This repository has been archived by the owner on Dec 6, 2024. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 12
122 lines (111 loc) · 5.28 KB
/
manual-api-deploy-prod.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
name: (prod) Manual API deploy prod
on:
workflow_dispatch:
permissions:
id-token: write
contents: read
env:
REGISTRY: "599564732950.dkr.ecr.us-east-2.amazonaws.com"
REPOSITORY: "zksync-remix-plugin"
DEV_CLUSTER: "zksync-remix-plugin-dev-ecs-cluster"
DEV_SERVICE_NAME: "rocket-dev-svc"
PROD_CLUSTER: "zksync-remix-plugin-prod-ecs-cluster"
PROD_SERVICE_NAME: "rocket-prod-svc"
API_SERVICE_URL: "https://zksync-plugin-api.nethermind.io"
ZKSYNC_DEVNET_URL: "https://zksync-devnet.nethermind.io"
WALLETCONNECT_PROJECT_ID: '${{secrets.WALLECTCONNECT_PROJECT_ID_PROD}}'
jobs:
Build:
runs-on: ubuntu-latest
steps:
- name: Clone repository
uses: actions/checkout@v2
with:
fetch-depth: 0
- name: Determine version numbers
id: determine-version
uses: paulhatch/[email protected]
with:
# The prefix to use to identify tags
tag_prefix: "v"
# A string which, if present in a git commit, indicates that a change represents a
# major (breaking) change, supports regular expressions wrapped with '/'
major_pattern: "(MAJOR)"
# A string which indicates the flags used by the `major_pattern` regular expression. Supported flags: idgs
major_regexp_flags: ""
# Same as above except indicating a minor change, supports regular expressions wrapped with '/'
minor_pattern: "(MINOR)"
# A string which indicates the flags used by the `minor_pattern` regular expression. Supported flags: idgs
minor_regexp_flags: ""
# A string to determine the format of the version output
version_format: "${major}.${minor}.${patch}-${increment}"
# If this is set to true, *every* commit will be treated as a new version.
bump_each_commit: false
# If bump_each_commit is also set to true, setting this value will cause the version to increment only if the pattern specified is matched.
bump_each_commit_patch_pattern: ""
# If true, the body of commits will also be searched for major/minor patterns to determine the version type.
search_commit_body: false
# The output method used to generate list of users, 'csv' or 'json'.
user_format_type: "csv"
# Prevents pre-v1.0.0 version from automatically incrementing the major version.
# If enabled, when the major version is 0, major releases will be treated as minor and minor as patch. Note that the version_type output is unchanged.
enable_prerelease_mode: true
# If enabled, diagnostic information will be added to the action output.
debug: false
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v1
with:
aws-region: us-east-2
role-to-assume: arn:aws:iam::599564732950:role/Aws-GH-Action-Assume-Role-ZKSync
role-session-name: GHZKSync
- name: Login to Amazon ECR
id: login-ecr
uses: aws-actions/amazon-ecr-login@v1
with:
mask-password: 'true'
- name: Build, tag, and push docker image to Amazon ECR
env:
REGISTRY: ${{ steps.login-ecr.outputs.registry }}
REPOSITORY: ${{ env.REPOSITORY }}
IMAGE_TAG: ${{ steps.determine-version.outputs.version }} # ${{ github.run_number }}
run: |
docker build -t $REGISTRY/$REPOSITORY:apiserver-$IMAGE_TAG -f ./DockerfileRocket .
docker push $REGISTRY/$REPOSITORY:apiserver-$IMAGE_TAG
outputs:
image-version: ${{ steps.determine-version.outputs.version }}
Deploy_Prod:
runs-on: ubuntu-latest
needs: Build
steps:
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v1
with:
aws-region: us-east-2
role-to-assume: arn:aws:iam::228016254426:role/Aws-GH-Action-Assume-Role-ZKSync-Production
role-session-name: GHZKSync
- name: Download task definition
run: |
aws ecs describe-task-definition --task-definition zksync-remix-prod-rocket --query taskDefinition > task-definition.json
- name: Fill in the new image ID in the Amazon ECS task definition
id: task-def
uses: aws-actions/amazon-ecs-render-task-definition@v1
with:
task-definition: task-definition.json
container-name: "rocket"
image: ${{ env.REGISTRY }}/${{ env.REPOSITORY }}:apiserver-${{ needs.Build.outputs.image-version }} #${{ github.run_number }}
# inject the expected React package URL for CORS logic
environment-variables: |
RUST_LOG=INFO
SERVICE_VERSION=v${{ needs.Build.outputs.image-version }}
VITE_URL=https://zksync-plugin.nethermind.io
PROMTAIL_USERNAME=${{secrets.PROMTAIL_USERNAME}}
PROMETHEUS_USERNAME=${{secrets.PROMETHEUS_USERNAME}}
PROMETHEUS_PASSWORD=${{secrets.PROMETHEUS_PASSWORD}}
ENVIRONMENT=prod
- name: Deploy Amazon ECS task definition
uses: aws-actions/amazon-ecs-deploy-task-definition@v1
with:
task-definition: ${{ steps.task-def.outputs.task-definition }}
service: ${{ env.PROD_SERVICE_NAME }}
cluster: ${{ env.PROD_CLUSTER }}
wait-for-service-stability: true