Deploy to beta/sanchonet by @Ryun1 #7
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build and deploy app | |
| run-name: Deploy to ${{ inputs.environment }}/${{ inputs.cardano_network }} by @${{ github.actor }} | |
| on: | |
| workflow_dispatch: | |
| inputs: | |
| cardano_network: | |
| required: true | |
| type: choice | |
| default: "sanchonet" | |
| options: | |
| - "sanchonet" | |
| environment: | |
| required: true | |
| type: choice | |
| default: "dev" | |
| options: | |
| - "dev" | |
| - "test" | |
| - "staging" | |
| - "beta" | |
| skip_build: | |
| required: true | |
| type: boolean | |
| default: false | |
| env: | |
| ENVIRONMENT: ${{ inputs.environment || 'dev' }} | |
| CARDANO_NETWORK: ${{ inputs.cardano_network || 'sanchonet' }} | |
| jobs: | |
| check_environment_exists: | |
| name: Check if target environment exists before proceeding | |
| runs-on: ubuntu-latest | |
| defaults: | |
| run: | |
| working-directory: ./src | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v3 | |
| - name: Check environment exists | |
| run: | | |
| make check-env-defined | |
| build_backend: | |
| name: Build and push backend Docker image | |
| if: ${{ ! inputs.skip_build }} | |
| needs: | |
| - check_environment_exists | |
| runs-on: ubuntu-latest | |
| defaults: | |
| run: | |
| working-directory: ./src | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v3 | |
| - name: Configure AWS credentials | |
| uses: aws-actions/configure-aws-credentials@v3 | |
| with: | |
| aws-access-key-id: ${{ secrets.GHA_AWS_ACCESS_KEY_ID }} | |
| aws-secret-access-key: ${{ secrets.GHA_AWS_SECRET_ACCESS_KEY }} | |
| aws-region: eu-west-1 | |
| - name: Login to AWS ECR | |
| uses: aws-actions/configure-aws-credentials@v2 | |
| with: | |
| aws-region: eu-west-1 | |
| - name: Build and push images | |
| run: | | |
| make docker-login | |
| make build-backend | |
| make push-backend | |
| build_frontend: | |
| name: Build and push frontend Docker image | |
| if: ${{ ! inputs.skip_build }} | |
| needs: | |
| - check_environment_exists | |
| runs-on: ubuntu-latest | |
| defaults: | |
| run: | |
| working-directory: ./src | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v3 | |
| - name: Configure AWS credentials | |
| uses: aws-actions/configure-aws-credentials@v3 | |
| with: | |
| aws-access-key-id: ${{ secrets.GHA_AWS_ACCESS_KEY_ID }} | |
| aws-secret-access-key: ${{ secrets.GHA_AWS_SECRET_ACCESS_KEY }} | |
| aws-region: eu-west-1 | |
| - name: Login to AWS ECR | |
| uses: aws-actions/configure-aws-credentials@v2 | |
| with: | |
| aws-region: eu-west-1 | |
| - name: Build and push images | |
| env: | |
| GTM_ID: ${{ secrets.GTM_ID }} | |
| SENTRY_DSN: ${{ secrets.SENTRY_DSN_FRONTEND }} | |
| run: | | |
| make docker-login | |
| if [[ "${{ inputs.environment }}" == "staging" ]]; then export DOMAIN=staging.govtool.byron.network; fi; | |
| if [[ "${{ inputs.environment }}" == "beta" ]]; then export DOMAIN=sanchogov.tools; fi; | |
| make build-frontend | |
| make push-frontend | |
| deploy: | |
| name: Deploy app | |
| needs: | |
| - build_backend | |
| - build_frontend | |
| runs-on: ubuntu-latest | |
| defaults: | |
| run: | |
| working-directory: ./src | |
| env: | |
| DBSYNC_POSTGRES_DB: "cexplorer" | |
| DBSYNC_POSTGRES_USER: "postgres" | |
| DBSYNC_POSTGRES_PASSWORD: "pSa8JCpQOACMUdGb" | |
| FAKEDBSYNC_POSTGRES_DB: "vva" | |
| FAKEDBSYNC_POSTGRES_USER: "test" | |
| FAKEDBSYNC_POSTGRES_PASSWORD: "test" | |
| GRAFANA_ADMIN_PASSWORD: ${{ secrets.GRAFANA_ADMIN_PASSWORD }} | |
| GRAFANA_SLACK_RECIPIENT: ${{ secrets.GRAFANA_SLACK_RECIPIENT }} | |
| GRAFANA_SLACK_OAUTH_TOKEN: ${{ secrets.GRAFANA_SLACK_OAUTH_TOKEN }} | |
| SENTRY_DSN_BACKEND: ${{ secrets.SENTRY_DSN_BACKEND }} | |
| TRAEFIK_LE_EMAIL: "[email protected]" | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v3 | |
| - name: Configure AWS credentials | |
| uses: aws-actions/configure-aws-credentials@v3 | |
| with: | |
| aws-access-key-id: ${{ secrets.GHA_AWS_ACCESS_KEY_ID }} | |
| aws-secret-access-key: ${{ secrets.GHA_AWS_SECRET_ACCESS_KEY }} | |
| aws-region: eu-west-1 | |
| - name: Login to AWS ECR | |
| uses: aws-actions/configure-aws-credentials@v2 | |
| with: | |
| aws-region: eu-west-1 | |
| - name: Setup SSH agent | |
| uses: webfactory/[email protected] | |
| with: | |
| ssh-private-key: ${{ secrets.GHA_SSH_PRIVATE_KEY }} | |
| - name: Prepare and upload app config | |
| run: | | |
| make prepare-config | |
| if [[ "${{ inputs.environment }}" == "staging" ]]; then export DOMAIN=staging.govtool.byron.network; fi; | |
| if [[ "${{ inputs.environment }}" == "beta" ]]; then export DOMAIN=sanchogov.tools; fi; | |
| make upload-config | |
| - name: Deploy app | |
| run: | | |
| make docker-login | |
| if [[ "${{ inputs.environment }}" == "staging" ]]; then export DOMAIN=staging.govtool.byron.network; fi; | |
| if [[ "${{ inputs.environment }}" == "beta" ]]; then export DOMAIN=sanchogov.tools; fi; | |
| make deploy-stack | |
| - name: Reprovision Grafana | |
| run: | | |
| sleep 30 # give grafana time to start up | |
| if [[ "${{ inputs.environment }}" == "staging" ]]; then export DOMAIN=staging.govtool.byron.network; fi; | |
| if [[ "${{ inputs.environment }}" == "beta" ]]; then export DOMAIN=sanchogov.tools; fi; | |
| DOMAIN=${DOMAIN:-$ENVIRONMENT-$CARDANO_NETWORK.govtool.byron.network} | |
| curl -X POST -u "admin:$GRAFANA_ADMIN_PASSWORD" https://$DOMAIN/grafana/api/admin/provisioning/alerting/reload | |
| curl -X POST -u "admin:$GRAFANA_ADMIN_PASSWORD" https://$DOMAIN/grafana/api/admin/provisioning/dashboards/reload | |
| curl -X POST -u "admin:$GRAFANA_ADMIN_PASSWORD" https://$DOMAIN/grafana/api/admin/provisioning/notifications/reload | |
| - name: Notify on Slack | |
| env: | |
| SLACK_WEBHOOK_URL: ${{ secrets.DEPLOY_NOTIFY_SLACK_WEBHOOK_URL }} | |
| run: | | |
| if [[ "${{ inputs.environment }}" == "staging" ]]; then export DOMAIN=staging.govtool.byron.network; fi; | |
| if [[ "${{ inputs.environment }}" == "beta" ]]; then export DOMAIN=sanchogov.tools; fi; | |
| make notify | |
| deploy_without_build: | |
| name: Deploy app without building | |
| if: ${{ inputs.skip_build }} | |
| needs: | |
| - check_environment_exists | |
| runs-on: ubuntu-latest | |
| defaults: | |
| run: | |
| working-directory: ./src | |
| env: | |
| DBSYNC_POSTGRES_DB: "cexplorer" | |
| DBSYNC_POSTGRES_USER: "postgres" | |
| DBSYNC_POSTGRES_PASSWORD: "pSa8JCpQOACMUdGb" | |
| FAKEDBSYNC_POSTGRES_DB: "vva" | |
| FAKEDBSYNC_POSTGRES_USER: "test" | |
| FAKEDBSYNC_POSTGRES_PASSWORD: "test" | |
| GRAFANA_ADMIN_PASSWORD: ${{ secrets.GRAFANA_ADMIN_PASSWORD }} | |
| GRAFANA_SLACK_RECIPIENT: ${{ secrets.GRAFANA_SLACK_RECIPIENT }} | |
| GRAFANA_SLACK_OAUTH_TOKEN: ${{ secrets.GRAFANA_SLACK_OAUTH_TOKEN }} | |
| SENTRY_DSN_BACKEND: ${{ secrets.SENTRY_DSN_BACKEND }} | |
| TRAEFIK_LE_EMAIL: "[email protected]" | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v3 | |
| - name: Configure AWS credentials | |
| uses: aws-actions/configure-aws-credentials@v3 | |
| with: | |
| aws-access-key-id: ${{ secrets.GHA_AWS_ACCESS_KEY_ID }} | |
| aws-secret-access-key: ${{ secrets.GHA_AWS_SECRET_ACCESS_KEY }} | |
| aws-region: eu-west-1 | |
| - name: Login to AWS ECR | |
| uses: aws-actions/configure-aws-credentials@v2 | |
| with: | |
| aws-region: eu-west-1 | |
| - name: Setup SSH agent | |
| uses: webfactory/[email protected] | |
| with: | |
| ssh-private-key: ${{ secrets.GHA_SSH_PRIVATE_KEY }} | |
| - name: Prepare and upload app config | |
| run: | | |
| make prepare-config | |
| if [[ "${{ inputs.environment }}" == "staging" ]]; then export DOMAIN=staging.govtool.byron.network; fi; | |
| if [[ "${{ inputs.environment }}" == "beta" ]]; then export DOMAIN=sanchogov.tools; fi; | |
| make upload-config | |
| - name: Deploy app | |
| run: | | |
| make docker-login | |
| if [[ "${{ inputs.environment }}" == "staging" ]]; then export DOMAIN=staging.govtool.byron.network; fi; | |
| if [[ "${{ inputs.environment }}" == "beta" ]]; then export DOMAIN=sanchogov.tools; fi; | |
| make deploy-stack | |
| - name: Reprovision Grafana | |
| run: | | |
| sleep 30 # give grafana time to start up | |
| if [[ "${{ inputs.environment }}" == "staging" ]]; then export DOMAIN=staging.govtool.byron.network; fi; | |
| if [[ "${{ inputs.environment }}" == "beta" ]]; then export DOMAIN=sanchogov.tools; fi; | |
| DOMAIN=${DOMAIN:-$ENVIRONMENT-$CARDANO_NETWORK.govtool.byron.network} | |
| curl -X POST -u "admin:$GRAFANA_ADMIN_PASSWORD" https://$DOMAIN/grafana/api/admin/provisioning/alerting/reload | |
| curl -X POST -u "admin:$GRAFANA_ADMIN_PASSWORD" https://$DOMAIN/grafana/api/admin/provisioning/dashboards/reload | |
| curl -X POST -u "admin:$GRAFANA_ADMIN_PASSWORD" https://$DOMAIN/grafana/api/admin/provisioning/notifications/reload | |
| - name: Notify on Slack | |
| env: | |
| SLACK_WEBHOOK_URL: ${{ secrets.DEPLOY_NOTIFY_SLACK_WEBHOOK_URL }} | |
| run: | | |
| if [[ "${{ inputs.environment }}" == "staging" ]]; then export DOMAIN=staging.govtool.byron.network; fi; | |
| if [[ "${{ inputs.environment }}" == "beta" ]]; then export DOMAIN=sanchogov.tools; fi; | |
| make notify |