-
Notifications
You must be signed in to change notification settings - Fork 3
126 lines (110 loc) · 4.56 KB
/
deployment-release.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
name: Build and deploy
on:
push:
branches: [release]
paths-ignore:
- 'devops/**'
workflow_dispatch:
jobs:
cancel-previous:
name: 'Cancel Previous Runs'
runs-on: ubuntu-latest
timeout-minutes: 3
steps:
- uses: styfle/[email protected]
with:
access_token: ${{ github.token }}
unique_id:
runs-on: ubuntu-latest
steps:
- name: Generate unique id
id: unique_id
run: echo "::set-output name=id::$(uuidgen)"
outputs:
unique_id: ${{ steps.unique_id.outputs.id }}
install-build-and-push:
runs-on: ubuntu-latest
needs: [cancel-previous, unique_id]
steps:
- name: Get GHA environment name
id: env_vars
run: |
echo "Running on branch ${{ github.ref }}"
if [[ "${{ github.ref }}" == "refs/heads/release" ]]; then
echo "::set-output name=aws_access_key_id::${{ secrets.SECOPS_PROD_AWS_ACCESS_KEY_ID }}"
echo "::set-output name=aws_secret_key::${{ secrets.SECOPS_PROD_AWS_SECRET_ACCESS_KEY }}"
echo "::set-output name=aws_region::${{ secrets.SECOPS_PROD_AWS_REGION }}"
echo "::set-output name=aws_ecr_repository::${{ secrets.SECOPS_PROD_ECR_REPOSITORY }}"
else
echo "Branch ${{ github.ref }} is not configured for deployment"
exit 1
fi
- uses: actions/checkout@v3
- name: Setup app dependencies
uses: actions/setup-node@v3
with:
node-version-file: '.nvmrc'
- uses: actions/cache@v3
id: yarn-cache # use this to check for `cache-hit` (`steps.yarn-cache.outputs.cache-hit != 'true'`)
with:
path: |
authorization-server/node_modules
backend-server/node_modules
generate-identity-cli/node_modules
key: ${{ runner.os }}-node_modules-${{ hashFiles('**/yarn.lock') }}
- name: Install dependencies
run: yarn install
- name: Check linting
run: yarn lint
- name: Build project
run: yarn build
- name: Test project
env:
LOG_LEVEL: 'error'
SELF_BASE_URL: http://127.0.0.1:3000
RPC_URL: 'https://volta-rpc-vkn5r5zx4ke71f9hcu0c.energyweb.org/'
CACHE_SERVER_URL: 'https://identitycache-dev.energyweb.org/v1'
CACHE_SERVER_LOGIN_PRVKEY: 'eab5e5ccb983fad7bf7f5cb6b475a7aea95eff0c6523291b0c0ae38b5855459c'
DID_REGISTRY_ADDRESS: '0xc15d5a57a8eb0e1dcbe5d88b8f9a82017e5cc4af'
ENS_REGISTRY_ADDRESS: '0xd7CeF70Ba7efc2035256d828d5287e2D285CD1ac'
ENS_RESOLVER_ADDRESS: '0xcf72f16Ab886776232bea2fcf3689761a0b74EfE'
IPFS_PROTOCOL: https
IPFS_HOST: ipfs.infura.io
IPFS_PORT: 5001
IPFS_PROJECTID: ${{ secrets.IPFS_PROJECTID }}
IPFS_PROJECTSECRET: ${{ secrets.IPFS_PROJECTSECRET }}
REDIS_HOST: 'localhost'
REDIS_PORT: 61379
JWT_SECRET: 'asecret'
JWT_ACCESS_TTL: 60
JWT_REFRESH_TTL: 600
SIWE_NONCE_TTL: 120
FAIL_ON_REDIS_UNAVAILABLE: true
AUTH_COOKIE_ENABLED: true
IDENTITY_TOKEN: ${{ secrets.IDENTITY_TOKEN }}
BLOCKNUM_AUTH_ENABLED: true
ACCEPTED_ROLES: ''
INCLUDE_ALL_ROLES: false
run: yarn test
- name: Get the tag version
id: get_version
run: echo ::set-output name=VERSION::${GITHUB_REF#refs/tags/}
- name: Login to Public ECR
uses: docker/login-action@v2
with:
registry: public.ecr.aws
username: ${{ steps.env_vars.outputs.aws_access_key_id }}
password: ${{ steps.env_vars.outputs.aws_secret_key }}
env:
AWS_REGION: ${{ steps.env_vars.outputs.aws_region }}
- name: Build & push docker images (AWS)
env:
BUILD_ID: ${{needs.unique_id.outputs.unique_id}}
run: |
docker build --build-arg GIT_SHA=${{ github.sha }} -t public.ecr.aws/p2b6f2f9/${{ steps.env_vars.outputs.aws_ecr_repository }}:$BUILD_ID -f authorization-server/Dockerfile ./authorization-server
docker push public.ecr.aws/p2b6f2f9/${{ steps.env_vars.outputs.aws_ecr_repository }}:$BUILD_ID
docker tag public.ecr.aws/p2b6f2f9/${{ steps.env_vars.outputs.aws_ecr_repository }}:$BUILD_ID public.ecr.aws/p2b6f2f9/${{ steps.env_vars.outputs.aws_ecr_repository }}:latest
docker push public.ecr.aws/p2b6f2f9/${{ steps.env_vars.outputs.aws_ecr_repository }}:latest
- name: Logout of Amazon ECR
if: always()
run: docker logout ${{ steps.login-ecr.outputs.registry }}