-
Notifications
You must be signed in to change notification settings - Fork 9
144 lines (134 loc) · 5.37 KB
/
build-deploy.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
name: build and deploy web app
on:
push:
branches:
- main
- deploy/**
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
jobs:
front_build:
strategy:
matrix:
apps: [prod, deploy]
isMaster:
- ${{ contains(github.ref, 'main') }}
isDeploy:
- ${{ startsWith(github.ref, 'refs/heads/deploy/') }}
exclude:
- isMaster: false
apps: prod
- isMaster: true
apps: deploy
name: Build ${{ matrix.apps }} Docker image
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Base ${{ matrix.apps }}
uses: './.github/actions/common-ci-setup'
with:
username_input: ${{ secrets.DOCKER_USERNAME }}
password_input: ${{ secrets.DOCKER_PASSWORD }}
app_input: ${{ matrix.apps }}
- name: Build production image
if: matrix.apps == 'prod'
uses: docker/build-push-action@v5
with:
context: .
builder: ${{ steps.buildx.outputs.name }}
file: docker/Dockerfile
push: true
build-args: |
GH_GA_ID=G-TP1XEFNHQD
GH_APP_KIND=grill
GH_HCAPTCHA_SITE_KEY=${{ secrets.PROD_HCAPTCHA_SITE_KEY }}
GH_AMP_ID=2eeca0e8a0163c89e3f023c971e426a6
GH_OFFCHAIN_SIGNER_URL=https://signer.subsocial.network
GH_CONNECTION_KIND=main
GH_SELLER_CLIENT_ID=${{ secrets.SELLER_CLIENT_ID }}
GH_SELLER_TOKEN_SIGNER=${{ secrets.SELLER_TOKEN_SIGNER }}
GH_SERVER_MNEMONIC=${{ secrets.SERVER_MNEMONIC }}
GH_NEXT_PUBLIC_DATAHUB_QUERY_URL=https://sub-data-hub.subsocial.network/graphql
GH_NEXT_PUBLIC_DATAHUB_SUBSCRIPTION_URL=wss://sub-data-hub.subsocial.network/graphql-ws
GH_NEXT_PUBLIC_APP_ID=1
GH_DATAHUB_QUEUE_URL=https://sub-queue-data-hub.subsocial.network/graphql
GH_DATAHUB_QUEUE_TOKEN=${{ secrets.DATAHUB_QUEUE_TOKEN }}
# GH_NEXT_PUBLIC_ENABLE_MAINTENANCE_PAGE=true
tags: |
${{ env.image }}
docker.io/dappforce/subsocial-web-app:master-latest
cache-from: type=local,src=/tmp/.buildx-cache
cache-to: type=local,dest=/tmp/.buildx-cache-new
- name: Build feature docker image
if: matrix.apps == 'deploy'
uses: docker/build-push-action@v5
with:
context: .
builder: ${{ steps.buildx.outputs.name }}
file: docker/Dockerfile
push: true
build-args: |
GH_GA_ID=fake
GH_APP_KIND=grill
GH_HCAPTCHA_SITE_KEY=3beeddac-2dce-41cc-8e18-338118426c38
GH_AMP_ID=71bf5a46800fedba5e9a01243b988164
GH_OFFCHAIN_SIGNER_URL=https://signer.subsocial.network
GH_CONNECTION_KIND=dev
GH_SELLER_CLIENT_ID=5DYm3Wk4aa1BbfhH1ajmY6MNEELXoicmKRnP4tzHYjSKnD9K
GH_SELLER_TOKEN_SIGNER=retire strong pole intact cool music high path salt praise stadium spatial
GH_SERVER_MNEMONIC=plunge pumpkin penalty segment cattle more print below fat lemon clap uniform
GH_NEXT_PUBLIC_DATAHUB_QUERY_URL=https://ownership-pallet-data-hub-core.subsocial.network/graphql
GH_NEXT_PUBLIC_DATAHUB_SUBSCRIPTION_URL=wss://ownership-pallet-data-hub-core.subsocial.network/graphql-ws
GH_NEXT_PUBLIC_APP_ID=12364
GH_DATAHUB_QUEUE_URL=https://ownership-pallet-queue-data-hub-core.subsocial.network/graphql
GH_DATAHUB_QUEUE_TOKEN=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhZG1pbiI6dHJ1ZX0.jpXwkIJ4DpV4IvSI3eWVVXE6x89qr_GIq7IlbBv5YE0
# GH_NEXT_PUBLIC_ENABLE_MAINTENANCE_PAGE=true
tags: |
${{ env.image }}
cache-from: type=local,src=/tmp/.buildx-cache
cache-to: type=local,dest=/tmp/.buildx-cache-new
- name: Move cache
run: |
rm -rf /tmp/.buildx-cache
mv /tmp/.buildx-cache-new /tmp/.buildx-cache
front_deploy:
strategy:
matrix:
apps: [prod, deploy]
isMaster:
- ${{ contains(github.ref, 'main') }}
isDeploy:
- ${{ startsWith(github.ref, 'refs/heads/deploy/') }}
exclude:
- isMaster: false
apps: prod
- isMaster: true
apps: deploy
name: deploy ${{ matrix.apps }}
runs-on: ubuntu-latest
needs: front_build
steps:
- name: Checkout
uses: actions/checkout@v4
- name: prod deploy ${{ matrix.apps }}
if: github.ref == 'refs/heads/main'
uses: './.github/actions/common-cd-setup'
with:
token_input: ${{ secrets.DIGITALOCEAN_ACCESS_TOKEN_PROD }}
k8s_input: ${{ secrets.K8S_PROD }}
app_input: ${{ matrix.apps }}
zone_input: ${{ secrets.CF_ZONE }}
mail_input: ${{ secrets.CF_MAIL }}
tokens_input: ${{ secrets.CF_TOKEN }}
- name: stage deploy ${{ matrix.apps }}
if: startsWith(github.ref, 'refs/heads/deploy/')
uses: './.github/actions/common-cd-setup'
with:
token_input: ${{ secrets.DIGITALOCEAN_ACCESS_TOKEN_STAGING }}
k8s_input: ${{ secrets.K8S_STAGING }}
app_input: ${{ matrix.apps }}
zone_input: ${{ secrets.CF_ZONE }}
mail_input: ${{ secrets.CF_MAIL }}
tokens_input: ${{ secrets.CF_TOKEN }}