-
Notifications
You must be signed in to change notification settings - Fork 9
270 lines (266 loc) · 13.8 KB
/
deploy.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
name: Deploy to Vercel
on:
# Build when there is a PR into main or develop
pull_request:
branches: [main, develop]
# Build when pushing to main or develop (e.g. when the PR is closed)
push:
branches:
- "main"
- "develop"
workflow_dispatch:
# Vercel requires one project for each directory in a monorepo:
# https://vercel.com/blog/monorepos
jobs:
environment_check:
runs-on: ubuntu-latest
outputs:
prod_flag: ${{ steps.production.outputs.prod_flag }}
production: ${{ steps.production.outputs.production_push }}
staging: ${{ steps.staging.outputs.staging_push }}
env:
VERCEL_TEAM_ID: ${{ secrets.VERCEL_TEAM_ID }}
steps:
- name: Check Variables
uses: 0xJem/[email protected]
with:
inputsToCheck: VERCEL_TEAM_ID
failOnMissing: true
- name: Set production flags
id: production
# github.ref_name is the branch/tag name that triggered the workflow run
# therefore, this will only run and trigger a production build on push
# to the main branch, which is the desired outcome
# It WILL NOT run on a PR merge into the main branch, which is deliberate
run: |
if [[ ${{ github.ref_name }} == 'main' ]]; then
echo "This is a production build"
echo "::set-output name=production_push::true"
echo "::set-output name=prod_flag::--prod"
else
echo "This is not a production build"
echo "::set-output name=production_push::false"
fi
- name: Set staging flags
# github.ref_name is the branch/tag name that triggered the workflow run
# therefore, this will only run and trigger a staging build on push
# to the develop branch, which is the desired outcome
# It WILL NOT run on a PR merge into the develop branch, which is deliberate
id: staging
run: |
if [[ ${{ github.ref_name }} == 'develop' ]]; then
echo "This is a staging build"
echo "::set-output name=staging_push::true"
else
echo "This is not a staging build"
echo "::set-output name=staging_push::false"
fi
backend:
runs-on: ubuntu-latest
needs: environment_check
outputs:
preview-url: ${{ steps.backend_deploy.outputs.preview-url }}
env:
ALCHEMY_MAINNET_API_KEY: ${{ secrets.ALCHEMY_MAINNET_API_KEY }}
ALCHEMY_RINKEBY_API_KEY: ${{ secrets.ALCHEMY_RINKEBY_API_KEY }}
COVALENTHQ_API_KEY: ${{ secrets.COVALENTHQ_API_KEY }}
DISCORD_BOT_TOKEN: ${{ secrets.DISCORD_BOT_TOKEN }}
DISCORD_BOT_TOKEN_PROD: ${{ secrets.DISCORD_BOT_TOKEN_PROD }}
DISCORD_ROLE_ID: ${{ secrets.DISCORD_ROLE_ID }}
DISCORD_ROLE_ID_PROD: ${{ secrets.DISCORD_ROLE_ID_PROD }}
DISCORD_SERVER_ID: ${{ secrets.DISCORD_SERVER_ID }}
DISCORD_SERVER_ID_PROD: ${{ secrets.DISCORD_SERVER_ID_PROD }}
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
HASURA_ADMIN_SECRET: ${{ secrets.HASURA_ADMIN_SECRET }}
HASURA_ADMIN_SECRET_PROD: ${{ secrets.HASURA_ADMIN_SECRET_PROD }}
HASURA_ENDPOINT: ${{ secrets.HASURA_ENDPOINT }}
HASURA_ENDPOINT_PROD: ${{ secrets.HASURA_ENDPOINT_PROD }}
JWT_SECRET: ${{ secrets.JWT_SECRET }}
MORALIS_API_KEY: ${{ secrets.MORALIS_API_KEY }}
PROD_FLAG: ${{ needs.environment_check.outputs.prod_flag }}
VERCEL_ORG_ID: ${{ secrets.VERCEL_ORG_ID }}
VERCEL_PROJECT_ID: ${{ secrets.VERCEL_BACKEND_PROJECT_ID }}
VERCEL_TOKEN: ${{ secrets.VERCEL_TOKEN }}
steps:
- name: Check Variables
uses: 0xJem/[email protected]
with:
inputsToCheck: ALCHEMY_MAINNET_API_KEY,ALCHEMY_RINKEBY_API_KEY,COVALENTHQ_API_KEY,DISCORD_BOT_TOKEN,DISCORD_BOT_TOKEN_PROD,DISCORD_ROLE_ID,DISCORD_ROLE_ID_PROD,DISCORD_SERVER_ID,DISCORD_SERVER_ID_PROD,GITHUB_TOKEN,HASURA_ADMIN_SECRET,HASURA_ADMIN_SECRET_PROD,HASURA_ENDPOINT,HASURA_ENDPOINT_PROD,JWT_SECRET,MORALIS_API_KEY,VERCEL_ORG_ID,VERCEL_PROJECT_ID,VERCEL_TOKEN
failOnMissing: true
- name: Set Scope
run: |
echo "SCOPE_FLAG=--scope ${{ secrets.VERCEL_TEAM_ID }}" >> $GITHUB_ENV
- uses: actions/checkout@v2
- name: Setup node
uses: actions/setup-node@v2
with:
node-version-file: "backend/.nvmrc"
# Certain environment variables need different values in production
# We don't use GitHub Actions' environments, because those secrets are only available
# when a job states the environment that it belongs to. It would result in a lot of
# duplicated code.
- name: Set production environment variables
run: |
if [[ ${{ needs.environment_check.outputs.production }} == true ]]; then
echo "DISCORD_BOT_TOKEN=${{ env.DISCORD_BOT_TOKEN_PROD }}" >> $GITHUB_ENV
echo "DISCORD_ROLE_ID=${{ env.DISCORD_ROLE_ID_PROD }}" >> $GITHUB_ENV
echo "DISCORD_SERVER_ID=${{ env.DISCORD_SERVER_ID_PROD }}" >> $GITHUB_ENV
echo "HASURA_ADMIN_SECRET=${{ env.HASURA_ADMIN_SECRET_PROD }}" >> $GITHUB_ENV
echo "HASURA_ENDPOINT=${{ env.HASURA_ENDPOINT_PROD }}" >> $GITHUB_ENV
fi
# We build the source so that typechain is compiled. The Vercel deployment fails if this compilation is done on their servers.
- name: Build
run: cd backend && yarn install --frozen-lockfile && yarn run build
- uses: amondnet/vercel-action@v20
id: backend_deploy
with:
vercel-token: ${{ secrets.VERCEL_TOKEN }}
github-token: ${{ secrets.GITHUB_TOKEN }}
vercel-org-id: ${{ secrets.VERCEL_ORG_ID }}
vercel-project-id: ${{ secrets.VERCEL_PROJECT_ID }}
working-directory: ./backend
vercel-args: --env JWT_SECRET=${{ env.JWT_SECRET }} --env DISCORD_BOT_TOKEN=${{ env.DISCORD_BOT_TOKEN }} --env DISCORD_SERVER_ID=${{ env.DISCORD_SERVER_ID }} --env DISCORD_ROLE_ID=${{ env.DISCORD_ROLE_ID }} --env HASURA_ENDPOINT=${{ env.HASURA_ENDPOINT }} --env HASURA_ADMIN_SECRET=${{ env.HASURA_ADMIN_SECRET }} --env MORALIS_API_KEY=${{ env.MORALIS_API_KEY }} --env COVALENTHQ_API_KEY=${{ env.COVALENTHQ_API_KEY }} --env ALCHEMY_MAINNET_API_KEY=${{ env.ALCHEMY_MAINNET_API_KEY }} --env ALCHEMY_RINKEBY_API_KEY=${{ env.ALCHEMY_RINKEBY_API_KEY }} ${{ env.PROD_FLAG }} ${{ env.SCOPE_FLAG }}
frontend:
runs-on: ubuntu-latest
outputs:
preview-url: ${{ steps.determine_url.outputs.url }}
needs:
- backend
- environment_check
env:
BACKEND_URL: ${{ needs.backend.outputs.preview-url }}
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
INFURA_PROJECT_ID: ${{ secrets.INFURA_PROJECT_ID }}
PROD_FLAG: ${{ needs.environment_check.outputs.prod_flag }}
VERCEL_ORG_ID: ${{ secrets.VERCEL_ORG_ID }}
VERCEL_PROJECT_ID: ${{ secrets.VERCEL_FRONTEND_PROJECT_ID }}
VERCEL_TOKEN: ${{ secrets.VERCEL_TOKEN }}
steps:
- name: Check Variables
uses: 0xJem/[email protected]
with:
inputsToCheck: BACKEND_URL,GITHUB_TOKEN,INFURA_PROJECT_ID,VERCEL_ORG_ID,VERCEL_PROJECT_ID,VERCEL_TOKEN
failOnMissing: true
- name: Set Scope
run: |
echo "SCOPE_FLAG=--scope ${{ secrets.VERCEL_TEAM_ID }}" >> $GITHUB_ENV
- uses: actions/checkout@v2
- name: Setup node
uses: actions/setup-node@v2
with:
node-version-file: "frontend/.nvmrc"
- uses: amondnet/vercel-action@v20
id: frontend_deploy
with:
vercel-token: ${{ secrets.VERCEL_TOKEN }}
github-token: ${{ secrets.GITHUB_TOKEN }}
vercel-org-id: ${{ secrets.VERCEL_ORG_ID }}
vercel-project-id: ${{ secrets.VERCEL_PROJECT_ID }}
working-directory: ./frontend
# Vercel/Next.js will replace the URL at build-time, not run-time
vercel-args: --build-env NEXT_PUBLIC_BACKEND_API_URL=${{ env.BACKEND_URL }} --build-env NEXT_PUBLIC_INFURA_ID=${{ env.INFURA_PROJECT_ID }} ${{ env.PROD_FLAG }} ${{ env.SCOPE_FLAG }}
- name: Production Domain Alias
# If doing a production build, we also link the domain name
# It can take some time after deployment for the domains to be ready, so we pause before linking the domain
run: |
if [[ ${{ needs.environment_check.outputs.production }} == true ]]; then
sleep 120
vercel --token ${{ env.VERCEL_TOKEN }} ${{ env.SCOPE_FLAG }} alias set ${{ steps.frontend_deploy.outputs.preview-url }} verified.olympusdao.finance
fi
- name: Staging Domain Alias
# If doing a staging (develop branch) build, we also link the domain name
# It can take some time after deployment for the domains to be ready, so we pause before linking the domain
run: |
if [[ ${{ needs.environment_check.outputs.staging }} == true ]]; then
sleep 120
vercel --token ${{ env.VERCEL_TOKEN }} ${{ env.SCOPE_FLAG }} alias set ${{ steps.frontend_deploy.outputs.preview-url }} verified-staging.olympusdao.finance
fi
- name: Determine output URL
id: determine_url
run: |
if [[ ${{ needs.environment_check.outputs.production }} == true ]]; then
echo "Frontend URL is verified.olympusdao.finance"
echo "::set-output name=url::https://verified.olympusdao.finance"
elif [[ ${{ needs.environment_check.outputs.staging }} == true ]]; then
echo "Frontend URL is verified-staging.olympusdao.finance"
echo "::set-output name=url::https://verified-staging.olympusdao.finance"
else
echo "Frontend URL is ${{ steps.frontend_deploy.outputs.preview-url }}"
echo "::set-output name=url::${{ steps.frontend_deploy.outputs.preview-url }}"
fi
discord:
runs-on: ubuntu-latest
needs:
- frontend
- environment_check
env:
DISCORD_APP_ID: ${{ secrets.DISCORD_APP_ID }}
DISCORD_APP_ID_PROD: ${{ secrets.DISCORD_APP_ID_PROD }}
DISCORD_BOT_TOKEN: ${{ secrets.DISCORD_BOT_TOKEN }}
DISCORD_BOT_TOKEN_PROD: ${{ secrets.DISCORD_BOT_TOKEN_PROD }}
DISCORD_PUBLIC_KEY: ${{ secrets.DISCORD_PUBLIC_KEY }}
DISCORD_PUBLIC_KEY_PROD: ${{ secrets.DISCORD_PUBLIC_KEY_PROD }}
FRONTEND_URL: ${{ needs.frontend.outputs.preview-url }}
JWT_EXPIRATION_TIME: ${{ secrets.JWT_EXPIRATION_TIME }}
JWT_SECRET: ${{ secrets.JWT_SECRET }}
PROD_FLAG: ${{ needs.environment_check.outputs.prod_flag }}
VERCEL_ORG_ID: ${{ secrets.VERCEL_ORG_ID }}
VERCEL_PROJECT_ID: ${{ secrets.VERCEL_DISCORD_PROJECT_ID }}
VERCEL_TOKEN: ${{ secrets.VERCEL_TOKEN }}
steps:
- name: Check Variables
uses: 0xJem/[email protected]
with:
inputsToCheck: DISCORD_APP_ID,DISCORD_APP_ID_PROD,DISCORD_BOT_TOKEN,DISCORD_BOT_TOKEN_PROD,DISCORD_PUBLIC_KEY,DISCORD_PUBLIC_KEY_PROD,FRONTEND_URL,JWT_EXPIRATION_TIME,JWT_SECRET,VERCEL_ORG_ID,VERCEL_PROJECT_ID,VERCEL_TOKEN
failOnMissing: true
- name: Set Scope
run: |
echo "SCOPE_FLAG=--scope ${{ secrets.VERCEL_TEAM_ID }}" >> $GITHUB_ENV
- uses: actions/checkout@v2
- name: Setup node
uses: actions/setup-node@v2
with:
node-version-file: "discord/.nvmrc"
# Certain environment variables need different values in production
# We don't use GitHub Actions' environments, because those secrets are only available
# when a job states the environment that it belongs to. It would result in a lot of
# duplicated code.
- name: Set production environment variables
run: |
if [[ ${{ needs.environment_check.outputs.production }} == true ]]; then
echo "DISCORD_APP_ID=${{ env.DISCORD_APP_ID_PROD }}" >> $GITHUB_ENV
echo "DISCORD_BOT_TOKEN=${{ env.DISCORD_BOT_TOKEN_PROD }}" >> $GITHUB_ENV
echo "DISCORD_PUBLIC_KEY=${{ env.DISCORD_PUBLIC_KEY_PROD }}" >> $GITHUB_ENV
fi
- name: Install Dependencies
run: yarn install --frozen-lockfile
working-directory: ./discord
- name: Sync Discord commands
run: yarn run slash-up sync
working-directory: ./discord
- uses: amondnet/vercel-action@v20
id: discord_deploy
with:
vercel-token: ${{ secrets.VERCEL_TOKEN }}
github-token: ${{ secrets.GITHUB_TOKEN }}
vercel-org-id: ${{ env.VERCEL_ORG_ID }}
vercel-project-id: ${{ env.VERCEL_PROJECT_ID }}
working-directory: ./discord
vercel-args: --env JWT_SECRET=${{ env.JWT_SECRET }} --env JWT_EXPIRATION_TIME=${{ env.JWT_EXPIRATION_TIME }} --env DISCORD_APP_ID=${{ env.DISCORD_APP_ID }} --env DISCORD_BOT_TOKEN=${{ env.DISCORD_BOT_TOKEN }} --env DISCORD_PUBLIC_KEY=${{ env.DISCORD_PUBLIC_KEY }} --env FRONTEND_URL=${{ env.FRONTEND_URL }} ${{ env.PROD_FLAG }} ${{ env.SCOPE_FLAG }}
- name: Production Domain Alias
# If doing a production build, we also set a consistent domain name
# It can take some time after deployment for the domains to be ready, so we pause before linking the domain
run: |
if [[ ${{ needs.environment_check.outputs.production }} == true ]]; then
sleep 120
vercel --token ${{ env.VERCEL_TOKEN }} ${{ env.SCOPE_FLAG }} alias set ${{ steps.discord_deploy.outputs.preview-url }} verified-ohmies-discord.vercel.app
fi
- name: Staging Domain Alias
# If doing a staging (develop branch) build, we also link the domain name
# It can take some time after deployment for the domains to be ready, so we pause before linking the domain
run: |
if [[ ${{ needs.environment_check.outputs.staging }} == true ]]; then
sleep 120
vercel --token ${{ env.VERCEL_TOKEN }} ${{ env.SCOPE_FLAG }} alias set ${{ steps.discord_deploy.outputs.preview-url }} verified-ohmies-discord-staging.vercel.app
fi
# TODO run tests