This repository has been archived by the owner on Sep 26, 2024. It is now read-only.
Release Production #299
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Release Production | |
| on: | |
| push: | |
| tags: | |
| - 'production*' | |
| paths-ignore: | |
| - '**.md' | |
| env: | |
| GATSBY_CPU_COUNT: 16 | |
| GATSBY_ENV: production | |
| NODE_OPTIONS: '--max_old_space_size=7168' | |
| GATSBY_DATADOG_APPLICATION_ID: ${{ secrets.GATSBY_DATADOG_APPLICATION_ID }} | |
| GATSBY_DATADOG_CLIENT_TOKEN: ${{ secrets.GATSBY_DATADOG_CLIENT_TOKEN }} | |
| GATSBY_MAP_API_KEY: ${{ secrets.GATSBY_MAP_API_KEY }} | |
| GATSBY_GROWTHBOOK_CLIENT_KEY: ${{ secrets.GATSBY_GROWTHBOOK_CLIENT_KEY }} | |
| GATSBY_GROWTHBOOK_DECRYPTION_KEY: ${{ secrets.GATSBY_GROWTHBOOK_DECRYPTION_KEY }} | |
| GATSBY_RUDDERSTACK_STAGING_KEY: ${{ secrets.GATSBY_RUDDERSTACK_STAGING_KEY }} | |
| GATSBY_RUDDERSTACK_PRODUCTION_KEY: ${{ secrets.GATSBY_RUDDERSTACK_PRODUCTION_KEY }} | |
| GATSBY_GOOGLE_TAG_MANAGER_TRACKING_ID: ${{ secrets.GATSBY_GOOGLE_TAG_MANAGER_TRACKING_ID }} | |
| GATSBY_TRUSTPILOT_API_KEY: ${{ secrets.GATSBY_TRUSTPILOT_API_KEY }} | |
| GATSBY_HOTJAR_ID: ${{ secrets.GATSBY_HOTJAR_ID }} | |
| jobs: | |
| release-production: | |
| timeout-minutes: 40 | |
| runs-on: Runner_16cores | |
| environment: production | |
| steps: | |
| - name: Checkout 🛎️ | |
| uses: actions/[email protected] | |
| - name: Setup Node | |
| uses: actions/setup-node@v3 | |
| with: | |
| node-version: '18.x' | |
| cache: 'npm' | |
| - name: Set version env variable | |
| run: echo "GATSBY_DERIV_VERSION=${GITHUB_REF#refs/*/}" >> $GITHUB_ENV | |
| - name: Create npmrc file | |
| shell: bash | |
| run: echo "@deriv-com:registry=https://npm.pkg.github.com" >> .npmrc | |
| - name: Setup install read-only token for deriv-com org | |
| shell: bash | |
| run: echo '//npm.pkg.github.com/:_authToken=${{ secrets.READ_DERIV_COM_ORG_PACKAGES }}' >> .npmrc | |
| - run: npm ci | |
| - run: npm run format | |
| - run: npm run test | |
| - run: npm run build | |
| - name: Remove Storybook | |
| uses: JesseTG/[email protected] | |
| with: | |
| path: public/storybook | |
| - uses: olegtarasov/[email protected] | |
| id: tagName | |
| - run: echo $GIT_TAG_NAME > public/version.txt | |
| # For using same tag for staging and production we need to uncomment these two below lines: | |
| # with: | |
| # tagRegex: "production(.*)" | |
| - name: Deploy to Cloudflare ☁️ | |
| uses: cloudflare/[email protected] | |
| with: | |
| apiToken: ${{ secrets.CLOUDFLARE_API_TOKEN }} | |
| accountId: ${{ secrets.CLOUDFLARE_ACCOUNT_ID }} | |
| command: pages deploy public --project-name=deriv-com-pages --branch=main | |
| - name: Cloudflare production link ✨ | |
| run: echo "New website - http://cf-pages-deriv-com.deriv.com" | |
| - name: upload-artifact | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: production | |
| path: public | |
| retention-days: 5 | |
| - name: Slack Notification 📣 | |
| uses: 8398a7/action-slack@v3 | |
| with: | |
| status: ${{ job.status }} | |
| fields: workflow,repo | |
| if_mention: failure,cancelled | |
| custom_payload: | | |
| { | |
| attachments: [{ | |
| color: '${{ job.status }}' === 'success' ? 'good' : '${{ job.status }}' === 'failure' ? 'danger' : 'warning', | |
| text: `Release for *Deriv.com* with version *$GIT_TAG_NAME*` | |
| }] | |
| } | |
| env: | |
| SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }} | |
| if: always() | |
| build_and_publish_to_docker_k8s: | |
| runs-on: Runner_16cores | |
| environment: production | |
| needs: [release-production] | |
| steps: | |
| - name: Checkout 🛎️ | |
| uses: actions/[email protected] | |
| - name: Setup Node | |
| uses: actions/setup-node@v2 | |
| with: | |
| node-version: '18.x' | |
| - name: Download Artifact | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: production | |
| path: public | |
| - name: Set version env variable | |
| run: echo "GIT_TAG_NAME=$(cat public/version.txt)" >> $GITHUB_ENV | |
| - name: Building docker image 🐳 | |
| run: docker build -t ${{ secrets.DOCKERHUB_ORGANISATION }}/deriv-com:latest -t ${{ secrets.DOCKERHUB_ORGANISATION }}/deriv-com:$GIT_TAG_NAME . | |
| - name: Verify nginx image | |
| run: | | |
| set -e | |
| docker run --rm ${{ secrets.DOCKERHUB_ORGANISATION }}/deriv-com:$GIT_TAG_NAME nginx -t | |
| echo "docker image validated successfully" | |
| - name: Pushing Image to docker hub 🐳 | |
| run: | | |
| echo ${{ secrets.DOCKERHUB_PASSWORD }}| docker login -u ${{ secrets.DOCKERHUB_USERNAME }} --password-stdin | |
| docker push ${{ secrets.DOCKERHUB_ORGANISATION }}/deriv-com:latest | |
| docker push ${{ secrets.DOCKERHUB_ORGANISATION }}/deriv-com:$GIT_TAG_NAME | |
| - name: Deploy 🚀 | |
| id: build_and_push_docker_image | |
| env: | |
| KUBE_SERVER: ${{ secrets.KUBE_SERVER }} | |
| SERVICEACCOUNT_TOKEN: ${{ secrets.SERVICEACCOUNT_TOKEN }} | |
| CA_CRT: ${{ secrets.CA_CRT }} | |
| NAMESPACE: deriv-com-production | |
| DOCKERHUB_ORGANISATION: ${{ secrets.DOCKERHUB_ORGANISATION }} | |
| run: | | |
| git clone https://github.com/binary-com/devops-ci-scripts | |
| cd devops-ci-scripts/k8s-build_tools | |
| echo "${{ env.CA_CRT }}" | base64 --decode > ca.crt | |
| export CA="ca.crt" | |
| ./release.sh deriv-com ${{ github.ref_name }} | |
| - name: Send Slack Notification on Docker Publish and Kubernetes Deployment Failure | |
| uses: 8398a7/action-slack@v3 | |
| with: | |
| status: ${{ job.status }} | |
| fields: workflow,repo | |
| if_mention: failure,cancelled | |
| custom_payload: | | |
| { | |
| attachments: [{ | |
| color: '${{ job.status }}' === 'failure' ? 'danger' : 'warning', | |
| text: `Release for *Deriv.com* with version *$GIT_TAG_NAME* has failed` | |
| }] | |
| } | |
| env: | |
| SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }} | |
| if: failure() |