web-sdk: adding semaphore pipeline for staging

[chaudharynidhi]

SNE-48188

Changes

Describe the key changes in this PR with the Jira Issue reference

Changes to Public Facing API if any

Please list the impact on the public facing API if any

How Has This Been Tested?

Describe the testing approach and any relevant configurations (e.g., environment, platform)

Checklist

• Code compiles without errors
• Version Bump added to package.json & CHANGELOG.md
• All tests pass
• Build process is successful
• Documentation has been updated (if needed)

Summary by CodeRabbit

• New Features
  • Introduced a dedicated staging deployment process that enables environment-specific asset deployment and cache management.
• Chores
  • Updated deployment configuration labels to clearly distinguish between production and staging environments.
  • Added new promotions for production and staging deployments.
  • Enhanced asset build process with additional artifact push commands.

[coderabbitai]

Walkthrough

The pull request updates the Semaphore deployment configuration by renaming the production deployment job from "Deploy" to "Production-Deploy". It also introduces two new promotions in the Semaphore configuration: "Production" and "Staging", replacing the previous "Deploy" promotion. Additionally, a new file, .semaphore/staging-deploy.yml, has been created to define the staging deployment process, which includes asset deployment to S3 and CloudFront cache invalidation.

Changes

File(s)	Change Summary
.semaphore/production-deploy.yml	Renamed the deployment configuration from "Deploy" to "Production-Deploy".
.semaphore/semaphore.yml	Removed the "Deploy" promotion; added two new promotions: "Production" (linked to production-deploy.yml) and "Staging" (linked to staging-deploy.yml). Added two artifact push commands for clevertap.js and clevertap.js.map.
.semaphore/staging-deploy.yml	Introduced a new configuration for the staging environment with tasks to deploy assets to S3, set up AWS credentials, and invalidate the CloudFront cache.

Sequence Diagram(s)

sequenceDiagram
    participant Dev as Developer
    participant Sem as Semaphore Config
    participant Prod as Production Deploy
    participant Stage as Staging Deploy

    Dev->>Sem: Trigger deployment promotion request
    Sem->>Sem: Determine promotion type
    alt Production Promotion Selected
        Sem->>Prod: Run production pipeline (production-deploy.yml)
        Prod->>Sem: Return deployment status
    else Staging Promotion Selected
        Sem->>Stage: Run staging pipeline (staging-deploy.yml)
        Stage->>Sem: Return deployment status
    end

Loading

Poem

I'm a bouncy rabbit with a code-filled cheer,
Hopping over pipelines without any fear.
Production and staging now hop on separate tracks,
Deployments march forward, no looking back.
With a twitch of my nose, I celebrate these neat tweaks!
🐰🚀
Happy code, happy hop!

---

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Generate unit testing code for this file.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai generate unit testing code for this file.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and generate unit testing code.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai generate docstrings to generate docstrings for this PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai plan to trigger planning for file edits and PR creation.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[coderabbitai]

Actionable comments posted: 0

🧹 Nitpick comments (1)

.semaphore/staging-deploy.yml (1)

30-30: Missing Newline at End of File
The file is missing a newline at the end, as flagged by YAML lint. Adding a newline will help conform to standard YAML formatting practices.

🧰 Tools

🪛 YAMLlint (1.35.1)

[error] 30-30: no new line character at the end of file

(new-line-at-end-of-file)

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between aabac12 and 2ef31ee.

📒 Files selected for processing (3)

• .semaphore/production-deploy.yml (1 hunks)
• .semaphore/semaphore.yml (1 hunks)
• .semaphore/staging-deploy.yml (1 hunks)

🧰 Additional context used

🪛 YAMLlint (1.35.1)

.semaphore/staging-deploy.yml

[error] 30-30: no new line character at the end of file

(new-line-at-end-of-file)

🔇 Additional comments (5)

.semaphore/production-deploy.yml (1)

2-2: Config Name Update Verification
The deployment configuration name has been updated from "Deploy" to Production-Deploy, which aligns with the new promotion structure. Please ensure that this renaming is consistently reflected in all pipeline references and documentation.

.semaphore/semaphore.yml (1)

16-19: Updated Deployment Promotions
The promotions section now defines separate entries for Production and Staging with their dedicated pipeline files. This clear separation supports targeted deployments. Verify that the removal of the old "Deploy" promotion does not impact any external hooks or integrations that might expect the legacy naming.

.semaphore/staging-deploy.yml (3)

1-6: Staging Deployment Configuration Header
The file header correctly establishes the staging deployment configuration with version, name ("Staging-Deploy"), and machine settings. The configuration appears consistent with its production counterpart while targeting the staging environment.

---

25-29: Review Secrets and Agent Configurations
The job configuration references the secret ProductionAccountAwsCredentials and specifies an agent with a different machine type. Double-check that using production credentials for staging is intentional and that the agent's resource allocation meets the demands of staging deployments.

---

13-24:

Details

❓ Verification inconclusive

Command Block – Environment Variable Placeholder Usage
The command block carries out essential tasks such as pulling artifacts, generating AWS credentials, and performing S3 uploads with subsequent CloudFront cache invalidation. However, notice the use of GitHub variable syntax (${{ github.head_ref || github.ref_name }}) in the S3 paths. Since this file is for Semaphore deployments, please verify that these placeholders are supported or consider replacing them with Semaphore-specific variables if necessary.

---

---

Attention: Verify Environment Variable Placeholders in Semaphore Deployment File
The command block in .semaphore/staging-deploy.yml (lines 13–24) uses GitHub action syntax (${{ github.head_ref || github.ref_name }}) within S3 path definitions. Since this file is dedicated to Semaphore deployments, please ensure that these placeholders are supported in your Semaphore environment. If they aren’t being interpolated correctly, consider replacing them with Semaphore-specific variables (for example, $SEMAPHORE_GIT_BRANCH or any equivalent provided by Semaphore).

• Action Required:
  • Confirm that Semaphore resolves GitHub placeholder syntax as expected.
  • If not, update these variables to Semaphore-specific ones to guarantee that S3 uploads and subsequent CloudFront invalidations use the correct branch/path.

---

🏁 Script executed:

#!/bin/bash
# Search for GitHub-specific environment variable placeholders across the repository
rg "github.head_ref" -n .
rg "github.ref_name" -n .

Length of output: 51

---

Attention: Verify GitHub Placeholders in Semaphore Deployment

The deployment script in .semaphore/staging-deploy.yml (lines 13–24) uses GitHub syntax (${{ github.head_ref || github.ref_name }}) in the S3 paths. Since this file is meant for Semaphore deployments, please manually verify that the Semaphore environment actually interpolates these GitHub-specific variables as intended.

• Action Required:
  • Confirm that when the deployment runs, the GitHub placeholders are correctly resolved.
  • If they are not supported by Semaphore, update the script to use Semaphore-specific variables (e.g., $SEMAPHORE_GIT_BRANCH or the appropriate equivalent).

[coderabbitai]

Actionable comments posted: 0

🧹 Nitpick comments (1)

.semaphore/staging-deploy.yml (1)

13-14: Remove Trailing Spaces

Static analysis tools have flagged trailing whitespace on these lines. Removing the extra spaces will improve file cleanliness and prevent potential YAML lint issues.

-            - artifact pull workflow clevertap.min.js 
+            - artifact pull workflow clevertap.min.js
-            - artifact pull workflow clevertap.js 
+            - artifact pull workflow clevertap.js

🧰 Tools

🪛 YAMLlint (1.35.1)

[error] 13-13: trailing spaces

(trailing-spaces)

---

[error] 14-14: trailing spaces

(trailing-spaces)

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 7bd25ba and f5dbbc8.

📒 Files selected for processing (1)

• .semaphore/staging-deploy.yml (1 hunks)

🧰 Additional context used

🪛 YAMLlint (1.35.1)

.semaphore/staging-deploy.yml

[error] 13-13: trailing spaces

(trailing-spaces)

---

[error] 14-14: trailing spaces

(trailing-spaces)

🔇 Additional comments (7)

.semaphore/staging-deploy.yml (7)

1-6: Header Configuration Looks Good

The YAML header accurately defines the version, deployment name, and agent machine settings. This provides a clear starting point for the deployment configuration.

---

7-12: Blocks and Task Structure is Clear

The organization using blocks and tasks effectively outlines the deployment steps. The structure is straightforward and easy to follow.

---

15-16: Artifact Pull Commands

The artifact pull commands for clevertap.js.map (and the other artifacts) are consistent with the deployment needs. Ensure that the artifact naming and availability in the workflow remain unchanged as expected.

---

16-26: AWS Deployment Commands

The multi-line script block handles several key operations: creating a utils directory, retrieving and executing a Python script to generate AWS credentials, verifying the environment, performing S3 uploads with public-read permissions, cleaning up local artifacts, and invalidating the CloudFront cache.

• Verify that the use of eval $(python3 ...) securely handles AWS credentials.
• Ensure that file removals post-upload are intentional for cleanup.
  Overall, the commands align with the deployment objectives.

---

27-28: Secrets Configuration is Appropriate

The inclusion of the secret (ProductionAccountAwsCredentials) is correctly placed to ensure secure access to AWS production resources. Double-check that the secret is well-configured in Semaphore.

---

1-33: Overall Configuration Assessment

The staging deployment configuration effectively fulfills the PR objective of integrating a Semaphore pipeline for staging. It details asset deployment to S3 and CloudFront cache invalidation while leveraging secrets for secure AWS access. Just ensure that:

• Trailing whitespace is removed.
• The agent override settings (especially the empty os_image) are reviewed.
• All environment variables (e.g., PRODUCTION_ACCOUNT_IAM_ROLE_ARN, SEMAPHORE_GIT_BRANCH) are correctly managed.

🧰 Tools

🪛 YAMLlint (1.35.1)

[error] 13-13: trailing spaces

(trailing-spaces)

---

[error] 14-14: trailing spaces

(trailing-spaces)

---

29-32:

Details

❓ Verification inconclusive

Review Agent Override Configuration

There's a secondary agent configuration defined for the job using a machine type of s1-t2-micro with an empty os_image. Please verify whether leaving os_image as an empty string is intentional. If not, specify the correct OS image to avoid potential runtime issues.

---

Review Agent Override Configuration – Verify os_image Setting

• In .semaphore/staging-deploy.yml (lines 29–32), the secondary agent is configured with machine.type set to s1-t2-micro and os_image left as an empty string.
• Please verify if leaving os_image empty is intentional. If a specific OS image is required, update the configuration accordingly to avoid potential runtime issues.