chore(deps): bump cypress-io/github-action from 4 to 6 #3680
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Dashboard CI/CD | |
| on: | |
| push: | |
| paths-ignore: | |
| - 'apps/console/**' | |
| - 'deploy/helm/console/**' | |
| - ".github/workflows/console-ci.yaml" | |
| - 'apps/sandbox/**' | |
| - 'deploy/helm/sandbox/**' | |
| - ".github/workflows/sandbox-ci.yaml" | |
| branches: | |
| - main | |
| pull_request: | |
| paths-ignore: | |
| - 'apps/console/**' | |
| - 'deploy/helm/console/**' | |
| - ".github/workflows/console-ci.yaml" | |
| - 'apps/sandbox/**' | |
| - 'deploy/helm/sandbox/**' | |
| - ".github/workflows/sandbox-ci.yaml" | |
| branches: | |
| - main | |
| release: | |
| types: | |
| - prereleased | |
| - released | |
| workflow_dispatch: | |
| inputs: | |
| ENVIRONMENT_NAME: | |
| description: 'Environment Name' | |
| required: true | |
| default: enkinet | |
| type: choice | |
| options: | |
| - enkinet | |
| - hammunet | |
| - gilganet | |
| - mardunet | |
| env: | |
| active_network: 'stokenet' | |
| prerelease_network: 'stokenet' | |
| release_network: 'mainnet' | |
| permissions: | |
| id-token: write | |
| pull-requests: read | |
| contents: read | |
| deployments: write | |
| jobs: | |
| trigger: | |
| name: Check trigger | |
| if: > | |
| ( github.event.action == 'prereleased' && contains( github.event.release.tag_name, 'dashboard') ) || | |
| ( github.event.action == 'released' && contains( github.event.release.tag_name, 'dashboard') ) || | |
| ( github.event_name == 'workflow_dispatch' ) || | |
| ( github.ref == 'refs/heads/main' && github.event_name == 'push' ) || | |
| ( github.event_name == 'pull_request' ) | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Dump context | |
| uses: crazy-max/ghaction-dump-context@v2 | |
| - name: Info | |
| run: | | |
| echo "This is triggered by ${{ github.event_name }}." >> $GITHUB_STEP_SUMMARY | |
| echo "Github action is ${{ github.event.action }}." >> $GITHUB_STEP_SUMMARY | |
| build: | |
| runs-on: ubuntu-latest | |
| needs: | |
| - trigger | |
| steps: | |
| - uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c | |
| with: | |
| fetch-depth: 0 | |
| - name: Dump context | |
| uses: crazy-max/ghaction-dump-context@158bbf4d6158a44a7e13f76295dc55a69e481a6e | |
| - uses: ./.github/actions/build | |
| with: | |
| active_network_name: ${{ env.active_network }} | |
| release_network_name: ${{ env.release_network }} | |
| - name: Turbo Worfkflow | |
| run: npx turbo run db:generate lint prettier coverage svelte:check --filter=dashboard | |
| - name: Run e2e tests on the PR environment | |
| uses: cypress-io/github-action@v6 | |
| with: | |
| start: npm run dev:dashboard | |
| wait-on: http://localhost:5173 | |
| project: ./apps/dashboard | |
| setup-tags: | |
| runs-on: ubuntu-latest | |
| needs: | |
| - trigger | |
| steps: | |
| - uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c | |
| with: | |
| fetch-depth: 0 | |
| - name: Docker tags for dashboard | |
| id: dashboard-tags | |
| uses: docker/metadata-action@v4 | |
| with: | |
| images: | | |
| docker.io/radixdlt/dapps-dashboard | |
| tags: | | |
| type=sha,event=pr | |
| type=sha,event=branch | |
| type=semver,pattern={{version}} | |
| - name: Docker tags for storybook | |
| id: storybook-tags | |
| uses: docker/metadata-action@v4 | |
| with: | |
| images: | | |
| docker.io/radixdlt/dapps-dashboard-storybook | |
| tags: | | |
| type=sha,event=pr | |
| type=sha,event=branch | |
| type=semver,pattern={{version}} | |
| - name: Define network name | |
| run: | | |
| if [ "${{ github.event_name}}" = 'workflow_dispatch' ]; then | |
| echo "NETWORK_NAME="${{ github.event.inputs.ENVIRONMENT_NAME }}"" >> $GITHUB_ENV | |
| elif [ "${{ github.event.action }}" = "released" ]; then | |
| echo "NETWORK_NAME=${{ env.release_network }}" >> $GITHUB_ENV | |
| elif [ "${{ github.event.action }}" = "prereleased" ]; then | |
| echo "NETWORK_NAME=${{ env.prerelease_network }}" >> $GITHUB_ENV | |
| elif [ "${{ github.ref }}" = "refs/heads/main" -a "${{ github.event_name }}" = 'push' ] || [ "${{ github.event_name }}" = "pull_request" ]; then | |
| echo "NETWORK_NAME=${{ env.active_network }}" >> $GITHUB_ENV | |
| fi | |
| - id: network | |
| run: | | |
| echo "network-name=${{ env.NETWORK_NAME }}" >> $GITHUB_OUTPUT | |
| - id: tag-with-network | |
| run: | | |
| echo "tag-with-network=${{github.sha}}-${{ env.NETWORK_NAME }}" >> $GITHUB_OUTPUT | |
| - run: | | |
| echo "$GITHUB_OUTPUT" | |
| outputs: | |
| dashboard-tags: ${{ steps.dashboard-tags.outputs.tags }} | |
| dashboard-labels: ${{ steps.dashboard-tags.outputs.labels }} | |
| dashboard-json: ${{ steps.dashboard-tags.outputs.json }} | |
| storybook-tags: ${{ steps.storybook-tags.outputs.tags }} | |
| storybook-labels: ${{ steps.storybook-tags.outputs.labels }} | |
| storybook-json: ${{ steps.storybook-tags.outputs.json }} | |
| tag-with-network: ${{steps.tag-with-network.outputs.tag-with-network}} | |
| network-name: ${{steps.network.outputs.network-name}} | |
| snyk-scan-deps-licences: | |
| runs-on: ubuntu-latest | |
| needs: | |
| - trigger | |
| steps: | |
| - uses: actions/checkout@755da8c3cf115ac066823e79a1e1788f8940201b | |
| - uses: radixdlt/public-iac-resuable-artifacts/fetch-secrets@main | |
| with: | |
| role_name: 'arn:aws:iam::308190735829:role/gh-common-secrets-read-access' | |
| app_name: 'dashboard' | |
| step_name: 'snyk-scan-deps-licences' | |
| secret_prefix: 'SNYK' | |
| secret_name: 'arn:aws:secretsmanager:eu-west-2:308190735829:secret:github-actions/common/snyk-credentials-rXRpuX' | |
| parse_json: true | |
| - name: Run Snyk to check for deps vulnerabilities | |
| uses: snyk/actions/node@b98d498629f1c368650224d6d212bf7dfa89e4bf # v0.4.0 | |
| with: | |
| args: --all-projects --org=${{ env.SNYK_PROJECTS_ORG_ID }} --severity-threshold=critical | |
| snyk-scan-code: | |
| runs-on: ubuntu-latest | |
| needs: | |
| - trigger | |
| steps: | |
| - uses: actions/checkout@755da8c3cf115ac066823e79a1e1788f8940201b | |
| - uses: radixdlt/public-iac-resuable-artifacts/fetch-secrets@main | |
| with: | |
| role_name: 'arn:aws:iam::308190735829:role/gh-common-secrets-read-access' | |
| app_name: 'dashboard' | |
| step_name: 'snyk-scan-code' | |
| secret_prefix: 'SNYK' | |
| secret_name: 'arn:aws:secretsmanager:eu-west-2:308190735829:secret:github-actions/common/snyk-credentials-rXRpuX' | |
| parse_json: true | |
| - name: Run Snyk to check for code vulnerabilities | |
| uses: snyk/actions/node@b98d498629f1c368650224d6d212bf7dfa89e4bf # v0.4.0 | |
| continue-on-error: true # temporary until code fix | |
| with: | |
| args: --all-projects --org=${{ env.SNYK_PROJECTS_ORG_ID }} --severity-threshold=high | |
| command: code test | |
| snyk-sbom: | |
| runs-on: ubuntu-latest | |
| needs: | |
| - snyk-scan-deps-licences | |
| - snyk-scan-code | |
| permissions: write-all | |
| steps: | |
| - uses: actions/checkout@755da8c3cf115ac066823e79a1e1788f8940201b | |
| - uses: radixdlt/public-iac-resuable-artifacts/fetch-secrets@main | |
| with: | |
| role_name: 'arn:aws:iam::308190735829:role/gh-common-secrets-read-access' | |
| app_name: 'dashboard' | |
| step_name: 'snyk-sbom' | |
| secret_prefix: 'SNYK' | |
| secret_name: 'arn:aws:secretsmanager:eu-west-2:308190735829:secret:github-actions/common/snyk-credentials-rXRpuX' | |
| parse_json: true | |
| - name: Generate SBOM # check SBOM can be generated but nothing is done with it | |
| uses: snyk/actions/node@b98d498629f1c368650224d6d212bf7dfa89e4bf # v0.4.0 | |
| with: | |
| args: --all-projects --org=${{ env.SNYK_PROJECTS_ORG_ID }} --format=cyclonedx1.4+json --json-file-output sbom.json | |
| command: sbom | |
| - name: Upload SBOM | |
| if: github.event_name == 'release' | |
| uses: AButler/upload-release-assets@c94805dc72e4b20745f543da0f62eaee7722df7a # v2.0.2 | |
| with: | |
| files: sbom.json | |
| repo-token: ${{ secrets.GITHUB_TOKEN }} | |
| release-tag: ${{ github.event.release.tag_name }} | |
| snyk-monitor: | |
| runs-on: ubuntu-latest | |
| if: github.event_name == 'push' && (github.ref == 'refs/heads/main' || github.ref == 'refs/heads/develop') | |
| needs: | |
| - setup-tags | |
| - push-dashboard | |
| - push-storybook | |
| steps: | |
| - uses: actions/checkout@755da8c3cf115ac066823e79a1e1788f8940201b | |
| - uses: radixdlt/public-iac-resuable-artifacts/fetch-secrets@main | |
| with: | |
| role_name: 'arn:aws:iam::308190735829:role/gh-common-secrets-read-access' | |
| app_name: 'dashboard' | |
| step_name: 'snyk-monitor' | |
| secret_prefix: 'SNYK' | |
| secret_name: 'arn:aws:secretsmanager:eu-west-2:308190735829:secret:github-actions/common/snyk-credentials-rXRpuX' | |
| parse_json: true | |
| - name: Enable Snyk online monitoring to check for vulnerabilities | |
| uses: snyk/actions/node@b98d498629f1c368650224d6d212bf7dfa89e4bf # v0.4.0 | |
| with: | |
| args: --all-projects --org=${{ env.SNYK_PROJECTS_ORG_ID }} --target-reference=${{ github.ref_name }} | |
| command: monitor | |
| snyk-container-monitor: | |
| runs-on: ubuntu-latest | |
| if: github.event_name == 'push' && (github.ref == 'refs/heads/main' || github.ref == 'refs/heads/develop') | |
| needs: | |
| - setup-tags | |
| - push-dashboard | |
| - push-storybook | |
| steps: | |
| - uses: radixdlt/public-iac-resuable-artifacts/snyk-container-monitor@main | |
| with: | |
| role_name: 'arn:aws:iam::308190735829:role/gh-common-secrets-read-access' | |
| app_name: 'dashboard' | |
| dockerhub_secret_name: 'arn:aws:secretsmanager:eu-west-2:308190735829:secret:github-actions/common/dockerhub-credentials' | |
| snyk_secret_name: 'arn:aws:secretsmanager:eu-west-2:308190735829:secret:github-actions/common/snyk-credentials-rXRpuX' | |
| snyk_org_id: ${{ secrets.SNYK_ORG_ID }} | |
| image: docker.io/radixdlt/dapps-dashboard:${{ needs.setup-tags.outputs.tag-with-network }} | |
| target_ref: ${{ github.ref_name }} | |
| sonar: | |
| runs-on: ubuntu-latest | |
| needs: | |
| - trigger | |
| steps: | |
| - uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c | |
| with: | |
| fetch-depth: 0 | |
| - name: Use Node.js | |
| uses: actions/setup-node@8c91899e586c5b171469028077307d293428b516 | |
| with: | |
| always-auth: true | |
| node-version: 20.3.0 | |
| - uses: radixdlt/public-iac-resuable-artifacts/fetch-secrets@main | |
| with: | |
| role_name: 'arn:aws:iam::308190735829:role/gh-dapps-monorepo-secrets-read-access' | |
| app_name: 'dashboard' | |
| step_name: 'sonar' | |
| secret_prefix: 'GH' | |
| secret_name: 'arn:aws:secretsmanager:eu-west-2:308190735829:secret:github-actions/radixdlt/dapps-monorepo/dashboard/sonar-token-uQM7l6' | |
| parse_json: true | |
| # - name: Run story book tests | |
| # run: yarn && npx concurrently --kill-others "yarn storybook" "yarn test:storybook" | |
| - name: SonarCloud Scan | |
| uses: SonarSource/sonarcloud-github-action@master | |
| with: | |
| projectBaseDir: ./apps/dashboard | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| SONAR_TOKEN: ${{ env.GH_SONAR_TOKEN }} | |
| push-dashboard: | |
| runs-on: ubuntu-latest | |
| needs: | |
| - setup-tags | |
| - snyk-scan-deps-licences | |
| - snyk-scan-code | |
| steps: | |
| - uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c | |
| - uses: radixdlt/public-iac-resuable-artifacts/fetch-secrets@main | |
| with: | |
| role_name: 'arn:aws:iam::308190735829:role/gh-common-secrets-read-access' | |
| app_name: 'dashboard' | |
| step_name: 'push-dashboard' | |
| secret_prefix: 'DOCKERHUB_PRIVATE' | |
| secret_name: 'arn:aws:secretsmanager:eu-west-2:308190735829:secret:github-actions/common/dockerhub-credentials' | |
| parse_json: true | |
| - name: Login to Docker Hub | |
| uses: docker/login-action@f4ef78c080cd8ba55a85445d5b36e214a81df20a | |
| with: | |
| username: ${{env.DOCKERHUB_PRIVATE_USERNAME}} | |
| password: ${{env.DOCKERHUB_PRIVATE_TOKEN}} | |
| - name: Docker build and push | |
| uses: docker/build-push-action@c56af957549030174b10d6867f20e78cfd7debc5 | |
| with: | |
| file: ./Dockerfile | |
| push: true | |
| context: . | |
| tags: docker.io/radixdlt/dapps-dashboard:${{ needs.setup-tags.outputs.tag-with-network }} | |
| labels: ${{ needs.setup-tags.outputs.dashboard-labels }} | |
| target: 'dashboard' | |
| build-args: | | |
| NETWORK_NAME=${{ needs.setup-tags.outputs.network-name }} | |
| NPM_LOCAL_CACHE=.cache/ | |
| - uses: radixdlt/public-iac-resuable-artifacts/fetch-secrets@main | |
| with: | |
| role_name: 'arn:aws:iam::308190735829:role/gh-common-secrets-read-access' | |
| app_name: 'dashboard' | |
| step_name: 'push-dashboard' | |
| secret_prefix: 'SNYK' | |
| secret_name: 'arn:aws:secretsmanager:eu-west-2:308190735829:secret:github-actions/common/snyk-credentials-rXRpuX' | |
| parse_json: true | |
| - name: Snyk image scan | |
| uses: snyk/actions/docker@b98d498629f1c368650224d6d212bf7dfa89e4bf # v0.4.0 | |
| with: | |
| image: docker.io/radixdlt/dapps-dashboard:${{ needs.setup-tags.outputs.tag-with-network }} | |
| args: --file=Dockerfile --severity-threshold=critical --fail-on=all | |
| - name: Docker Image output | |
| run: docker images | |
| - name: Output job summary | |
| run: | | |
| echo "Network that will be deployed: ${{ needs.setup-tags.outputs.network-name }}" >> $GITHUB_STEP_SUMMARY | |
| push-storybook: | |
| runs-on: ubuntu-latest | |
| needs: | |
| - setup-tags | |
| - snyk-scan-deps-licences | |
| - snyk-scan-code | |
| steps: | |
| - uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c | |
| - uses: radixdlt/public-iac-resuable-artifacts/fetch-secrets@main | |
| with: | |
| role_name: 'arn:aws:iam::308190735829:role/gh-common-secrets-read-access' | |
| app_name: 'dashboard' | |
| step_name: 'push-story' | |
| secret_prefix: 'DOCKERHUB_PRIVATE' | |
| secret_name: 'arn:aws:secretsmanager:eu-west-2:308190735829:secret:github-actions/common/dockerhub-credentials' | |
| parse_json: true | |
| - name: Login to Docker Hub | |
| uses: docker/login-action@f4ef78c080cd8ba55a85445d5b36e214a81df20a | |
| with: | |
| username: ${{env.DOCKERHUB_PRIVATE_USERNAME}} | |
| password: ${{env.DOCKERHUB_PRIVATE_TOKEN}} | |
| - name: Docker build and push | |
| uses: docker/build-push-action@c56af957549030174b10d6867f20e78cfd7debc5 | |
| with: | |
| file: ./Dockerfile | |
| push: true | |
| context: . | |
| tags: docker.io/radixdlt/dapps-dashboard-storybook:${{ needs.setup-tags.outputs.tag-with-network }} | |
| labels: ${{ needs.setup-tags.outputs.storybook-labels }} | |
| target: 'storybook' | |
| build-args: | | |
| NETWORK_NAME=${{ needs.setup-tags.outputs.network-name }} | |
| NPM_LOCAL_CACHE=.cache/ | |
| - uses: radixdlt/public-iac-resuable-artifacts/fetch-secrets@main | |
| with: | |
| role_name: 'arn:aws:iam::308190735829:role/gh-common-secrets-read-access' | |
| app_name: 'dashboard' | |
| step_name: 'push-storybook' | |
| secret_prefix: 'SNYK' | |
| secret_name: 'arn:aws:secretsmanager:eu-west-2:308190735829:secret:github-actions/common/snyk-credentials-rXRpuX' | |
| parse_json: true | |
| - name: Snyk image scan | |
| uses: snyk/actions/docker@b98d498629f1c368650224d6d212bf7dfa89e4bf # v0.4.0 | |
| with: | |
| image: docker.io/radixdlt/dapps-dashboard-storybook:${{ needs.setup-tags.outputs.tag-with-network }} | |
| args: --file=Dockerfile --severity-threshold=critical --fail-on=all | |
| - name: Docker Image output | |
| run: docker images | |
| - name: Output job summary | |
| run: | | |
| echo "Network that will be deployed:${{ needs.setup-tags.outputs.network-name }}" >> $GITHUB_STEP_SUMMARY | |
| deploy_pull_request: | |
| if: ${{ github.event.pull_request }} | |
| uses: radixdlt/iac-resuable-artifacts/.github/workflows/[email protected] | |
| needs: | |
| - push-dashboard | |
| - push-storybook | |
| - setup-tags | |
| with: | |
| env_name: pr | |
| hierarchical_namespace: dashboard-ci-pr | |
| namespace: dashboard-pr-${{ github.event.number }} | |
| restart_pods: true | |
| create_subns: true | |
| aws_region: eu-west-2 | |
| role_to_assume: 'arn:aws:iam::308190735829:role/gh-dashboard-pr-deployer' | |
| eks_cluster: rdx-works-main-dev | |
| helm_folder: deploy/helm/dashboard | |
| helmfile_extra_vars: >- | |
| ci.tag=${{ needs.setup-tags.outputs.tag-with-network }}, | |
| ci.prNumber=${{ github.event.number }} | |
| app_name: 'dashboard' | |
| step_name: 'deploy-pr' | |
| deploy_dev: | |
| if: github.ref == 'refs/heads/main' && github.event_name == 'push' | |
| uses: radixdlt/iac-resuable-artifacts/.github/workflows/[email protected] | |
| needs: | |
| - push-dashboard | |
| - push-storybook | |
| - setup-tags | |
| with: | |
| env_name: dev | |
| namespace: dashboard-dev | |
| restart_pods: true | |
| create_subns: false | |
| aws_region: eu-west-2 | |
| role_to_assume: 'arn:aws:iam::308190735829:role/gh-dashboard-dev-deployer' | |
| eks_cluster: rdx-works-main-dev | |
| helm_folder: deploy/helm/dashboard | |
| helmfile_extra_vars: >- | |
| ci.tag=${{ needs.setup-tags.outputs.tag-with-network }} | |
| app_name: 'dashboard' | |
| step_name: 'deploy-dev' | |
| deploy_enkinet: | |
| if: > | |
| ( github.event.inputs.ENVIRONMENT_NAME == 'enkinet' && github.event_name == 'workflow_dispatch' ) | |
| uses: radixdlt/iac-resuable-artifacts/.github/workflows/[email protected] | |
| needs: | |
| - push-dashboard | |
| - push-storybook | |
| - setup-tags | |
| with: | |
| env_name: enkinet | |
| namespace: dashboard-enkinet | |
| restart_pods: true | |
| create_subns: false | |
| aws_region: eu-west-2 | |
| role_to_assume: 'arn:aws:iam::308190735829:role/gh-dashboard-dev-deployer' | |
| eks_cluster: rdx-works-main-dev | |
| helm_folder: deploy/helm/dashboard | |
| helmfile_extra_vars: >- | |
| ci.tag=${{ needs.setup-tags.outputs.tag-with-network }} | |
| github_environment: enkinet | |
| app_name: 'dashboard' | |
| step_name: 'deploy-enkinet' | |
| deploy_hammunet: | |
| if: > | |
| ( github.event.inputs.ENVIRONMENT_NAME == 'hammunet' && github.event_name == 'workflow_dispatch' ) | |
| uses: radixdlt/iac-resuable-artifacts/.github/workflows/[email protected] | |
| needs: | |
| - push-dashboard | |
| - push-storybook | |
| - setup-tags | |
| with: | |
| env_name: hammunet | |
| namespace: dashboard-hammunet | |
| restart_pods: true | |
| create_subns: false | |
| aws_region: eu-west-2 | |
| role_to_assume: 'arn:aws:iam::308190735829:role/gh-dashboard-dev-deployer' | |
| eks_cluster: rdx-works-main-dev | |
| helm_folder: deploy/helm/dashboard | |
| helmfile_extra_vars: >- | |
| ci.tag=${{ needs.setup-tags.outputs.tag-with-network }} | |
| github_environment: hammunet | |
| app_name: 'dashboard' | |
| step_name: 'deploy-hammunet' | |
| deploy_gilganet: | |
| if: > | |
| ( github.event.inputs.ENVIRONMENT_NAME == 'gilganet' && github.event_name == 'workflow_dispatch' ) | |
| uses: radixdlt/iac-resuable-artifacts/.github/workflows/[email protected] | |
| needs: | |
| - push-dashboard | |
| - push-storybook | |
| - setup-tags | |
| with: | |
| env_name: gilganet | |
| namespace: dashboard-gilganet | |
| restart_pods: true | |
| create_subns: false | |
| aws_region: eu-west-2 | |
| role_to_assume: 'arn:aws:iam::308190735829:role/gh-dashboard-dev-deployer' | |
| eks_cluster: rdx-works-main-dev | |
| helm_folder: deploy/helm/dashboard | |
| helmfile_extra_vars: >- | |
| ci.tag=${{ needs.setup-tags.outputs.tag-with-network }} | |
| github_environment: gilganet | |
| app_name: 'dashboard' | |
| step_name: 'deploy-gilganet' | |
| deploy_mardunet: | |
| if: > | |
| ( github.event.inputs.ENVIRONMENT_NAME == 'mardunet' && github.event_name == 'workflow_dispatch' ) | |
| uses: radixdlt/iac-resuable-artifacts/.github/workflows/[email protected] | |
| needs: | |
| - push-dashboard | |
| - push-storybook | |
| - setup-tags | |
| with: | |
| env_name: mardunet | |
| namespace: dashboard-mardunet | |
| restart_pods: true | |
| create_subns: false | |
| aws_region: eu-west-2 | |
| role_to_assume: 'arn:aws:iam::308190735829:role/gh-dashboard-dev-deployer' | |
| eks_cluster: rdx-works-main-dev | |
| helm_folder: deploy/helm/dashboard | |
| helmfile_extra_vars: >- | |
| ci.tag=${{ needs.setup-tags.outputs.tag-with-network }} | |
| github_environment: mardunet | |
| app_name: 'dashboard' | |
| step_name: 'deploy-mardunet' | |
| deploy_stokenet: | |
| if: github.event_name == 'release' && github.event.action == 'prereleased' | |
| uses: radixdlt/iac-resuable-artifacts/.github/workflows/[email protected] | |
| needs: | |
| - push-dashboard | |
| - push-storybook | |
| - setup-tags | |
| with: | |
| env_name: stokenet | |
| namespace: dashboard-stokenet | |
| create_subns: false | |
| restart_pods: false | |
| aws_region: eu-west-2 | |
| role_to_assume: 'arn:aws:iam::821496737932:role/gh-dashboard-stokenet-deployer' | |
| eks_cluster: rtlj-prod | |
| helm_folder: deploy/helm/dashboard | |
| helmfile_extra_vars: >- | |
| ci.tag=${{ needs.setup-tags.outputs.tag-with-network }} | |
| github_environment: stokenet | |
| app_name: 'dashboard' | |
| step_name: 'deploy-stokenet' | |
| deploy_mainnet: | |
| if: github.event_name == 'release' && github.event.action == 'released' | |
| uses: radixdlt/iac-resuable-artifacts/.github/workflows/[email protected] | |
| needs: | |
| - push-dashboard | |
| - push-storybook | |
| - setup-tags | |
| with: | |
| env_name: mainnet | |
| namespace: dashboard-mainnet | |
| create_subns: false | |
| restart_pods: false | |
| aws_region: eu-west-2 | |
| role_to_assume: 'arn:aws:iam::821496737932:role/gh-dashboard-mainnet-deployer' | |
| eks_cluster: rtlj-prod | |
| helm_folder: deploy/helm/dashboard | |
| helmfile_extra_vars: >- | |
| ci.tag=${{ needs.setup-tags.outputs.tag-with-network }} | |
| github_environment: mainnet | |
| app_name: 'dashboard' | |
| step_name: 'deploy-mainnet' | |
| # storybook-tests: | |
| # runs-on: ubuntu-latest | |
| # permissions: | |
| # id-token: write | |
| # pull-requests: read | |
| # contents: read | |
| # if: ( github.ref == 'refs/heads/main' && github.event_name == 'push' ) || github.event.pull_request | |
| # needs: | |
| # - push-dashboard | |
| # - push-storybook | |
| # steps: | |
| # - uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c | |
| # with: | |
| # fetch-depth: 0 | |
| # - name: Use Node.js | |
| # uses: actions/setup-node@8c91899e586c5b171469028077307d293428b516 | |
| # with: | |
| # always-auth: true | |
| # node-version: 20.3.0 | |
| # cache: yarn | |
| # - uses: radixdlt/public-iac-resuable-artifacts/fetch-secrets@main | |
| # with: | |
| # role_name: "arn:aws:iam::308190735829:role/gh-dapps-monorepo-secrets-read-access" | |
| # app_name: "dashboard" | |
| # step_name: "unit-tests" | |
| # secret_prefix: "GH" | |
| # secret_name: "arn:aws:secretsmanager:eu-west-2:308190735829:secret:github-actions/radixdlt/dapps-monorepo/npm-token-gt8FBI" | |
| # parse_json: true | |
| # - uses: ./.github/actions/build | |
| # with: | |
| # npm_token: ${{ env.GH_NPM_TOKEN }} | |
| # - name: Integration tests (PR) | |
| # if: github.event.pull_request | |
| # run: | | |
| # # Due to a limitation on Github Action we cannot depend on jobs that might be skipped, because this | |
| # # job will also be skipped. | |
| # # | |
| # echo "Waiting for the Kubernetes deployments to complete" | |
| # sleep 90 | |
| # echo "Running storybook tests against PR environment" | |
| # export TARGET_URL="https://dashboard-storybook-pr-${{ github.event.number }}.rdx-works-main.extratools.works" | |
| # yarn test:storybook | |
| # - name: Integration tests (Hammunet) | |
| # if: github.ref == 'refs/heads/main' && github.event_name == 'push' | |
| # run: | | |
| # # Due to a limitation on Github Action we cannot depend on jobs that might be skipped, because this | |
| # # job will also be skipped. | |
| # # | |
| # echo "Waiting for the Kubernetes deployments to complete" | |
| # sleep 90 | |
| # echo "Running storybook tests against hammunet" | |
| # export TARGET_URL="https://hammunet-dashboard-storybook.rdx-works-main.extratools.works" | |
| # yarn test:storybook |