Skip to content

build(deps): lock file maintenance (#527) #461

build(deps): lock file maintenance (#527)

build(deps): lock file maintenance (#527) #461

Workflow file for this run

name: Build images and deploy
on:
push:
branches: [develop, gp4btc-stg, gp4btc-release]
paths-ignore:
- 'devops/**'
workflow_dispatch:
jobs:
cancel-previous:
name: 'Cancel Previous Runs'
runs-on: ubuntu-latest
timeout-minutes: 3
steps:
- uses: styfle/[email protected]
with:
access_token: ${{ github.token }}
unique_id:
runs-on: ubuntu-latest
steps:
- name: Generate unique id
id: unique_id
run: echo "::set-output name=id::$(uuidgen)"
outputs:
unique_id: ${{ steps.unique_id.outputs.id }}
install-build-and-push:
runs-on: ubuntu-latest
needs: [cancel-previous, unique_id]
steps:
- name: Get GHA environment name
id: env_vars
run: |
echo "Running on branch ${{ github.ref }}"
if [ "${{ github.ref }}" = "refs/heads/develop" ]; then
echo "::set-output name=aws_access_key_id::${{ secrets.DEV_AWS_ACCESS_KEY_ID }}"
echo "::set-output name=aws_secret_key::${{ secrets.DEV_AWS_SECRET_ACCESS_KEY }}"
echo "::set-output name=aws_region::${{ secrets.DEV_AWS_REGION }}"
echo "::set-output name=aws_ecr_repository::${{ secrets.DEV_ECR_REPOSITORY }}"
echo "::set-output name=argocd_url::${{ secrets.DEV_ARGOCD_URL }}"
echo "::set-output name=argocd_username::${{ secrets.DEV_ARGOCD_USERNAME }}"
echo "::set-output name=argocd_password::${{ secrets.DEV_ARGOCD_PASS }}"
elif [ "${{ github.ref }}" = "refs/heads/gp4btc-stg" ]; then
echo "::set-output name=aws_access_key_id::${{ secrets.STAGING_AWS_ACCESS_KEY_ID }}"
echo "::set-output name=aws_secret_key::${{ secrets.STAGING_AWS_SECRET_ACCESS_KEY }}"
echo "::set-output name=aws_region::${{ secrets.STAGING_AWS_REGION }}"
echo "::set-output name=aws_ecr_repository::${{ secrets.STAGING_ECR_REPOSITORY }}"
echo "::set-output name=argocd_url::${{ secrets.STAGING_ARGOCD_URL }}"
echo "::set-output name=argocd_username::${{ secrets.STAGING_ARGOCD_USERNAME }}"
echo "::set-output name=argocd_password::${{ secrets.STAGING_ARGOCD_PASS }}"
elif [ "${{ github.ref }}" = "refs/heads/gp4btc-release" ]; then
echo "::set-output name=aws_access_key_id::${{ secrets.PROD_AWS_ACCESS_KEY_ID }}"
echo "::set-output name=aws_secret_key::${{ secrets.PROD_AWS_SECRET_ACCESS_KEY }}"
echo "::set-output name=aws_region::${{ secrets.PROD_AWS_REGION }}"
echo "::set-output name=aws_ecr_repository::${{ secrets.PROD_ECR_REPOSITORY }}"
echo "::set-output name=argocd_url::${{ secrets.PROD_ARGOCD_URL }}"
echo "::set-output name=argocd_username::${{ secrets.PROD_ARGOCD_USERNAME }}"
echo "::set-output name=argocd_password::${{ secrets.PROD_ARGOCD_PASS }}"
else
echo "Branch ${{ github.ref }} is not configured for deployment"
exit 1
fi
- uses: actions/checkout@v3
- name: Setup app dependencies
uses: actions/setup-node@v3
with:
node-version-file: '.nvmrc'
- uses: actions/cache@v3
id: yarn-cache # use this to check for `cache-hit` (`steps.yarn-cache.outputs.cache-hit != 'true'`)
with:
path: |
authorization-server/node_modules
backend-server/node_modules
generate-identity-cli/node_modules
key: ${{ runner.os }}-node_modules-${{ hashFiles('**/yarn.lock') }}
- name: Install dependencies
run: yarn install
- name: Check linting
run: yarn lint
- name: Build project
run: yarn build
- name: Test project
env:
LOG_LEVEL: 'error'
SELF_BASE_URL: http://127.0.0.1:3000
RPC_URL: 'https://volta-rpc-vkn5r5zx4ke71f9hcu0c.energyweb.org/'
CACHE_SERVER_URL: 'https://identitycache-dev.energyweb.org/v1'
CACHE_SERVER_LOGIN_PRVKEY: 'eab5e5ccb983fad7bf7f5cb6b475a7aea95eff0c6523291b0c0ae38b5855459c'
DID_REGISTRY_ADDRESS: '0xc15d5a57a8eb0e1dcbe5d88b8f9a82017e5cc4af'
ENS_REGISTRY_ADDRESS: '0xd7CeF70Ba7efc2035256d828d5287e2D285CD1ac'
ENS_RESOLVER_ADDRESS: '0xcf72f16Ab886776232bea2fcf3689761a0b74EfE'
IPFS_PROTOCOL: https
IPFS_HOST: ipfs.infura.io
IPFS_PORT: 5001
IPFS_PROJECTID: ${{ secrets.IPFS_PROJECTID }}
IPFS_PROJECTSECRET: ${{ secrets.IPFS_PROJECTSECRET }}
REDIS_HOST: 'localhost'
REDIS_PORT: 61379
JWT_SECRET: 'asecret'
JWT_ACCESS_TTL: 60
JWT_REFRESH_TTL: 600
SIWE_NONCE_TTL: 120
FAIL_ON_REDIS_UNAVAILABLE: true
AUTH_COOKIE_ENABLED: true
IDENTITY_TOKEN: ${{ secrets.IDENTITY_TOKEN }}
BLOCKNUM_AUTH_ENABLED: true
ACCEPTED_ROLES: ''
INCLUDE_ALL_ROLES: false
run: yarn test
- name: Get the tag version
id: get_version
run: echo ::set-output name=VERSION::${GITHUB_REF#refs/tags/}
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v1
with:
aws-access-key-id: ${{ steps.env_vars.outputs.aws_access_key_id }}
aws-secret-access-key: ${{ steps.env_vars.outputs.aws_secret_key }}
aws-region: ${{ steps.env_vars.outputs.aws_region }}
- name: Login to Amazon ECR
id: login-ecr
uses: aws-actions/amazon-ecr-login@v1
- name: Build & push docker images (AWS)
env:
BUILD_ID: ${{needs.unique_id.outputs.unique_id}}
ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }}
run: |
docker build --build-arg GIT_SHA=${{ github.sha }} -t $ECR_REGISTRY/${{ steps.env_vars.outputs.aws_ecr_repository }}:$BUILD_ID -f authorization-server/Dockerfile ./authorization-server
docker push $ECR_REGISTRY/${{ steps.env_vars.outputs.aws_ecr_repository }}:$BUILD_ID
docker tag $ECR_REGISTRY/${{ steps.env_vars.outputs.aws_ecr_repository }}:$BUILD_ID $ECR_REGISTRY/${{ steps.env_vars.outputs.aws_ecr_repository }}:latest
docker push $ECR_REGISTRY/${{ steps.env_vars.outputs.aws_ecr_repository }}:latest
- name: Logout of Amazon ECR
if: always()
run: docker logout ${{ steps.login-ecr.outputs.registry }}
- name: ArgoCD login
uses: clowdhaus/argo-cd-action/@v1.12.1
id: argocd_login
with:
command: login ${{ steps.env_vars.outputs.argocd_url }}
options: --insecure --password ${{ steps.env_vars.outputs.argocd_password }} --username ${{ steps.env_vars.outputs.argocd_username }}
- name: ArgoCD overvrite HELM values.yaml
uses: clowdhaus/argo-cd-action/@v1.12.1
id: argocd_image_helm_tag_overwrite
if: ${{ github.ref == 'refs/heads/develop' }}
with:
command: app set did-auth-proxy
options: -p did-auth-proxy-helm.image.tag=${{needs.unique_id.outputs.unique_id}}
- name: ArgoCD overvrite IAM-DID-AUTH-PROXY values.yaml
uses: clowdhaus/argo-cd-action/@v1.12.1
id: argocd_image_helm_tag_overwrite_iam
with:
command: app set iam-did-auth-proxy
options: -p did-auth-proxy-helm.image.tag=${{needs.unique_id.outputs.unique_id}}