Skip to content

Commit

Permalink
chore: gcp
Browse files Browse the repository at this point in the history
  • Loading branch information
@incubator4
incubator4 committed Apr 9, 2024
1 parent e743987 commit 2d32e43
Show file tree
Hide file tree
Showing 15 changed files with 135 additions and 166 deletions.
123 changes: 37 additions & 86 deletions .github/workflows/docker-build-push.yml
View file
Original file line number Diff line number Diff line change
@@ -1,95 +1,46 @@
name: Docker Build

name: Build and Deploy
on:
push:
branches:
- "master"
- master
tags:
- "v*.*.*"

env:
IMAGE_NAME: flosspicks/bridge
REGION_ID: us-east-1
DEV_ACK_CLUSTER_ID: cd1d0ffc40b5242b39ddda1864e71e30d
PROD_ACK_CLUSTER_ID: cfc647c22fd6848b5a602ad4d7470632b

- v*
jobs:
build:
runs-on: ubuntu-latest
outputs:
version: ${{ steps.meta.outputs.version }}
steps:
- name: Checkout
uses: actions/checkout@v2
- name: docker meta
id: meta
uses: docker/metadata-action@v3
with:
images: ${{ env.IMAGE_NAME }}
tags: |
type=sha
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v1
- name: Login to DockerHub
if: github.event_name != 'pull_request'
uses: docker/login-action@v1
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: Build and push
uses: docker/build-push-action@v2
with:
context: .
file: Dockerfile
push: ${{ github.event_name != 'pull_request' }}
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}

uses: NaturalSelectionLabs/Daedalus/.github/workflows/docker-tpl.yaml@main
with:
images: flosspicks/bridge
context: .
dockerfile: ./Dockerfile
secrets:
DOCKERHUB_USERNAME: ${{ secrets.DOCKERHUB_USERNAME }}
DOCKERHUB_TOKEN: ${{ secrets.DOCKERHUB_TOKEN }}
deploy-dev:
runs-on: ubuntu-latest
needs: [build]
steps:
- name: Checkout
uses: actions/checkout@v2
- name: Set K8s context
uses: aliyun/ack-set-context@v1
with:
access-key-id: "${{ secrets.ACCESS_KEY_ID }}"
access-key-secret: "${{ secrets.ACCESS_KEY_SECRET }}"
cluster-id: "${{ env.DEV_ACK_CLUSTER_ID }}"
- name: Install Tools
run: |
wget https://github.com/mikefarah/yq/releases/download/v4.25.1/yq_linux_amd64.tar.gz -O - | tar xz && mv yq_linux_amd64 /usr/local/bin/yq
curl -LO https://storage.googleapis.com/kubernetes-release/release/v1.22.10/bin/linux/amd64/kubectl && chmod +x kubectl && mv kubectl /usr/local/bin/kubectl
- uses: sljeff/secrets2env@main
with:
secrets-json: ${{ toJson(secrets) }}
- env:
IMAGE_TAG_RELEASE: ${{ env.IMAGE_NAME }}:${{ needs.build.outputs.version }}
run: |
sh apply.sh deploy/dev/*
uses: NaturalSelectionLabs/Daedalus/.github/workflows/deploy-v3-tpl.yaml@main
needs:
- build
with:
images: flosspicks/bridge
tag: sha-${{ github.sha }}
cluster: dev
namespace: crossbell
releaseName: bridge
revision: dev
dir: deploy/dev
secrets:
ARGOCD_TOKEN: ${{ secrets.ARGOCD_TOKEN }}
deploy-prod:
if: startsWith(github.ref, 'refs/tags/v')
runs-on: ubuntu-latest
needs: [build, deploy-dev]
steps:
- name: Checkout
uses: actions/checkout@v2
- name: Set K8s context
uses: aliyun/ack-set-context@v1
with:
access-key-id: "${{ secrets.ACCESS_KEY_ID }}"
access-key-secret: "${{ secrets.ACCESS_KEY_SECRET }}"
cluster-id: "${{ env.PROD_ACK_CLUSTER_ID }}"
- name: Install Tools
run: |
wget https://github.com/mikefarah/yq/releases/download/v4.25.1/yq_linux_amd64.tar.gz -O - | tar xz && mv yq_linux_amd64 /usr/local/bin/yq
curl -LO https://storage.googleapis.com/kubernetes-release/release/v1.22.10/bin/linux/amd64/kubectl && chmod +x kubectl && mv kubectl /usr/local/bin/kubectl
- uses: sljeff/secrets2env@main
with:
secrets-json: ${{ toJson(secrets) }}
- env:
IMAGE_TAG_RELEASE: ${{ env.IMAGE_NAME }}:${{ needs.build.outputs.version }}
run: |
sh apply.sh deploy/prod/*
uses: NaturalSelectionLabs/Daedalus/.github/workflows/deploy-v3-tpl.yaml@main
needs:
- build
with:
images: flosspicks/bridge
tag: sha-${{ github.sha }}
cluster: prod
namespace: crossbell
releaseName: bridge
revision: main
dir: deploy/prod
secrets:
ARGOCD_TOKEN: ${{ secrets.ARGOCD_TOKEN }}
14 changes: 7 additions & 7 deletions deploy/dev/deploy-validator-01.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,13 +17,13 @@ spec:
app: bridge
tier: validator
annotations:
vault.hashicorp.com/agent-inject: 'true'
vault.hashicorp.com/agent-inject: "true"
vault.hashicorp.com/agent-inject-secret-keystore: kv/bridge
vault.hashicorp.com/role: 'read-bridge'
vault.hashicorp.com/role: "bridge"
spec:
serviceAccountName: read-bridge
serviceAccountName: bridge
containers:
- image: $IMAGE_TAG_RELEASE
- image: flosspicks/bridge
imagePullPolicy: Always
name: bridge-validator-01
env:
Expand All @@ -48,9 +48,9 @@ spec:
name: bridge-validator
readOnly: true
volumes:
- name: bridge-validator
secret:
secretName: bridge-validator
- name: bridge-validator
secret:
secretName: bridge-validator
dnsPolicy: ClusterFirst
restartPolicy: Always
schedulerName: default-scheduler
Expand Down
14 changes: 7 additions & 7 deletions deploy/dev/deploy-validator-02.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,13 +17,13 @@ spec:
app: bridge
tier: validator
annotations:
vault.hashicorp.com/agent-inject: 'true'
vault.hashicorp.com/agent-inject: "true"
vault.hashicorp.com/agent-inject-secret-keystore: kv/bridge
vault.hashicorp.com/role: 'read-bridge'
vault.hashicorp.com/role: "bridge"
spec:
serviceAccountName: read-bridge
serviceAccountName: bridge
containers:
- image: $IMAGE_TAG_RELEASE
- image: flosspicks/bridge
imagePullPolicy: Always
name: bridge-validator-02
env:
Expand All @@ -48,9 +48,9 @@ spec:
name: bridge-validator
readOnly: true
volumes:
- name: bridge-validator
secret:
secretName: bridge-validator
- name: bridge-validator
secret:
secretName: bridge-validator
dnsPolicy: ClusterFirst
restartPolicy: Always
schedulerName: default-scheduler
Expand Down
8 changes: 4 additions & 4 deletions deploy/dev/deploy.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,7 @@ spec:
tier: indexer
spec:
containers:
- image: $IMAGE_TAG_RELEASE
- image: flosspicks/bridge
imagePullPolicy: Always
name: bridge-indexer
env:
Expand Down Expand Up @@ -49,9 +49,9 @@ spec:
name: bridge-indexer
readOnly: true
volumes:
- name: bridge-indexer
secret:
secretName: bridge-indexer
- name: bridge-indexer
secret:
secretName: bridge-indexer
dnsPolicy: ClusterFirst
restartPolicy: Always
schedulerName: default-scheduler
Expand Down
9 changes: 9 additions & 0 deletions deploy/dev/kustomization.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,9 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- deploy-validator-01.yaml
- deploy-validator-02.yaml
- deploy.yaml
- sa.yaml
- secrets.yaml
- validator_secrets.yaml
2 changes: 1 addition & 1 deletion deploy/dev/sa.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
apiVersion: v1
kind: ServiceAccount
metadata:
name: read-bridge
name: bridge
namespace: crossbell
18 changes: 9 additions & 9 deletions deploy/dev/secrets.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,8 +5,8 @@ stringData:
"listeners": {
"Crossbell": {
"chainId": "0xAA36A7",
"rpcUrl": "$RPC_CSB_DEV",
"slackUrl": "$CSB_SLACK_URL",
"rpcUrl": "<RPC_CSB>",
"slackUrl": "<CSB_SLACK_URL>",
"domainSeparators": {
"5": "",
"80001": "",
Expand Down Expand Up @@ -102,8 +102,8 @@ stringData:
"Ethereum": {
"disabled": false,
"chainId": "0x5",
"rpcUrl": "$RPC_ETH_DEV",
"slackUrl": "$CSB_SLACK_URL",
"rpcUrl": "<RPC_ETH>",
"slackUrl": "<CSB_SLACK_URL>",
"blockTime": 10,
"safeBlockRange": 6,
"preventOmissionRange": 0,
Expand Down Expand Up @@ -154,8 +154,8 @@ stringData:
"Polygon": {
"disabled": false,
"chainId": "0x13881",
"rpcUrl": "$RPC_POLYGON_DEV",
"slackUrl": "$CSB_SLACK_URL",
"rpcUrl": "<RPC_POLYGON>",
"slackUrl": "<CSB_SLACK_URL>",
"blockTime": 4,
"safeBlockRange": 8,
"preventOmissionRange": 0,
Expand Down Expand Up @@ -205,9 +205,9 @@ stringData:
}
},
"database": {
"host": "$DB_HOST_DEV",
"user": "$DB_USER_DEV",
"password": "$DB_PASS_DEV",
"host": "<DB_HOST>",
"user": "<DB_USER>",
"password": "<DB_PASS>",
"dbName": "relayer",
"port": 5432,
"maxOpenConns": 50
Expand Down
28 changes: 14 additions & 14 deletions deploy/dev/validator_secrets.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@ stringData:
"listeners": {
"Crossbell": {
"chainId": "0xAA36A7",
"rpcUrl": "$RPC_CSB_DEV",
"rpcUrl": "<RPC_CSB>",
"domainSeparators": {
"5": "0xf1188e940b30a4779b7b68d9fcfcf5f83071392de7f36aeb423a3f78c2671e6c",
"80001": "0xd9de32e281647f6a96f9eb6bb62f2f5f02aa70c8f30ff4610864617c58508a85",
Expand All @@ -22,7 +22,7 @@ stringData:
"validator": {
"keystoreConfig": {
"keystorePath": "/opt/keystore/keystoreValidator01",
"password": "$KEY_OF_0XBCD3A0F90C0DF85EF175934F5879CCD920866D54"
"password": "<KEY_OF_0XBCD3A0F90C0DF85EF175934F5879CCD920866D54>"
}
}
},
Expand All @@ -47,7 +47,7 @@ stringData:
"Ethereum": {
"disabled": false,
"chainId": "0x5",
"rpcUrl": "$RPC_ETH_DEV",
"rpcUrl": "<RPC_ETH>",
"blockTime": 10,
"safeBlockRange": 6,
"preventOmissionRange": 0,
Expand Down Expand Up @@ -78,7 +78,7 @@ stringData:
"Polygon": {
"disabled": false,
"chainId": "0x13881",
"rpcUrl": "$RPC_POLYGON_DEV",
"rpcUrl": "<RPC_POLYGON>",
"blockTime": 4,
"safeBlockRange": 8,
"preventOmissionRange": 0,
Expand Down Expand Up @@ -108,9 +108,9 @@ stringData:
}
},
"database": {
"host": "$DB_HOST_DEV",
"user": "$DB_USER_DEV",
"password": "$DB_PASS_DEV",
"host": "<DB_HOST>",
"user": "<DB_USER>",
"password": "<DB_PASS>",
"dbName": "validator1",
"port": 5432,
"maxOpenConns": 50
Expand All @@ -121,7 +121,7 @@ stringData:
"listeners": {
"Crossbell": {
"chainId": "0xAA36A7",
"rpcUrl": "$RPC_CSB_DEV",
"rpcUrl": "<RPC_CSB>",
"domainSeparators": {
"5": "0xf1188e940b30a4779b7b68d9fcfcf5f83071392de7f36aeb423a3f78c2671e6c",
"80001": "0xd9de32e281647f6a96f9eb6bb62f2f5f02aa70c8f30ff4610864617c58508a85",
Expand All @@ -138,7 +138,7 @@ stringData:
"validator": {
"keystoreConfig": {
"keystorePath": "/opt/keystore/keystoreValidator02",
"password": "$KEY_OF_0X68FCDBFF9A2DBD78B6D06057DF6DCBF6C894D17F"
"password": "<KEY_OF_0X68FCDBFF9A2DBD78B6D06057DF6DCBF6C894D17F>"
}
}
},
Expand All @@ -163,7 +163,7 @@ stringData:
"Ethereum": {
"disabled": false,
"chainId": "0x5",
"rpcUrl": "$RPC_ETH_DEV",
"rpcUrl": "<RPC_ETH>",
"blockTime": 10,
"safeBlockRange": 6,
"preventOmissionRange": 0,
Expand Down Expand Up @@ -194,7 +194,7 @@ stringData:
"Polygon": {
"disabled": false,
"chainId": "0x13881",
"rpcUrl": "$RPC_POLYGON_DEV",
"rpcUrl": "<RPC_POLYGON>",
"blockTime": 4,
"safeBlockRange": 8,
"preventOmissionRange": 0,
Expand Down Expand Up @@ -224,9 +224,9 @@ stringData:
}
},
"database": {
"host": "$DB_HOST_DEV",
"user": "$DB_USER_DEV",
"password": "$DB_PASS_DEV",
"host": "<DB_HOST>",
"user": "<DB_USER>",
"password": "<DB_PASS>",
"dbName": "validator2",
"port": 5432,
"maxOpenConns": 50
Expand Down
Loading

0 comments on commit 2d32e43

Please sign in to comment.