feat(envited.ascs.digital): Error handling asset verification (#398) #474
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: SST staging deployment workflow | |
on: | |
push: | |
branches: | |
- develop | |
workflow_dispatch: | |
# Concurrency group name ensures concurrent workflow runs wait for any in-progress job to finish | |
concurrency: | |
group: merge-${{ github.ref }} | |
permissions: | |
id-token: write # This is required for requesting the JWT | |
contents: read # This is required for actions/checkout | |
jobs: | |
DeployApp: | |
runs-on: ubuntu-latest | |
environment: staging | |
env: | |
ENV: ${{ vars.ENV }} | |
NEXT_PUBLIC_ENV: ${{ vars.NEXT_PUBLIC_ENV }} | |
NEXT_PUBLIC_URL: ${{ vars.NEXT_PUBLIC_URL }} | |
NEXT_PUBLIC_ASSET_BUCKET_NAME: ${{ vars.NEXT_PUBLIC_ASSET_BUCKET_NAME }} | |
NEXT_PUBLIC_IPFS_BUCKET_NAME: ${{ vars.NEXT_PUBLIC_IPFS_BUCKET_NAME }} | |
NEXT_PUBLIC_METADATA_BUCKET_NAME: ${{ vars.NEXT_PUBLIC_METADATA_BUCKET_NAME }} | |
NEXT_PUBLIC_UPLOAD_BUCKET_NAME: ${{ vars.NEXT_PUBLIC_UPLOAD_BUCKET_NAME }} | |
NEXTAUTH_URL: ${{ vars.NEXTAUTH_URL }} | |
NEXTAUTH_SECRET: ${{ secrets.NEXTAUTH_SECRET }} | |
RDS_DB_NAME: ${{ vars.RDS_DB_NAME }} | |
RDS_RESOURCE_ARN: ${{ vars.RDS_RESOURCE_ARN }} | |
OIDC_CLIENT_ID: ${{ vars.OIDC_CLIENT_ID }} | |
OIDC_CLIENT_SECRET: ${{ secrets.OIDC_CLIENT_SECRET }} | |
ISSUER_URL: ${{ vars.ISSUER_URL }} | |
AUTHORIZATION_URL: ${{ vars.AUTHORIZATION_URL }} | |
TOKEN_URL: ${{ vars.TOKEN_URL }} | |
JWKS_ENDPOINT: ${{ vars.JWKS_ENDPOINT }} | |
OIDC_SERVER_URL: ${{ vars.OIDC_SERVER_URL }} | |
TRUST_ANCHOR_DID: ${{ vars.TRUST_ANCHOR_DID }} | |
PINATA_API_KEY: ${{ vars.PINATA_API_KEY }} | |
PINATA_SECRET: ${{ secrets.PINATA_SECRET }} | |
PINATA_JWT: ${{ vars.PINATA_JWT }} | |
PINATA_GATEWAY: ${{ vars.PINATA_GATEWAY }} | |
PINATA_GATEWAY_KEY: ${{ vars.PINATA_GATEWAY_KEY }} | |
ASSETS_CONTRACT: ${{ vars.ASSETS_CONTRACT }} | |
NEXT_PUBLIC_WEB3_RPC_URL: ${{ vars.NEXT_PUBLIC_WEB3_RPC_URL }} | |
steps: | |
- name: Git clone the repository | |
uses: actions/checkout@v3 | |
- name: Configure AWS credentials | |
uses: aws-actions/configure-aws-credentials@v2 | |
with: | |
role-to-assume: arn:aws:iam::597778497612:role/GitHub-Actions | |
role-duration-seconds: 900 | |
aws-region: eu-central-1 | |
- name: Deploy app | |
run: | | |
npm ci --force && npx nx deploy:staging envited.ascs.digital | |
DeployOIDCClient: | |
runs-on: ubuntu-latest | |
environment: staging | |
if: contains(github.ref, 'oidc-client') | |
steps: | |
- name: Git clone the repository | |
uses: actions/checkout@v3 | |
- name: Configure AWS credentials | |
uses: aws-actions/configure-aws-credentials@v2 | |
with: | |
role-to-assume: arn:aws:iam::597778497612:role/GitHub-Actions | |
role-duration-seconds: 900 | |
aws-region: eu-central-1 | |
- name: Deploy OIDC client | |
run: | | |
npm ci --force && npx nx deploy:staging oidc-client.ascs.digital |