Skip to content

Deploy

Deploy #109

Workflow file for this run

name: Deploy
on:
workflow_dispatch:
inputs:
dry-run:
type: choice
required: false
default: "false"
options:
- "true"
- "false"
regions:
type: string
required: false
default: "all"
description: >
Comma-separated list of regions to deploy to (e.g., "us-east-1,eu-central-1").
Use "all" to deploy to all regions.
jobs:
build:
continue-on-error: true
strategy:
matrix:
include:
- release_for: Linux-x86_64
build_on: ubuntu-latest
target: x86_64-unknown-linux-gnu
args: "--locked --release"
runs-on: ${{ matrix.build_on }}
steps:
- name: checkout repository
uses: actions/checkout@v4
- uses: Swatinem/rust-cache@v2
with:
shared-key: "release"
- name: Install stable toolchain
uses: actions-rs/toolchain@v1
with:
toolchain: stable
- name: Run cargo build
uses: actions-rs/cargo@v1
with:
command: build
args: --target ${{ matrix.target }} ${{ matrix.args }}
- name: rename binaries
run: |
mv target/${{ matrix.target }}/release/operator operator-${{ matrix.release_for }}
mv target/${{ matrix.target }}/release/rpc rpc-${{ matrix.release_for }}
mv target/${{ matrix.target }}/release/metrics-exporter metrics-exporter-${{ matrix.release_for }}
mv target/${{ matrix.target }}/release/open-head open-head-${{ matrix.release_for }}
- name: upload artifacts
uses: actions/upload-artifact@v4
with:
name: binaries-${{ matrix.release_for }}
path: |
operator-${{ matrix.release_for }}
rpc-${{ matrix.release_for }}
metrics-exporter-${{ matrix.release_for }}
open-head-${{ matrix.release_for }}
docker:
runs-on: ubuntu-latest
needs: [build]
permissions:
contents: read
packages: write
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Extract metadata (tags, labels) for Docker
id: meta
uses: docker/metadata-action@v5
with:
images: ghcr.io/cardano-scaling/hydra-control-plane
tags: |
type=raw,value=latest,enable={{is_default_branch}}
type=semver,pattern=v{{major}}
type=semver,pattern=v{{major}}.{{minor}}
type=semver,pattern=v{{version}}
type=sha
- name: Login to DockerHub
uses: docker/login-action@v3
with:
registry: ghcr.io/cardano-scaling
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Download artifacts
uses: actions/download-artifact@v4
with:
pattern: binaries-*
merge-multiple: true
path: .github/images/hcp/bin
# we need to rename the artifact so that the name matches
# the value that Docker uses for TARGET_ARCH to keep the
# Dockerfile simple
- name: Rename artifacts
run: |+
mv .github/images/hcp/bin/operator-Linux-x86_64 .github/images/hcp/bin/operator-Linux-amd64
mv .github/images/hcp/bin/rpc-Linux-x86_64 .github/images/hcp/bin/rpc-Linux-amd64
mv .github/images/hcp/bin/metrics-exporter-Linux-x86_64 .github/images/hcp/bin/metrics-exporter-Linux-amd64
mv .github/images/hcp/bin/open-head-Linux-x86_64 .github/images/hcp/bin/open-head-Linux-amd64
- name: Build and push
uses: docker/build-push-action@v5
with:
context: .github/images/hcp
platforms: linux/amd64
push: true
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
terraform:
runs-on: ubuntu-latest
needs: [docker]
strategy:
matrix:
include:
- region: us-east-1
region_prefix: a
autoscaler_high_watermark: 100
autoscaler_low_watermark: 20
autoscaler_max_batch: 10
- region: eu-central-1
region_prefix: b
autoscaler_high_watermark: 100
autoscaler_low_watermark: 20
autoscaler_max_batch: 10
- region: us-west-2
region_prefix: c
autoscaler_high_watermark: 100
autoscaler_low_watermark: 20
autoscaler_max_batch: 10
env:
# Secrets
TF_VAR_blockfrost_key: ${{ secrets.DEV_BLOCKFROST_KEY }}
TF_VAR_dmtr_api_key: ${{ secrets.DEV_DMTR_API_KEY }}
TF_VAR_admin_key: ${{ secrets.DEV_HYDRA_ADMIN_KEY }}
TF_VAR_snapshot_aws_access_key_id: ${{ secrets.SNAPSHOT_AWS_ACCESS_KEY_ID }}
TF_VAR_snapshot_aws_secret_access_key: ${{ secrets.SNAPSHOT_AWS_SECRET_ACCESS_KEY }}
TF_VAR_api_key: ${{ secrets.API_KEY }}
# Vars
TF_VAR_dmtr_port_name: preprod-4raar2
TF_VAR_dmtr_project_id: b55545f5-31e7-4e6b-81d6-22f4e6b5a144
TF_VAR_external_domain: ${{ matrix.region }}.hydra-doom.sundae.fi
TF_VAR_hydra_node_image: ghcr.io/demeter-run/hydra-node:patch2
TF_VAR_eks_cluster_arn: arn:aws:eks:${{ matrix.region }}:509399595051:cluster/hydra-doom-dev-cluster
TF_VAR_hydra_scripts_tx_id: 03f8deb122fbbd98af8eb58ef56feda37728ec957d39586b78198a0cf624412a
TF_VAR_admin_addr: addr_test1vpgcjapuwl7gfnzhzg6svtj0ph3gxu8kyuadudmf0kzsksqrfugfc
TF_VAR_frontend_image: ghcr.io/cardano-scaling/hydra-doom-frontend:sha-a786f53
TF_VAR_referee_image: ghcr.io/cardano-scaling/hydra-doom-referee:sha-f68f1d4 # latest?
TF_VAR_ai_image: ghcr.io/cardano-scaling/hydra-doom-ai:sha-f68f1d4 # latest?
TF_VAR_autoscaler_high_watermark: ${{ matrix.autoscaler_high_watermark }}
TF_VAR_autoscaler_low_watermark: ${{ matrix.autoscaler_low_watermark }}
TF_VAR_autoscaler_region_prefix: ${{ matrix.region_prefix }}
TF_VAR_autoscaler_max_batch: ${{ matrix.autoscaler_max_batch }}
steps:
- name: Filter regions
id: filter
run: |
selected_regions="${{ github.event.inputs.regions }}"
if [[ "$selected_regions" != "all" ]]; then
if [[ ! "${{ matrix.region }}" =~ (^|,)(${selected_regions})(,|$) ]]; then
echo "Skipping region ${{ matrix.region }}"
echo "should_skip=true" >> $GITHUB_OUTPUT
exit 0
else
echo "should_skip=false" >> $GITHUB_OUTPUT
fi
else
echo "should_skip=false" >> $GITHUB_OUTPUT
fi
- uses: actions/checkout@v2
if: steps.filter.outputs.should_skip == 'false'
- uses: aws-actions/configure-aws-credentials@v1
if: steps.filter.outputs.should_skip == 'false'
with:
aws-region: ${{ matrix.region }}
aws-access-key-id: ${{ secrets.DEPLOY_AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.DEPLOY_AWS_SECRET_ACCESS_KEY }}
role-to-assume: arn:aws:iam::509399595051:role/ClusterAdminRole
role-session-name: Github-Actions
role-duration-seconds: 1200
- name: Get short commit sh
id: image_tag
run: echo "sha_short=$(git rev-parse --short HEAD)" >> $GITHUB_OUTPUT
if: steps.filter.outputs.should_skip == 'false'
- name: setup kubeconfig
if: steps.filter.outputs.should_skip == 'false'
run: aws eks update-kubeconfig --name hydra-doom-dev-cluster
- name: setup terraform
uses: hashicorp/setup-terraform@v3
if: steps.filter.outputs.should_skip == 'false'
- name: init terraform
if: steps.filter.outputs.should_skip == 'false'
working-directory: playbook/doom-dev
run: terraform init -backend-config=backend.${{ matrix.region }}.conf
env:
TF_VAR_image: ghcr.io/cardano-scaling/hydra-control-plane:sha-${{ steps.image_tag.outputs.sha_short }}
- name: validate terraform
if: steps.filter.outputs.should_skip == 'false'
working-directory: playbook/doom-dev
run: terraform validate
env:
TF_VAR_image: ghcr.io/cardano-scaling/hydra-control-plane:sha-${{ steps.image_tag.outputs.sha_short }}
- name: plan terraform
working-directory: playbook/doom-dev
if: inputs.dry-run == 'true' && steps.filter.outputs.should_skip == 'false'
run: terraform plan -input=false
env:
TF_VAR_image: ghcr.io/cardano-scaling/hydra-control-plane:sha-${{ steps.image_tag.outputs.sha_short }}
- name: apply terraform
working-directory: playbook/doom-dev
if: inputs.dry-run == 'false' && steps.filter.outputs.should_skip == 'false'
run: terraform apply -auto-approve -input=false
env:
TF_VAR_image: ghcr.io/cardano-scaling/hydra-control-plane:sha-${{ steps.image_tag.outputs.sha_short }}