This repository has been archived by the owner on Dec 6, 2024. It is now read-only.
(prod) Manual API deploy prod #28
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: (prod) Manual API deploy prod | |
on: | |
workflow_dispatch: | |
permissions: | |
id-token: write | |
contents: read | |
env: | |
REGISTRY: "599564732950.dkr.ecr.us-east-2.amazonaws.com" | |
REPOSITORY: "zksync-remix-plugin" | |
DEV_CLUSTER: "zksync-remix-plugin-ecs-cluster" | |
DEV_SERVICE_NAME: "rocket-development-svc" | |
PROD_CLUSTER: "zksync-remix-plugin-production-ecs-cluster" | |
PROD_SERVICE_NAME: "rocket-production-svc" | |
API_SERVICE_URL: "https://zksync-plugin-api.nethermind.io" | |
ZKSYNC_DEVNET_URL: "https://zksync-devnet.nethermind.io" | |
WALLETCONNECT_PROJECT_ID: '${{secrets.WALLECTCONNECT_PROJECT_ID_PROD}}' | |
jobs: | |
Build: | |
runs-on: ubuntu-latest | |
steps: | |
- name: Clone repository | |
uses: actions/checkout@v2 | |
with: | |
fetch-depth: 0 | |
- name: Determine version numbers | |
id: determine-version | |
uses: paulhatch/[email protected] | |
with: | |
# The prefix to use to identify tags | |
tag_prefix: "v" | |
# A string which, if present in a git commit, indicates that a change represents a | |
# major (breaking) change, supports regular expressions wrapped with '/' | |
major_pattern: "(MAJOR)" | |
# A string which indicates the flags used by the `major_pattern` regular expression. Supported flags: idgs | |
major_regexp_flags: "" | |
# Same as above except indicating a minor change, supports regular expressions wrapped with '/' | |
minor_pattern: "(MINOR)" | |
# A string which indicates the flags used by the `minor_pattern` regular expression. Supported flags: idgs | |
minor_regexp_flags: "" | |
# A string to determine the format of the version output | |
version_format: "${major}.${minor}.${patch}-${increment}" | |
# If this is set to true, *every* commit will be treated as a new version. | |
bump_each_commit: false | |
# If bump_each_commit is also set to true, setting this value will cause the version to increment only if the pattern specified is matched. | |
bump_each_commit_patch_pattern: "" | |
# If true, the body of commits will also be searched for major/minor patterns to determine the version type. | |
search_commit_body: false | |
# The output method used to generate list of users, 'csv' or 'json'. | |
user_format_type: "csv" | |
# Prevents pre-v1.0.0 version from automatically incrementing the major version. | |
# If enabled, when the major version is 0, major releases will be treated as minor and minor as patch. Note that the version_type output is unchanged. | |
enable_prerelease_mode: true | |
# If enabled, diagnostic information will be added to the action output. | |
debug: false | |
- name: Configure AWS credentials | |
uses: aws-actions/configure-aws-credentials@v1 | |
with: | |
aws-region: us-east-2 | |
role-to-assume: arn:aws:iam::599564732950:role/Aws-GH-Action-Assume-Role-ZKSync | |
role-session-name: GHZKSync | |
- name: Login to Amazon ECR | |
id: login-ecr | |
uses: aws-actions/amazon-ecr-login@v1 | |
with: | |
mask-password: 'true' | |
- name: Build, tag, and push docker image to Amazon ECR | |
env: | |
REGISTRY: ${{ steps.login-ecr.outputs.registry }} | |
REPOSITORY: ${{ env.REPOSITORY }} | |
IMAGE_TAG: ${{ steps.determine-version.outputs.version }} # ${{ github.run_number }} | |
run: | | |
docker build -t $REGISTRY/$REPOSITORY:apiserver-$IMAGE_TAG -f ./DockerfileRocket . | |
docker push $REGISTRY/$REPOSITORY:apiserver-$IMAGE_TAG | |
outputs: | |
image-version: ${{ steps.determine-version.outputs.version }} | |
Deploy_Prod: | |
runs-on: ubuntu-latest | |
needs: Build | |
steps: | |
- name: Configure AWS credentials | |
uses: aws-actions/configure-aws-credentials@v1 | |
with: | |
aws-region: us-east-2 | |
role-to-assume: arn:aws:iam::228016254426:role/Aws-GH-Action-Assume-Role-ZKSync-Production | |
role-session-name: GHZKSync | |
- name: Download task definition | |
run: | | |
aws ecs describe-task-definition --task-definition zksync-remix-production-rocket --query taskDefinition > task-definition.json | |
- name: Fill in the new image ID in the Amazon ECS task definition | |
id: task-def | |
uses: aws-actions/amazon-ecs-render-task-definition@v1 | |
with: | |
task-definition: task-definition.json | |
container-name: "rocket" | |
image: ${{ env.REGISTRY }}/${{ env.REPOSITORY }}:apiserver-${{ needs.Build.outputs.image-version }} #${{ github.run_number }} | |
# inject the expected React package URL for CORS logic | |
environment-variables: | | |
RUST_LOG=INFO | |
SERVICE_VERSION=v${{ needs.Build.outputs.image-version }} | |
VITE_URL=https://zksync-plugin.nethermind.io | |
PROMTAIL_USERNAME=${{secrets.PROMTAIL_USERNAME}} | |
PROMTAIL_PASSWORD=${{secrets.PROMTAIL_PASSWORD}} | |
- name: Deploy Amazon ECS task definition | |
uses: aws-actions/amazon-ecs-deploy-task-definition@v1 | |
with: | |
task-definition: ${{ steps.task-def.outputs.task-definition }} | |
service: ${{ env.PROD_SERVICE_NAME }} | |
cluster: ${{ env.PROD_CLUSTER }} | |
wait-for-service-stability: true |