-
Notifications
You must be signed in to change notification settings - Fork 0
148 lines (132 loc) · 5.32 KB
/
nameguard-api-lambda-deploy.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
name: NameGuard API - Lambda Deploy
on:
push:
branches:
- main
- staging
paths:
- "packages/nameguard-python/**"
- "apps/api.nameguard.io/**"
- ".github/workflows/nameguard-api-lambda-deploy.yml"
workflow_dispatch:
permissions:
# `id-token: write` is required for the auth to AWS
id-token: write
contents: read
concurrency:
group: ${{ github.workflow }}
# `cancel-in-progress: false` creates a queue for workflow runs, such that
# only one instance of this workflow runs at a time.
cancel-in-progress: false
jobs:
build-image-deploy-serverless:
name: Build and deploy NameGuard API Lambda
runs-on: ubuntu-latest
steps:
- name: Checkout NameKit repo
uses: actions/checkout@v4
- name: Setup pnpm
uses: pnpm/action-setup@v4
- name: Install Node.js
uses: actions/setup-node@v4
with:
node-version-file: .nvmrc
cache: "pnpm"
- name: Install npm dependencies
# We're installing pnpm / node dependencies to make use
# of the Serverless framework when we build and deploy the lambda.
run: pnpm install --frozen-lockfile
- name: Set up QEMU
# This GitHub action runs on x86_64, but we want to build the lambda
# for arm64 for increased cost savings in AWS when we deploy it.
uses: docker/setup-qemu-action@v3
with:
platforms: arm64
- name: Assume AWS Role
# Uses GitHub OIDC provider to assume AWS role
uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: ${{ secrets.AWS_ROLE}}
aws-region: us-east-1
- name: Build and deploy lambda
env:
PROVIDER_URI_MAINNET: ${{ secrets.PROVIDER_URI_MAINNET }}
PROVIDER_URI_SEPOLIA: ${{ secrets.PROVIDER_URI_SEPOLIA }}
ALCHEMY_URI_MAINNET: ${{ secrets.ALCHEMY_URI_MAINNET }}
ALCHEMY_URI_SEPOLIA: ${{ secrets.ALCHEMY_URI_SEPOLIA }}
ENS_SUBGRAPH_URL_MAINNET: ${{ secrets.ENS_SUBGRAPH_URL_MAINNET }}
ENS_SUBGRAPH_URL_SEPOLIA: ${{ secrets.ENS_SUBGRAPH_URL_SEPOLIA }}
run: |
if [[ ${{ github.ref }} == 'refs/heads/main' ]]; then
pnpm run deploy:prod
elif [[ ${{ github.ref }} == 'refs/heads/staging' ]]; then
pnpm run deploy:staging
else
echo "Deployment is only supported for main and staging branches"
exit 1
fi
working-directory: apps/api.nameguard.io
- name: Delete old images from ECR
env:
ECR_REPO: serverless-oss-nameguard-prod
run: |
ALL_IMAGES_TO_DELETE=$(aws ecr describe-images --repository-name $ECR_REPO --query 'sort_by(imageDetails,& imagePushedAt)[*].imageDigest' --filter "tagStatus=UNTAGGED" --output json )
len=`echo $ALL_IMAGES_TO_DELETE | jq length`
IMAGES_TO_DELETE=$(aws ecr describe-images --repository-name $ECR_REPO --query 'sort_by(imageDetails,& imagePushedAt)[*].imageDigest' --filter "tagStatus=UNTAGGED" --output json | jq '.[0]')
if [[ $len > 5 ]]; then aws ecr batch-delete-image --repository-name $ECR_REPO --image-ids imageDigest=$IMAGES_TO_DELETE; fi
working-directory: apps/api.nameguard.io
notify:
name: Send Slack deployment event notification
needs: [build-image-deploy-serverless]
runs-on: ubuntu-latest
steps:
- name: Output status on deployment success
if: ${{ needs.build-image-deploy-serverless.result == 'success'}}
run: |
echo "STATUS=Success :rocket:" >> $GITHUB_ENV
echo "TEXT=Lambda NameGuard deployed successfully! :white_check_mark:" >> $GITHUB_ENV
echo "COLOR=good" >> $GITHUB_ENV
- name: Output status on deployment failed
if: ${{ needs.build-image-deploy-serverless.result == 'failure' }}
run: |
echo "STATUS=Failure :x:" >> $GITHUB_ENV
echo "TEXT=Lambda NameGuard deployment failed! :rotating_light:" >> $GITHUB_ENV
echo "COLOR=danger" >> $GITHUB_ENV
- name: Output status on deployment cancellation
if: ${{ needs.build-image-deploy-serverless.result == 'cancelled' }}
run: |
echo "STATUS=Cancelled :no_entry_sign:" >> $GITHUB_ENV
echo "TEXT=Lambda NameGuard deployment was cancelled. :warning:" >> $GITHUB_ENV
echo "COLOR=warning" >> $GITHUB_ENV
- name: Send deployment status Slack notification
uses: 8398a7/action-slack@v3
with:
status: custom
fields: commit,workflow,repo
custom_payload: |
{
attachments: [{
color: '${{ env.COLOR }}',
title: 'Lambda NameGuard deployment.',
text: '${{ env.TEXT }}',
fields: [
{
title: 'Repository',
value: `${process.env.AS_REPO}`,
short: true
},
{
title: 'Status',
value: '${{ env.STATUS }}',
short: true
},
{
title: 'Workflow',
value: `${process.env.AS_WORKFLOW}`,
short: true
}
]
}]
}
env:
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL}}