, lint, e2e ]
+
+    runs-on: ubuntu-latest
+
+    steps:
+    - uses: actions/checkout@v3
+
+    - name: Cache build
+      id: cache-build
+      uses: actions/cache@v3
+      with:
+        path: packages/**/dist
+        key: ${{ runner.os }}-${{ inputs.service_name }}-build-${{ github.sha }}
+
+    - name: Set up Node
+      uses: actions/setup-node@v3
+      with:
+        registry-url: 'https://registry.npmjs.org'
+        node-version-file: '.nvmrc'
+
+    - name: Build
+      if: steps.cache-build.outputs.cache-hit != 'true'
+      run: yarn build ${{ inputs.package_path }}
+
+    - name: Bundle
+      id: bundle
+      run: |
+        TEMP_DIR=$(mktemp -d -t "${{ inputs.service_name }}-${{ github.sha }}")
+        echo "::set-output name=dir::$TEMP_DIR"
+        yarn workspace ${{ inputs.workspace_name }} bundle --no-compress --output-directory $TEMP_DIR
+
+    - name: Configure AWS credentials
+      uses: aws-actions/configure-aws-credentials@v1
+      with:
+        aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
+        aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+        aws-region: us-east-1
+
+    - name: Login to Amazon ECR
+      id: login-ecr
+      uses: aws-actions/amazon-ecr-login@v1
+
+    - name: Publish Docker image
+      uses: docker/build-push-action@v3
+      env:
+        ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }}
+        ECR_REPOSITORY: ${{ inputs.service_name }}
+        IMAGE_TAG: ${{ github.sha }}
+      with:
+        builder: ${{ steps.buildx.outputs.name }}
+        context: ${{ steps.bundle.outputs.dir }}
+        file: ${{ steps.bundle.outputs.dir }}/${{ inputs.package_path }}/Dockerfile
+        platforms: linux/amd64,linux/arm64
+        push: true
+        tags: |
+          standardnotes/${{ inputs.service_name }}:latest
+          $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG
+          $ECR_REGISTRY/$ECR_REPOSITORY:latest
+
+  deploy-web:
+    needs: publish
+
+    runs-on: ubuntu-latest
+
+    steps:
+
+    - name: Configure AWS credentials
+      uses: aws-actions/configure-aws-credentials@v1
+      with:
+        aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
+        aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+        aws-region: us-east-1
+
+    - name: Download task definition
+      run: |
+        aws ecs describe-task-definition --task-definition ${{ inputs.service_name }}-prod --query taskDefinition > task-definition.json
+
+    - name: Fill in the new version in the Amazon ECS task definition
+      run: |
+        jq '(.containerDefinitions[] | select(.name=="${{ inputs.service_name }}-prod") | .environment[] | select(.name=="VERSION")).value = "${{ github.sha }}"' task-definition.json > tmp.json && mv tmp.json task-definition.json
+
+    - name: Fill in the new image ID in the Amazon ECS task definition
+      id: task-def-prod
+      uses: aws-actions/amazon-ecs-render-task-definition@v1
+      with:
+        task-definition: task-definition.json
+        container-name: ${{ inputs.service_name }}-prod
+        image: ${{ secrets.AWS_ECR_REGISTRY }}/${{ inputs.service_name }}:${{ github.sha }}
+
+    - name: Deploy Amazon ECS task definition
+      uses: aws-actions/amazon-ecs-deploy-task-definition@v1
+      with:
+        task-definition: ${{ steps.task-def-prod.outputs.task-definition }}
+        service: ${{ inputs.service_name }}-prod
+        cluster: prod
+        wait-for-service-stability: true
+
+  deploy-worker:
+    needs: publish
+
+    runs-on: ubuntu-latest
+
+    steps:
+
+    - name: Configure AWS credentials
+      uses: aws-actions/configure-aws-credentials@v1
+      with:
+        aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
+        aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+        aws-region: us-east-1
+
+    - name: Download task definition
+      run: |
+        aws ecs describe-task-definition --task-definition ${{ inputs.service_name }}-worker-prod --query taskDefinition > task-definition.json
+
+    - name: Fill in the new version in the Amazon ECS task definition
+      run: |
+        jq '(.containerDefinitions[] | select(.name=="${{ inputs.service_name }}-worker-prod") | .environment[] | select(.name=="VERSION")).value = "${{ github.sha }}"' task-definition.json > tmp.json && mv tmp.json task-definition.json
+
+    - name: Fill in the new image ID in the Amazon ECS task definition
+      id: task-def-prod
+      uses: aws-actions/amazon-ecs-render-task-definition@v1
+      with:
+        task-definition: task-definition.json
+        container-name: ${{ inputs.service_name }}-worker-prod
+        image: ${{ secrets.AWS_ECR_REGISTRY }}/${{ inputs.service_name }}:${{ github.sha }}
+
+    - name: Deploy Amazon ECS task definition
+      uses: aws-actions/amazon-ecs-deploy-task-definition@v1
+      with:
+        task-definition: ${{ steps.task-def-prod.outputs.task-definition }}
+        service: ${{ inputs.service_name }}-worker-prod
+        cluster: prod
+        wait-for-service-stability: true

.github/workflows/workspace.release.yml

@@ -1,313 +0,0 @@
-name: Workspace Server
-
-concurrency:
-  group: workspace
-  cancel-in-progress: true
-
-on:
-  push:
-    tags:
-      - '*standardnotes/workspace-server*'
-  workflow_dispatch:
-
-jobs:
-  build:
-    runs-on: ubuntu-latest
-
-    steps:
-    - uses: actions/checkout@v3
-
-    - name: Cache build
-      id: cache-build
-      uses: actions/cache@v3
-      with:
-        path: packages/**/dist
-        key: ${{ runner.os }}-workspace-build-${{ github.sha }}
-
-    - name: Set up Node
-      uses: actions/setup-node@v3
-      with:
-        registry-url: 'https://registry.npmjs.org'
-        node-version-file: '.nvmrc'
-
-    - name: Build
-      run: yarn build:workspace
-
-  lint:
-    runs-on: ubuntu-latest
-
-    needs: build
-
-    steps:
-    - uses: actions/checkout@v3
-
-    - name: Cache build
-      id: cache-build
-      uses: actions/cache@v3
-      with:
-        path: packages/**/dist
-        key: ${{ runner.os }}-workspace-build-${{ github.sha }}
-
-    - name: Set up Node
-      uses: actions/setup-node@v3
-      with:
-        registry-url: 'https://registry.npmjs.org'
-        node-version-file: '.nvmrc'
-
-    - name: Build
-      if: steps.cache-build.outputs.cache-hit != 'true'
-      run: yarn build:workspace
-
-    - name: Lint
-      run: yarn lint:workspace
-
-  test:
-    runs-on: ubuntu-latest
-
-    needs: build
-
-    steps:
-    - uses: actions/checkout@v3
-
-    - name: Cache build
-      id: cache-build
-      uses: actions/cache@v3
-      with:
-        path: packages/**/dist
-        key: ${{ runner.os }}-workspace-build-${{ github.sha }}
-
-    - name: Set up Node
-      uses: actions/setup-node@v3
-      with:
-        registry-url: 'https://registry.npmjs.org'
-        node-version-file: '.nvmrc'
-
-    - name: Build
-      if: steps.cache-build.outputs.cache-hit != 'true'
-      run: yarn build:workspace
-
-    - name: Test
-      run: yarn test:workspace
-
-  e2e:
-    runs-on: ubuntu-latest
-
-    needs: build
-
-    steps:
-    - uses: actions/checkout@v3
-
-    - name: Cache build
-      id: cache-build
-      uses: actions/cache@v3
-      with:
-        path: packages/**/dist
-        key: ${{ runner.os }}-workspace-build-${{ github.sha }}
-
-    - name: Set up Node
-      uses: actions/setup-node@v3
-      with:
-        registry-url: 'https://registry.npmjs.org'
-        node-version-file: '.nvmrc'
-
-    - name: Build
-      if: steps.cache-build.outputs.cache-hit != 'true'
-      run: yarn build:workspace
-
-    - name: Login to Docker Hub
-      uses: docker/login-action@v2
-      with:
-        username: ${{ secrets.DOCKER_USERNAME }}
-        password: ${{ secrets.DOCKER_PASSWORD }}
-
-    - name: Publish Docker image for E2E testing
-      run: |
-        yarn docker build @standardnotes/workspace-server -t standardnotes/workspace:${{ github.sha }}
-        docker push standardnotes/workspace:${{ github.sha }}
-
-    - name: Run E2E test suite
-      uses: convictional/trigger-workflow-and-wait@v1.6.3
-      with:
-        owner: standardnotes
-        repo: e2e
-        github_token: ${{ secrets.CI_PAT_TOKEN }}
-        workflow_file_name: testing-with-stable-client.yml
-        wait_interval: 30
-        client_payload: '{"workspace_image_tag": "${{ github.sha }}"}'
-        propagate_failure: true
-        trigger_workflow: true
-        wait_workflow: true
-
-  publish-aws-ecr:
-    needs: [ test, lint, e2e ]
-
-    runs-on: ubuntu-latest
-
-    steps:
-    - uses: actions/checkout@v3
-
-    - name: Cache build
-      id: cache-build
-      uses: actions/cache@v3
-      with:
-        path: packages/**/dist
-        key: ${{ runner.os }}-workspace-build-${{ github.sha }}
-
-    - name: Set up Node
-      uses: actions/setup-node@v3
-      with:
-        registry-url: 'https://registry.npmjs.org'
-        node-version-file: '.nvmrc'
-
-    - name: Build
-      if: steps.cache-build.outputs.cache-hit != 'true'
-      run: yarn build:workspace
-
-    - name: Configure AWS credentials
-      uses: aws-actions/configure-aws-credentials@v1
-      with:
-        aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
-        aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
-        aws-region: us-east-1
-
-    - name: Login to Amazon ECR
-      id: login-ecr
-      uses: aws-actions/amazon-ecr-login@v1
-
-    - name: Build, tag, and push image to Amazon ECR
-      id: build-image
-      env:
-        ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }}
-        ECR_REPOSITORY: workspace
-        IMAGE_TAG: ${{ github.sha }}
-      run: |
-        yarn docker build @standardnotes/workspace-server -t $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG
-        docker push $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG
-        docker tag $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG $ECR_REGISTRY/$ECR_REPOSITORY:latest
-        docker push $ECR_REGISTRY/$ECR_REPOSITORY:latest
-
-  publish-docker-hub:
-    needs: [ test, lint, e2e ]
-
-    runs-on: ubuntu-latest
-
-    steps:
-    - uses: actions/checkout@v3
-
-    - name: Cache build
-      id: cache-build
-      uses: actions/cache@v3
-      with:
-        path: packages/**/dist
-        key: ${{ runner.os }}-workspace-build-${{ github.sha }}
-
-    - name: Set up Node
-      uses: actions/setup-node@v3
-      with:
-        registry-url: 'https://registry.npmjs.org'
-        node-version-file: '.nvmrc'
-
-    - name: Build
-      if: steps.cache-build.outputs.cache-hit != 'true'
-      run: yarn build:workspace
-
-    - name: Login to Docker Hub
-      uses: docker/login-action@v2
-      with:
-        username: ${{ secrets.DOCKER_USERNAME }}
-        password: ${{ secrets.DOCKER_PASSWORD }}
-
-    - name: Publish Docker image as stable
-      run: |
-        yarn docker build @standardnotes/workspace-server -t standardnotes/workspace:latest
-        docker push standardnotes/workspace:latest
-
-  deploy-web:
-    needs: publish-aws-ecr
-
-    runs-on: ubuntu-latest
-
-    steps:
-    - name: Configure AWS credentials
-      uses: aws-actions/configure-aws-credentials@v1
-      with:
-        aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
-        aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
-        aws-region: us-east-1
-    - name: Download task definition
-      run: |
-        aws ecs describe-task-definition --task-definition workspace-prod --query taskDefinition > task-definition.json
-    - name: Fill in the new version in the Amazon ECS task definition
-      run: |
-        jq '(.containerDefinitions[] | select(.name=="workspace-prod") | .environment[] | select(.name=="VERSION")).value = "${{ github.sha }}"' task-definition.json > tmp.json && mv tmp.json task-definition.json
-    - name: Fill in the new image ID in the Amazon ECS task definition
-      id: task-def-prod
-      uses: aws-actions/amazon-ecs-render-task-definition@v1
-      with:
-        task-definition: task-definition.json
-        container-name: workspace-prod
-        image: ${{ secrets.AWS_ECR_REGISTRY }}/workspace:${{ github.sha }}
-    - name: Deploy Amazon ECS task definition
-      uses: aws-actions/amazon-ecs-deploy-task-definition@v1
-      with:
-        task-definition: ${{ steps.task-def-prod.outputs.task-definition }}
-        service: workspace-prod
-        cluster: prod
-        wait-for-service-stability: true
-
-  deploy-worker:
-    needs: publish-aws-ecr
-
-    runs-on: ubuntu-latest
-
-    steps:
-    - name: Configure AWS credentials
-      uses: aws-actions/configure-aws-credentials@v1
-      with:
-        aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
-        aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
-        aws-region: us-east-1
-    - name: Download task definition
-      run: |
-        aws ecs describe-task-definition --task-definition workspace-worker-prod --query taskDefinition > task-definition.json
-    - name: Fill in the new version in the Amazon ECS task definition
-      run: |
-        jq '(.containerDefinitions[] | select(.name=="workspace-worker-prod") | .environment[] | select(.name=="VERSION")).value = "${{ github.sha }}"' task-definition.json > tmp.json && mv tmp.json task-definition.json
-    - name: Fill in the new image ID in the Amazon ECS task definition
-      id: task-def-prod
-      uses: aws-actions/amazon-ecs-render-task-definition@v1
-      with:
-        task-definition: task-definition.json
-        container-name: workspace-worker-prod
-        image: ${{ secrets.AWS_ECR_REGISTRY }}/workspace:${{ github.sha }}
-    - name: Deploy Amazon ECS task definition
-      uses: aws-actions/amazon-ecs-deploy-task-definition@v1
-      with:
-        task-definition: ${{ steps.task-def-prod.outputs.task-definition }}
-        service: workspace-worker-prod
-        cluster: prod
-        wait-for-service-stability: true
-
-  newrelic:
-    needs: [ deploy-web, deploy-worker ]
-
-    runs-on: ubuntu-latest
-    steps:
-      - name: Create New Relic deployment marker for Web
-        uses: newrelic/deployment-marker-action@v1
-        with:
-          accountId: ${{ secrets.NEW_RELIC_ACCOUNT_ID }}
-          apiKey: ${{ secrets.NEW_RELIC_API_KEY }}
-          applicationId: ${{ secrets.NEW_RELIC_APPLICATION_ID_WORKSPACE_WEB_PROD }}
-          revision: "${{ github.sha }}"
-          description: "Automated Deployment via Github Actions"
-          user: "${{ github.actor }}"
-      - name: Create New Relic deployment marker for Worker
-        uses: newrelic/deployment-marker-action@v1
-        with:
-          accountId: ${{ secrets.NEW_RELIC_ACCOUNT_ID }}
-          apiKey: ${{ secrets.NEW_RELIC_API_KEY }}
-          applicationId: ${{ secrets.NEW_RELIC_APPLICATION_ID_WORKSPACE_WORKER_PROD }}
-          revision: "${{ github.sha }}"
-          description: "Automated Deployment via Github Actions"
-          user: "${{ github.actor }}"

.github/workflows/workspace.yml

@@ -0,0 +1,49 @@
+name: Workspace Server
+
+concurrency:
+  group: workspace
+  cancel-in-progress: true
+
+on:
+  push:
+    tags:
+      - '*standardnotes/workspace-server*'
+  workflow_dispatch:
+
+jobs:
+  call_server_application_workflow:
+    name: Build, Test & Deploy Server Application
+    uses: standardnotes/server/.github/workflows/server-application.yml@main
+    with:
+      service_name: workspace
+      workspace_name: "@standardnotes/workspace-server"
+      run_e2e_test_suite: true
+      e2e_tag_parameter_name: workspace_image_tag
+      package_path: packages/workspace
+    secrets: inherit
+
+  newrelic:
+    needs: call_server_application_workflow
+
+    runs-on: ubuntu-latest
+    steps:
+
+      - name: Create New Relic deployment marker for Web
+        uses: newrelic/deployment-marker-action@v1
+        with:
+          accountId: ${{ secrets.NEW_RELIC_ACCOUNT_ID }}
+          apiKey: ${{ secrets.NEW_RELIC_API_KEY }}
+          applicationId: ${{ secrets.NEW_RELIC_APPLICATION_ID_WORKSPACE_WEB_PROD }}
+          revision: "${{ github.sha }}"
+          description: "Automated Deployment via Github Actions"
+          user: "${{ github.actor }}"
+
+      - name: Create New Relic deployment marker for Worker
+        uses: newrelic/deployment-marker-action@v1
+        with:
+          accountId: ${{ secrets.NEW_RELIC_ACCOUNT_ID }}
+          apiKey: ${{ secrets.NEW_RELIC_API_KEY }}
+          applicationId: ${{ secrets.NEW_RELIC_APPLICATION_ID_WORKSPACE_WORKER_PROD }}
+          revision: "${{ github.sha }}"
+          description: "Automated Deployment via Github Actions"
+          user: "${{ github.actor }}"