-
Notifications
You must be signed in to change notification settings - Fork 0
139 lines (124 loc) · 4.61 KB
/
nameguard-api-lambda-deploy.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
name: NameGuard API - Lambda Deploy
on:
push:
branches:
- main
- staging
paths:
- "packages/nameguard-python/**"
- "apps/api.nameguard.io/**"
- ".github/workflows/nameguard-api-lambda-deploy.yml"
workflow_dispatch:
permissions:
# `id-token: write` is required for the auth to AWS
id-token: write
contents: read
concurrency:
group: ${{ github.workflow }}
# `cancel-in-progress: false` creates a queue for workflow runs, such that
# only one instance of this workflow runs at a time.
cancel-in-progress: false
jobs:
build-image-deploy:
name: Build and deploy NameGuard API Lambda
runs-on: ubuntu-latest
steps:
- name: Checkout this repo
uses: actions/checkout@v4
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: ${{ secrets.AWS_ROLE}}
aws-region: ${{ secrets.AWS_REGION }}
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
with:
platforms: arm64
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Setup Terraform
uses: hashicorp/setup-terraform@v2
with:
terraform_version: "1.5.7"
terraform_wrapper: false
- name: Build and deploy lambda
env:
PROVIDER_URI_MAINNET: ${{ secrets.PROVIDER_URI_MAINNET }}
PROVIDER_URI_SEPOLIA: ${{ secrets.PROVIDER_URI_SEPOLIA }}
ALCHEMY_URI_MAINNET: ${{ secrets.ALCHEMY_URI_MAINNET }}
ALCHEMY_URI_SEPOLIA: ${{ secrets.ALCHEMY_URI_SEPOLIA }}
ENS_SUBGRAPH_URL_MAINNET: ${{ secrets.ENS_SUBGRAPH_URL_MAINNET }}
ENS_SUBGRAPH_URL_SEPOLIA: ${{ secrets.ENS_SUBGRAPH_URL_SEPOLIA }}
AWS_REGION: ${{ secrets.AWS_REGION }}
CERTIFICATE_NAME: ${{ secrets.CERTIFICATE_NAME }}
HOSTED_ZONE_NAME: ${{ secrets.HOSTED_ZONE_NAME }}
run: |
if [[ ${{ github.ref }} == 'refs/heads/main' ]]; then
STAGE="prod"
DOMAIN_NAME=${{ secrets.PROD_DOMAIN_NAME }}
elif [[ ${{ github.ref }} == 'refs/heads/staging' ]]; then
STAGE="staging"
DOMAIN_NAME=${{ secrets.STAGING_DOMAIN_NAME }}
else
echo "Deployment is only supported for main and staging branches"
exit 1
fi
cd terraform
chmod +x ./deploy_lambda.sh
./deploy_lambda.sh $STAGE $AWS_REGION $DOMAIN_NAME $CERTIFICATE_NAME $HOSTED_ZONE_NAME
working-directory: apps/api.nameguard.io
notify:
name: Send Slack deployment event notification
needs: [build-image-deploy]
runs-on: ubuntu-latest
steps:
- name: Output status on deployment success
if: ${{ needs.build-image-deploy.result == 'success'}}
run: |
echo "STATUS=Success :rocket:" >> $GITHUB_ENV
echo "TEXT=Lambda NameGuard deployed successfully! :white_check_mark:" >> $GITHUB_ENV
echo "COLOR=good" >> $GITHUB_ENV
- name: Output status on deployment failed
if: ${{ needs.build-image-deploy.result == 'failure' }}
run: |
echo "STATUS=Failure :x:" >> $GITHUB_ENV
echo "TEXT=Lambda NameGuard deployment failed! :rotating_light:" >> $GITHUB_ENV
echo "COLOR=danger" >> $GITHUB_ENV
- name: Output status on deployment cancellation
if: ${{ needs.build-image-deploy.result == 'cancelled' }}
run: |
echo "STATUS=Cancelled :no_entry_sign:" >> $GITHUB_ENV
echo "TEXT=Lambda NameGuard deployment was cancelled. :warning:" >> $GITHUB_ENV
echo "COLOR=warning" >> $GITHUB_ENV
- name: Send deployment status Slack notification
uses: 8398a7/action-slack@v3
with:
status: custom
fields: commit,workflow,repo
custom_payload: |
{
attachments: [{
color: '${{ env.COLOR }}',
title: 'Lambda NameGuard deployment.',
text: '${{ env.TEXT }}',
fields: [
{
title: 'Repository',
value: `${process.env.AS_REPO}`,
short: true
},
{
title: 'Status',
value: '${{ env.STATUS }}',
short: true
},
{
title: 'Workflow',
value: `${process.env.AS_WORKFLOW}`,
short: true
}
]
}]
}
env:
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL}}