How do I setup CI/CD & hosting?

By Dave Bitter

5 min read

How to build a component library Part 4: Setting up CI/CD & hosting.

How do I setup _CI/CD & hosting?_
Authors
This article is part 4 of the series How do I build a Component Library?. You can find the demo repository for this series on GitHub and the component library itself hosted here.

Now that we have our complete setup for our component library, let’s have a look at how we can automate the linting, testing, formatting and publishing of the packages to the private package registry. Next to that, we can host our Storybook for the world to visit.

How do I use GitHub actions to lint pull requests?

Where you configure your CI/CD is up to where you host your repository or even in a tool like Jenkins. As we are using GitHub for the demo repository and private package registry, it only makes sense to add our CI/CD here as well. To do this, we are going to make use of GitHub Actions. If you are new to GitHub actions, watch my Friday Tip on how to update your GitHub README with GitHub actions.

At its core, GitHub actions allow you to compose a YAML file that consists of various actions and steps. I’ve added a file called pull-request.yml in .github/workflows that looks like this:

name: Pull Request
on:
  push:
  pull_request:
jobs:
  pull-request:
    runs-on: ubuntu-18.04
    steps:
      - name: Checkout code
        uses: actions/checkout@v2
      - name: Use Node.js 16.x
        uses: actions/setup-node@v1
        with:
          node-version: 16.x
      - name: Install dependencies
        uses: borales/actions-yarn@v3.0.0
        with:
          cmd: install
      - name: Lint packages
        uses: borales/actions-yarn@v3.0.0
        with:
          cmd: lint
      - name: Format packages check
        uses: borales/actions-yarn@v3.0.0
        with:
          cmd: format:check
      - name: Check package.json files
        uses: borales/actions-yarn@v3.0.0
        with:
          cmd: manypkg:check
      - name: Run unit tests
        uses: borales/actions-yarn@v3.0.0
        with:
          cmd: test

First, give your workflow a sensible name. In this case, as you are going to create a workflow that will run on every pull request, you call it that. Next, you say that on push or pull-request you want a job to run. Finally, you specify the steps for this job. Here you can checkout the code, install the dependencies and run the linting tasks.

Now if you make a pull request and push it to the demo repository, it will run these steps:

Screenshot of all steps being executed on GitHub

In the pull request overview, you can see the action being executed as well as a mandatory step before you can merge:

Screenshot of pull request overview where you can see the actions being required to merge

How do I publish to a private package registry?

Naturally, you want to add another workflow once the pull request is merged to the master branch that actually deploys the packages to the private package registry and hosts your Storybook. Let’s add another file in .github/workflows that’s called master-deploy.yml. First, you give it a sensible name and specify that we just want the workflow to run on a push to the master branch and run the same linting tasks as for a pull request:

name: Master Deploy
on:
  push:
    branches:
      - master
jobs:
  master-deploy:
    runs-on: ubuntu-18.04
    steps:
      - name: Checkout code
        uses: actions/checkout@v2
      - name: Use Node.js 16.x
        uses: actions/setup-node@v1
        with:
          node-version: 16.x
      - name: Install dependencies
        uses: borales/actions-yarn@v3.0.0
        with:
          cmd: install
      - name: Lint packages
        uses: borales/actions-yarn@v3.0.0
        with:
          cmd: lint
      - name: Format packages
        uses: borales/actions-yarn@v3.0.0
        with:
          cmd: format
      - name: Check package.json files
        uses: borales/actions-yarn@v3.0.0
        with:
          cmd: manypkg:fix
      - name: Run unit tests
        uses: borales/actions-yarn@v3.0.0
        with:
          cmd: test
      ...

Consuming Changesets

Next, You want to consume any Changesets in the .changeset folder:

      ...
      - name: Version changeset
        uses: borales/actions-yarn@v3.0.0
        with:
          cmd: changeset:version
      ...

This will update the versions specified in each package’s package.json to the correct new one. You are now ready to start publishing these changes to the private registry

Authenticating

First, you need to authenticate. As you learned in the first article while setting up the private package registry, you need an npmrc file. Naturally, you don’t want to have the actual contents with the token to be commited to your repository. First, add the token you used in the first article as a secret for the repository. Go to the repository settings and navigate to “secrets” and then “actions”. Here you can add a new secret. Add a secret called ACCESS_TOKEN and use the token from the first article.

Next, you can add a step to create a temporary .npmrc file that uses that token:

      ...
      - name: Authenticate with private NPM package
        run: |
          echo @davebitter:registry=https://npm.pkg.github.com/davebitter >> ./.npmrc
          echo //npm.pkg.github.com/:_authToken=${ACCESS_TOKEN} >> ./.npmrc
          echo registry=https://registry.npmjs.org >> ./.npmrc
        env:
          ACCESS_TOKEN: ${{ secrets.ACCESS_TOKEN }}
       ...

Publishing to the private package registry

Now you can finally publish the updated packages:

      ...
      - name: Publish changeset
        uses: borales/actions-yarn@v3.0.0
        with:
          cmd: changeset:publish
      ...

How do I host Storybook?

Naturally, you want to deploy your updated Storybook build as well. There are many different services you can use for this. For the demo repository, I will host the build on Netlify. Remember, it’s all opinionated.

Netlify

First, create an account and a new site on Netlify. There are great guides on how to do this. You can let Netlify connect to your GitHub and automatically configure pipelines, but where’s the fun in that? Let’s manually deploy to Netlify. First, you create a new build of your Storybook:

      ...
      - name: Create build
        uses: borales/actions-yarn@v3.0.0
        with:
          cmd: build
      ...

Next, use nwtgck/actions-netlify@v1.2 to publish the build:

      ...
      - name: Deploy to Netlify
        uses: nwtgck/actions-netlify@v1.2
        with:
          publish-dir: './dist'
          production-branch: master
          github-token: ${{ secrets.GITHUB_TOKEN }}
          deploy-message: 'Deploy from GitHub Actions'
          enable-pull-request-comment: false
          enable-commit-comment: true
          overwrites-pull-request-comment: true
        env:
          NETLIFY_AUTH_TOKEN: ${{ secrets.NETLIFY_AUTH_TOKEN }}
          NETLIFY_SITE_ID: ${{ secrets.NETLIFY_SITE_ID }}
        timeout-minutes: 1
      ...

Finally, you tell the action where to find the build and under env you pass the NETLIFY_SIDE_ID of your newly created site on Netlify and pass it the NETLIFY_AUTH_TOKEN . You can find more information on how to create that token here. Naturally, you add the tokens as secrets in your repository just like the ACCESS_TOKEN to publish to the private package registry.

Committing any updated files

During the linting process, there might have been changes made to comply with the configurations set. Next to that, the Changeset files are consumed and need to be removed from the repository. For this, you need to commit at the end of the workflow. Luckily, this is rather easy using the stefanzweifel/git-auto-commit-action@v4 action:

      ...
      - name: Create commit
        uses: stefanzweifel/git-auto-commit-action@v4
        with:
          file_pattern: packages .changeset
          commit_message: 'chore(ci): commit updated files in workflow'
          commit_options: '--no-verify --signoff'
          branch: master

As you can see, any changes in the package or .changeset folder are commited with a custom commit message.

Putting it all together

Once all these parts are put together, you end up with a workflow that looks a bit like this:

name: Master Deploy
on:
  push:
    branches:
      - master
jobs:
  master-deploy:
    runs-on: ubuntu-18.04
    steps:
      - name: Checkout code
        uses: actions/checkout@v2
      - name: Use Node.js 16.x
        uses: actions/setup-node@v1
        with:
          node-version: 16.x
      - name: Install dependencies
        uses: borales/actions-yarn@v3.0.0
        with:
          cmd: install
      - name: Lint packages
        uses: borales/actions-yarn@v3.0.0
        with:
          cmd: lint
      - name: Format packages
        uses: borales/actions-yarn@v3.0.0
        with:
          cmd: format:fix
      - name: Check package.json files
        uses: borales/actions-yarn@v3.0.0
        with:
          cmd: manypkg:fix
      - name: Run unit tests
        uses: borales/actions-yarn@v3.0.0
        with:
          cmd: test
      - name: Version changeset
        uses: borales/actions-yarn@v3.0.0
        with:
          cmd: changeset:version
      - name: Authenticate with private NPM package
        run: |
          echo @davebitter:registry=https://npm.pkg.github.com/davebitter >> ./.npmrc
          echo //npm.pkg.github.com/:_authToken=${ACCESS_TOKEN} >> ./.npmrc
          echo registry=https://registry.npmjs.org >> ./.npmrc
        env:
          ACCESS_TOKEN: ${{ secrets.ACCESS_TOKEN }}
      - name: Publish changeset
        uses: borales/actions-yarn@v3.0.0
        with:
          cmd: changeset:publish
      - name: Create build
        uses: borales/actions-yarn@v3.0.0
        with:
          cmd: build
      - name: Deploy to Netlify
        uses: nwtgck/actions-netlify@v1.2
        with:
          publish-dir: './dist'
          production-branch: master
          github-token: ${{ secrets.GITHUB_TOKEN }}
          deploy-message: 'Deploy from GitHub Actions'
          enable-pull-request-comment: false
          enable-commit-comment: true
          overwrites-pull-request-comment: true
        env:
          NETLIFY_AUTH_TOKEN: ${{ secrets.NETLIFY_AUTH_TOKEN }}
          NETLIFY_SITE_ID: ${{ secrets.NETLIFY_SITE_ID }}
        timeout-minutes: 1
      - name: Create commit
        uses: stefanzweifel/git-auto-commit-action@v4
        with:
          file_pattern: packages .changeset
          commit_message: 'chore(ci): commit updated files in workflow'
          commit_options: '--no-verify --signoff'
          branch: master

Now, for every pull request there is automated linting and testing. After all checks have passed and the pull request is merged, the CI/CD publishes all updated packages and the updated Storybook.

Looking back

This was the final step for setting up a component library from start to finish. Naturally, there are many more requirements you might run into. A component library is a never-ending living organism. Hopefully, you’ve learned a bit more about how you can approach requirements and create an awesome component library! Thanks for following along and good luck with your own!


Upcoming events

  • Coven of Wisdom - Herentals - Winter `24 edition

    Worstelen jij en je team met automated testing en performance? Kom naar onze meetup waar ervaren sprekers hun inzichten en ervaringen delen over het bouwen van robuuste en efficiënte applicaties. Schrijf je in voor een avond vol kennis, heerlijk eten en een mix van creativiteit en technologie! 🚀 18:00 – 🚪 Deuren open 18:15 – 🍕 Food & drinks 19:00 – 📢 Talk 1 20:00 – 🍹 Kleine pauze 20:15 – 📢 Talk 2 21:00 – 🙋‍♀️ Drinks 22:00 – 🍻 Tot de volgende keer? Tijdens deze meetup gaan we dieper in op automated testing en performance. Onze sprekers delen heel wat praktische inzichten en ervaringen. Ze vertellen je hoe je effectieve geautomatiseerde tests kunt schrijven en onderhouden, en hoe je de prestaties van je applicatie kunt optimaliseren. Houd onze updates in de gaten voor meer informatie over de sprekers en hun specifieke onderwerpen. Over iO Wij zijn iO: een groeiend team van experts die end-to-end-diensten aanbieden voor communicatie en digitale transformatie. We denken groot en werken lokaal. Aan strategie, creatie, content, marketing en technologie. In nauwe samenwerking met onze klanten om hun merken te versterken, hun digitale systemen te verbeteren en hun toekomstbestendige groei veilig te stellen. We helpen klanten niet alleen hun zakelijke doelen te bereiken. Samen verkennen en benutten we de eindeloze mogelijkheden die markten in constante verandering bieden. De springplank voor die visie is talent. Onze campus is onze broedplaats voor innovatie, die een omgeving creëert die talent de ruimte en stimulans geeft die het nodig heeft om te ontkiemen, te ontwikkelen en te floreren. Want werken aan de infinite opportunities van morgen, dat doen we vandaag.

    | Coven of Wisdom Herentals

    Go to page for Coven of Wisdom - Herentals - Winter `24 edition
  • Mastering Event-Driven Design

    PLEASE RSVP SO THAT WE KNOW HOW MUCH FOOD WE WILL NEED Are you and your team struggling with event-driven microservices? Join us for a meetup with Mehmet Akif Tütüncü, a senior software engineer, who has given multiple great talks so far and Allard Buijze founder of CTO and founder of AxonIQ, who built the fundaments of the Axon Framework. RSVP for an evening of learning, delicious food, and the fusion of creativity and tech! 🚀 18:00 – 🚪 Doors open to the public 18:15 – 🍕 Let’s eat 19:00 – 📢 Getting Your Axe On Event Sourcing with Axon Framework 20:00 – 🍹 Small break 20:15 – 📢 Event-Driven Microservices - Beyond the Fairy Tale 21:00 – 🙋‍♀️ drinks 22:00 – 🍻 See you next time? Details: Getting Your Axe On - Event Sourcing with Axon Framework In this presentation, we will explore the basics of event-driven architecture using Axon Framework. We'll start by explaining key concepts such as Event Sourcing and Command Query Responsibility Segregation (CQRS), and how they can improve the scalability and maintainability of modern applications. You will learn what Axon Framework is, how it simplifies implementing these patterns, and see hands-on examples of setting up a project with Axon Framework and Spring Boot. Whether you are new to these concepts or looking to understand them more, this session will provide practical insights and tools to help you build resilient and efficient applications. Event-Driven Microservices - Beyond the Fairy Tale Our applications need to be faster, better, bigger, smarter, and more enjoyable to meet our demanding end-users needs. In recent years, the way we build, run, and operate our software has changed significantly. We use scalable platforms to deploy and manage our applications. Instead of big monolithic deployment applications, we now deploy small, functionally consistent components as microservices. Problem. Solved. Right? Unfortunately, for most of us, microservices, and especially their event-driven variants, do not deliver on the beautiful, fairy-tale-like promises that surround them.In this session, Allard will share a different take on microservices. We will see that not much has changed in how we build software, which is why so many “microservices projects” fail nowadays. What lessons can we learn from concepts like DDD, CQRS, and Event Sourcing to help manage the complexity of our systems? He will also show how message-driven communication allows us to focus on finding the boundaries of functionally cohesive components, which we can evolve into microservices should the need arise.

    | Coven of Wisdom - Utrecht

    Go to page for Mastering Event-Driven Design
  • The Leadership Meetup

    PLEASE RSVP SO THAT WE KNOW HOW MUCH FOOD WE WILL NEED What distinguishes a software developer from a software team lead? As a team leader, you are responsible for people, their performance, and motivation. Your output is the output of your team. Whether you are a front-end or back-end developer, or any other discipline that wants to grow into the role of a tech lead, RSVP for an evening of learning, delicious food, and the fusion of leadership and tech! 🚀 18:00 – 🚪 Doors open to the public 18:15 – 🍕 Let’s eat 19:00 – 📢 First round of Talks 19:45 – 🍹 Small break 20:00 – 📢 Second round of Talks 20:45 – 🙋‍♀️ drinks 21:00 – 🍻 See you next time? First Round of Talks: Pixel Perfect and Perfectly Insane: About That Time My Brain Just Switched Off Remy Parzinski, Design System Lead at Logius Learn from Remy how you can care for yourself because we all need to. Second Round of Talks: Becoming a LeadDev at your client; How to Fail at Large (or How to Do Slightly Better) Arno Koehler Engineering Manager @ iO What are the things that will help you become a lead engineer? Building Team Culture (Tales of trust and positivity) Michel Blankenstein Engineering Manager @ iO & Head of Technology @ Zorggenoot How do you create a culture at your company or team? RSVP now to secure your spot, and let's explore the fascinating world of design systems together!

    | Coven of Wisdom - Amsterdam

    Go to page for The Leadership Meetup

Share