Skip to content

Build and deploy to AWS Staging #3962

Build and deploy to AWS Staging

Build and deploy to AWS Staging #3962

Workflow file for this run

on:
push:
branches:
- dev
workflow_dispatch:
name: Build and deploy to AWS Staging
env:
AWS_REGION: eu-central-1
ENVIRONMENT_TAG: staging
SERVICE_NAME: summer-fi-staging
CLUSTER_NAME: summer-fi-staging
CONFIG_URL: ${{ secrets.CONFIG_URL }}
NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
jobs:
deploy:
name: Build and deploy to AWS Staging
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v3
- name: Setup node
uses: actions/setup-node@v3
with:
node-version: 18.19.1
- name: Check required secrets
env:
AJNA_SUBGRAPH_URL_GOERLI: ${{ secrets.AJNA_SUBGRAPH_URL_GOERLI }}
AJNA_SUBGRAPH_URL_STAGING: ${{ secrets.AJNA_SUBGRAPH_URL_STAGING }}
AJNA_SUBGRAPH_V2_URL_GOERLI: ${{ secrets.AJNA_SUBGRAPH_V2_URL_GOERLI }}
AJNA_SUBGRAPH_V2_URL_STAGING: ${{ secrets.AJNA_SUBGRAPH_V2_URL_STAGING }}
BLOCKNATIVE_API_KEY_STAGING: ${{ secrets.BLOCKNATIVE_API_KEY_STAGING }}
ETHERSCAN_API_KEY: ${{ secrets.ETHERSCAN_API_KEY }}
INFURA_PROJECT_ID_STAGING: ${{ secrets.INFURA_PROJECT_ID_STAGING }}
MIXPANEL_KEY_STAGING: ${{ secrets.MIXPANEL_KEY_STAGING }}
ONE_INCH_API_KEY_STAGING: ${{ secrets.ONE_INCH_API_KEY_STAGING }}
ONE_INCH_API_URL_STAGING: ${{ secrets.ONE_INCH_API_URL_STAGING }}
PRODUCT_HUB_KEY: ${{ secrets.PRODUCT_HUB_KEY }}
REFERRAL_SUBGRAPH_URL_STAGING: ${{ secrets.REFERRAL_SUBGRAPH_URL_STAGING }}
SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }}
NEWSLETTER_API_KEY: ${{ secrets.NEWSLETTER_API_KEY }}
NEWSLETTER_PUBLICATION_ID: ${{ secrets.NEWSLETTER_PUBLICATION_ID }}
NEWSLETTER_ENDPOINT: ${{ secrets.NEWSLETTER_ENDPOINT }}
run: |
required_secrets=("AJNA_SUBGRAPH_URL_STAGING" "AJNA_SUBGRAPH_URL_GOERLI" "AJNA_SUBGRAPH_V2_URL_STAGING" "AJNA_SUBGRAPH_V2_URL_GOERLI" "MIXPANEL_KEY_STAGING" "INFURA_PROJECT_ID_STAGING" "ETHERSCAN_API_KEY" "BLOCKNATIVE_API_KEY_STAGING" "SENTRY_AUTH_TOKEN" "PRODUCT_HUB_KEY" "ONE_INCH_API_KEY_STAGING" "ONE_INCH_API_URL_STAGING" "REFERRAL_SUBGRAPH_URL_STAGING" "NEWSLETTER_API_KEY" "NEWSLETTER_PUBLICATION_ID" "NEWSLETTER_ENDPOINT")
fail=false
for secret in "${required_secrets[@]}"; do
secret_value=$(printenv $secret)
if [[ -z "$secret_value" ]]; then
echo "::error::Secret $secret is not set"
fail=true
fi
done
if [[ $fail == true ]]; then
echo "::error::One or more secrets are not set. Exiting..."
exit 1
fi
- name: Extract commit hash
id: vars
shell: bash
run: |
echo "::set-output name=sha_short::$(git rev-parse --short HEAD)"
- name: Use modules cache
uses: actions/cache@v3
id: yarn-cache
with:
path: '**/node_modules'
key: ${{ runner.os }}-node-${{ hashFiles('**/yarn.lock') }}
- name: Install packages
if: steps.yarn-cache.outputs.cache-hit != 'true'
run: yarn --no-progress --non-interactive --frozen-lockfile
- name: Run postinstall
if: steps.yarn-cache.outputs.cache-hit == 'true'
run: yarn postinstall
- name: Use next cache
uses: jongwooo/next-cache@v1
- name: Build standalone app
id: build-app
env:
NODE_OPTIONS: '--max_old_space_size=4096'
SHA_TAG: ${{ steps.vars.outputs.sha_short }}
LATEST_TAG: latest
COMMIT_SHA: ${{ steps.vars.outputs.sha_short }}
AJNA_SUBGRAPH_URL: ${{ secrets.AJNA_SUBGRAPH_URL_STAGING }}
AJNA_SUBGRAPH_URL_GOERLI: ${{ secrets.AJNA_SUBGRAPH_URL_GOERLI }}
AJNA_SUBGRAPH_V2_URL: ${{ secrets.AJNA_SUBGRAPH_V2_URL_STAGING }}
AJNA_SUBGRAPH_V2_URL_GOERLI: ${{ secrets.AJNA_SUBGRAPH_V2_URL_GOERLI }}
MIXPANEL_ENV: staging
MIXPANEL_KEY: ${{ secrets.MIXPANEL_KEY_STAGING }}
INFURA_PROJECT_ID: ${{ secrets.INFURA_PROJECT_ID_STAGING }}
ETHERSCAN_API_KEY: ${{ secrets.ETHERSCAN_API_KEY }}
BLOCKNATIVE_API_KEY: ${{ secrets.BLOCKNATIVE_API_KEY_STAGING }}
SHOW_BUILD_INFO: 1
NODE_ENV: production
NEXT_PUBLIC_SENTRY_ENV: staging
SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }}
PRODUCT_HUB_KEY: ${{ secrets.PRODUCT_HUB_KEY }}
ONE_INCH_API_KEY: ${{ secrets.ONE_INCH_API_KEY_STAGING }}
NEXT_PUBLIC_SPINDL_SDK_KEY: ${{ secrets.NEXT_PUBLIC_SPINDL_SDK_KEY }}
ONE_INCH_API_URL: ${{ secrets.ONE_INCH_API_URL_STAGING }}
REFERRAL_SUBGRAPH_URL: ${{ secrets.REFERRAL_SUBGRAPH_URL_STAGING }}
BLOG_POSTS_API_KEY: ${{ secrets.BLOG_POSTS_API_KEY }}
BLOG_POSTS_API_URL: ${{ secrets.BLOG_POSTS_API_URL }}
NEWSLETTER_API_KEY: ${{ secrets.NEWSLETTER_API_KEY }}
NEWSLETTER_PUBLICATION_ID: ${{ secrets.NEWSLETTER_PUBLICATION_ID }}
NEWSLETTER_ENDPOINT: ${{ secrets.NEWSLETTER_ENDPOINT }}
run: yarn build
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v2
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID_STAGING }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY_STAGING }}
aws-region: ${{ env.AWS_REGION }}
- name: Login to Amazon ECR
id: login-ecr
uses: aws-actions/amazon-ecr-login@v1
- name: Build runner image
id: build-image
env:
SHA_TAG: ${{ steps.vars.outputs.sha_short }}
LATEST_TAG: latest
ECR_REPO_NAME: summer-fi-staging
ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }}
run: |
# Build a docker container and
# push it to ECR so that it can
# be deployed to ECS.
docker build -f Dockerfile.staging \
--cache-from=$ECR_REGISTRY/$ECR_REPO_NAME:$LATEST_TAG \
-t $ECR_REGISTRY/$ECR_REPO_NAME:$SHA_TAG \
-t $ECR_REGISTRY/$ECR_REPO_NAME:$LATEST_TAG \
-t $ECR_REGISTRY/$ECR_REPO_NAME:$ENVIRONMENT_TAG \
.
docker push $ECR_REGISTRY/$ECR_REPO_NAME --all-tags
- name: Update ECS service with latest Docker image
id: service-update
run: |
aws ecs update-service --cluster $CLUSTER_NAME --service ${{ env.SERVICE_NAME }} --force-new-deployment --region $AWS_REGION
- name: Wait for all services to become stable
uses: oryanmoshe/[email protected]
with:
ecs-cluster: ${{ env.CLUSTER_NAME }}
ecs-services: '["${{ env.SERVICE_NAME }}"]'
- name: Invalidate CloudFront
run:
AWS_MAX_ATTEMPTS=10 aws cloudfront create-invalidation --distribution-id
${{secrets.CF_DIST_ID_STAGING }} --paths "/*"
- name: Trigger e2e tests in e2e-tests repository
env:
E2E_TESTS_PAT: ${{ secrets.E2E_TESTS_PAT }}
run: |
curl -L \
-X POST \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer ${{ env.E2E_TESTS_PAT }}" \
-H "X-GitHub-Api-Version: 2022-11-28" \
https://api.github.com/repos/OasisDEX/e2e-tests/actions/workflows/ci_e2e_tests.yml/dispatches \
-d "{\"ref\":\"main\", \"inputs\":{\"run_id\":\"${{ github.run_id }}\", \"repository\":\"${{ github.repository }}\"}}"
echo 'See test results in https://github.com/OasisDEX/e2e-tests/actions/workflows/ci_e2e_tests.yml --> Job with RUN_ID ${{ github.run_id }} in the logs.'