Skip to content

Deploy

Deploy #44

Workflow file for this run

# The default GitHub runner image comes with a bunch of software preinstalled.
# Typically this doesn't matter, however with Cargo it appears to interfere,
# hence the `rm -rf ~/.cargo/` steps.
name: Deploy
on:
workflow_run:
workflows: Check
branches: master
types: completed
jobs:
deploy:
name: Deploy
if: github.event.workflow_run.conclusion == 'success'
runs-on: ubuntu-latest
env:
AWS_DEFAULT_REGION: us-west-2
steps:
- uses: actions/checkout@v3
- uses: cachix/install-nix-action@v22
- name: Build
# Docker is preinstalled.
run: nix build .#dockerImage && ./result | docker load
- name: Push
run: |
nix develop .#ops -c \
aws ecr get-login-password | docker login -u AWS --password-stdin "$REPO"
docker tag mercury "$REPO":${{ github.sha }}
docker tag mercury "$REPO":latest
docker push --all-tags "$REPO"
env:
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID_PUSHER }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY_PUSHER }}
REPO: 060568373025.dkr.ecr.us-west-2.amazonaws.com/mercury
- name: Deploy
run: |
# Force a new deployment, implicitly utilising the new image on the
# same `latest` image tag.
nix develop .#ops -c \
aws ecs update-service --no-cli-pager \
--cluster shared-cluster-staging \
--service mercury-service \
--force-new-deployment
nix develop .#ops -c \
aws ecs wait services-stable \
--cluster shared-cluster-staging \
--services mercury-service
env:
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID_DEPLOYER }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY_DEPLOYER }}
# This (emphasis on `--fail-with-body`) acts as a sort of final E2E test.
- name: Notify (Test)
run: |
curl https://mercury.proxy.unsplash.com/api/v1/slack --fail-with-body -X POST \
--oauth2-bearer '${{ secrets.MERCURY_SLACK_TOKEN }}' \
-d channel=playground \
-d title='🚀 Mercury' \
-d desc='A new deployment has succeeded.' \
-d link='${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}'
docs:
name: Publish docs
if: github.event.workflow_run.conclusion == 'success'
runs-on: ubuntu-latest
permissions:
contents: read
id-token: write
pages: write
steps:
- uses: actions/checkout@v3
- run: rm -rf ~/.cargo/
- uses: cachix/install-nix-action@v22
- uses: ./.github/actions/cargo-cache
- run: |
nix develop -c cargo doc --no-deps
rm ./target/doc/.lock
echo '<meta http-equiv="refresh" content="0; url=mercury">' > ./target/doc/index.html
- uses: actions/upload-pages-artifact@v1
with:
path: ./target/doc/
- uses: actions/deploy-pages@v2