Skip to content

Omni kit automations clean up (#3720) #3402

Omni kit automations clean up (#3720)

Omni kit automations clean up (#3720) #3402

Workflow file for this run

on:
push:
branches:
- dev
name: Build and deploy to AWS Staging
env:
AWS_REGION: eu-central-1
ENVIRONMENT_TAG: staging
SERVICE_NAME: summer-fi-staging
CLUSTER_NAME: summer-fi-staging
CONFIG_URL: ${{ secrets.CONFIG_URL }}
jobs:
deploy:
name: Build and deploy to AWS Staging
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v3
- name: Setup node
uses: actions/setup-node@v3
with:
node-version: 18.12
- name: Check required secrets
env:
ADROLL_ADV_ID_STAGING: ${{ secrets.ADROLL_ADV_ID_STAGING }}
ADROLL_PIX_ID_STAGING: ${{ secrets.ADROLL_PIX_ID_STAGING }}
AJNA_SUBGRAPH_URL_GOERLI: ${{ secrets.AJNA_SUBGRAPH_URL_GOERLI }}
AJNA_SUBGRAPH_URL_STAGING: ${{ secrets.AJNA_SUBGRAPH_URL_STAGING }}
AJNA_SUBGRAPH_V2_URL_GOERLI: ${{ secrets.AJNA_SUBGRAPH_V2_URL_GOERLI }}
AJNA_SUBGRAPH_V2_URL_STAGING: ${{ secrets.AJNA_SUBGRAPH_V2_URL_STAGING }}
BLOCKNATIVE_API_KEY_STAGING: ${{ secrets.BLOCKNATIVE_API_KEY_STAGING }}
ETHERSCAN_API_KEY: ${{ secrets.ETHERSCAN_API_KEY }}
INFURA_PROJECT_ID_STAGING: ${{ secrets.INFURA_PROJECT_ID_STAGING }}
MAINNET_CACHE_URL_STAGING: ${{ secrets.MAINNET_CACHE_URL_STAGING }}
MIXPANEL_KEY_STAGING: ${{ secrets.MIXPANEL_KEY_STAGING }}
ONE_INCH_API_KEY_STAGING: ${{ secrets.ONE_INCH_API_KEY_STAGING }}
ONE_INCH_API_URL_STAGING: ${{ secrets.ONE_INCH_API_URL_STAGING }}
PRODUCT_HUB_KEY: ${{ secrets.PRODUCT_HUB_KEY }}
REFERRAL_SUBGRAPH_URL_STAGING: ${{ secrets.REFERRAL_SUBGRAPH_URL_STAGING }}
SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }}
run: |
required_secrets=("AJNA_SUBGRAPH_URL_STAGING" "AJNA_SUBGRAPH_URL_GOERLI" "AJNA_SUBGRAPH_V2_URL_STAGING" "AJNA_SUBGRAPH_V2_URL_GOERLI" "MIXPANEL_KEY_STAGING" "ADROLL_ADV_ID_STAGING" "ADROLL_PIX_ID_STAGING" "MAINNET_CACHE_URL_STAGING" "INFURA_PROJECT_ID_STAGING" "ETHERSCAN_API_KEY" "BLOCKNATIVE_API_KEY_STAGING" "SENTRY_AUTH_TOKEN" "PRODUCT_HUB_KEY" "ONE_INCH_API_KEY_STAGING" "ONE_INCH_API_URL_STAGING" "REFERRAL_SUBGRAPH_URL_STAGING")
fail=false
for secret in "${required_secrets[@]}"; do
secret_value=$(printenv $secret)
if [[ -z "$secret_value" ]]; then
echo "::error::Secret $secret is not set"
fail=true
fi
done
if [[ $fail == true ]]; then
echo "::error::One or more secrets are not set. Exiting..."
exit 1
fi
- name: Extract commit hash
id: vars
shell: bash
run: |
echo "::set-output name=sha_short::$(git rev-parse --short HEAD)"
- name: Use modules cache
uses: actions/cache@v3
id: yarn-cache
with:
path: '**/node_modules'
key: ${{ runner.os }}-node-${{ hashFiles('**/yarn.lock') }}
- name: Install packages
if: steps.yarn-cache.outputs.cache-hit != 'true'
run: yarn --no-progress --non-interactive --frozen-lockfile
- name: Run postinstall
if: steps.yarn-cache.outputs.cache-hit == 'true'
run: yarn postinstall
- name: Use next cache
uses: jongwooo/next-cache@v1
- name: Build standalone app
id: build-app
env:
NODE_OPTIONS: '--max_old_space_size=4096'
SHA_TAG: ${{ steps.vars.outputs.sha_short }}
LATEST_TAG: latest
COMMIT_SHA: ${{ steps.vars.outputs.sha_short }}
AJNA_SUBGRAPH_URL: ${{ secrets.AJNA_SUBGRAPH_URL_STAGING }}
AJNA_SUBGRAPH_URL_GOERLI: ${{ secrets.AJNA_SUBGRAPH_URL_GOERLI }}
AJNA_SUBGRAPH_V2_URL: ${{ secrets.AJNA_SUBGRAPH_V2_URL_STAGING }}
AJNA_SUBGRAPH_V2_URL_GOERLI: ${{ secrets.AJNA_SUBGRAPH_V2_URL_GOERLI }}
MIXPANEL_ENV: staging
MIXPANEL_KEY: ${{ secrets.MIXPANEL_KEY_STAGING }}
ADROLL_ADV_ID: ${{ secrets.ADROLL_ADV_ID_STAGING }}
ADROLL_PIX_ID: ${{ secrets.ADROLL_PIX_ID_STAGING }}
MAINNET_CACHE_URL: ${{ secrets.MAINNET_CACHE_URL_STAGING }}
INFURA_PROJECT_ID: ${{ secrets.INFURA_PROJECT_ID_STAGING }}
ETHERSCAN_API_KEY: ${{ secrets.ETHERSCAN_API_KEY }}
BLOCKNATIVE_API_KEY: ${{ secrets.BLOCKNATIVE_API_KEY_STAGING }}
SHOW_BUILD_INFO: 1
NODE_ENV: production
NEXT_PUBLIC_SENTRY_ENV: staging
SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }}
PRODUCT_HUB_KEY: ${{ secrets.PRODUCT_HUB_KEY }}
ONE_INCH_API_KEY: ${{ secrets.ONE_INCH_API_KEY_STAGING }}
ONE_INCH_API_URL: ${{ secrets.ONE_INCH_API_URL_STAGING }}
REFERRAL_SUBGRAPH_URL: ${{ secrets.REFERRAL_SUBGRAPH_URL_STAGING }}
BLOG_POSTS_API_KEY: ${{ secrets.BLOG_POSTS_API_KEY }}
BLOG_POSTS_API_URL: ${{ secrets.BLOG_POSTS_API_URL }}
run: yarn build
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v2
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID_STAGING }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY_STAGING }}
aws-region: ${{ env.AWS_REGION }}
- name: Login to Amazon ECR
id: login-ecr
uses: aws-actions/amazon-ecr-login@v1
- name: Build runner image
id: build-image
env:
SHA_TAG: ${{ steps.vars.outputs.sha_short }}
LATEST_TAG: latest
ECR_REPO_NAME: summer-fi-staging
ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }}
run: |
# Build a docker container and
# push it to ECR so that it can
# be deployed to ECS.
docker build -f Dockerfile.staging \
--cache-from=$ECR_REGISTRY/$ECR_REPO_NAME:$LATEST_TAG \
-t $ECR_REGISTRY/$ECR_REPO_NAME:$SHA_TAG \
-t $ECR_REGISTRY/$ECR_REPO_NAME:$LATEST_TAG \
-t $ECR_REGISTRY/$ECR_REPO_NAME:$ENVIRONMENT_TAG \
.
docker push $ECR_REGISTRY/$ECR_REPO_NAME --all-tags
- name: Update ECS service with latest Docker image
id: service-update
run: |
aws ecs update-service --cluster $CLUSTER_NAME --service ${{ env.SERVICE_NAME }} --force-new-deployment --region $AWS_REGION
- name: Wait for all services to become stable
uses: oryanmoshe/[email protected]
with:
ecs-cluster: ${{ env.CLUSTER_NAME }}
ecs-services: '["${{ env.SERVICE_NAME }}"]'
- name: Invalidate CloudFront
run:
AWS_MAX_ATTEMPTS=10 aws cloudfront create-invalidation --distribution-id
${{secrets.CF_DIST_ID_STAGING }} --paths "/*"