-
Notifications
You must be signed in to change notification settings - Fork 76
148 lines (131 loc) · 6.09 KB
/
deployment.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
name: Deploy Apps
# Run on pushes to dev/main or PR
on:
# Pull request hook without any config. Launches for every pull request
pull_request:
# Launches for pushes to main or dev
push:
branches:
- main
- development
# Run manually to version/production deployment/github releases
workflow_dispatch:
env:
REPO_NAME_ALPHANUMERIC: safereactapps
HUSKY: 0
jobs:
pr:
name: Pull Request
runs-on: ubuntu-latest
if: ${{ github.event_name == 'pull_request' }}
steps:
- uses: actions/checkout@v3
with:
ref: ${{ github.event.pull_request.head.ref }}
fetch-depth: 0
- name: AWS CLI setup
uses: aws-actions/setup-aws-cli@v2
- uses: ./.github/actions/setup-env
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: ${{ secrets.AWS_DEFAULT_REGION }}
- name: Derive appropriate SHAs for base and head for `nx affected` commands
uses: nrwl/nx-set-shas@v2
- name: Test, Build, Deploy PR
run: |
npx nx affected --target=test
npx nx affected --target=build
npx nx affected --target=deploy:pr
env:
PR_NUMBER: ${{ github.event.number }}
REVIEW_BUCKET_NAME: ${{ secrets.AWS_REVIEW_BUCKET_NAME }}
REACT_APP_TENDERLY_ORG_NAME: ${{ secrets.REACT_APP_TENDERLY_ORG_NAME }}
REACT_APP_TENDERLY_SIMULATE_ENDPOINT_URL: ${{ secrets.REACT_APP_TENDERLY_SIMULATE_ENDPOINT_URL }}
REACT_APP_TENDERLY_PROJECT_NAME: ${{ secrets.REACT_APP_TENDERLY_PROJECT_NAME }}
REACT_APP_MMI_BACKEND_BASE_URL: ${{ secrets.MMI_BACKEND_BASE_URL }}
REACT_APP_MMI_ENVIRONMENT: ${{ secrets.MMI_ENVIRONMENT }}
REACT_APP_WALLETCONNECT_PROJECT_ID: ${{ secrets.REACT_APP_WALLETCONNECT_PROJECT_ID_DEVSTAGING }}
REACT_APP_RAMP_APIKEY: ${{ secrets.REACT_APP_RAMP_APIKEY }}
- name: 'PRaul: Comment PR with app URLs'
if: success() && github.event.number
uses: mshick/add-pr-comment@v1
with:
message: |
* [Drain Account App](${{ env.REVIEW_FEATURE_URL }}/drain-safe/)
* [RAMP Network App](${{ env.REVIEW_FEATURE_URL }}/ramp-network/)
* [Sign-In With Ethereum Delegate Manager App](${{ env.REVIEW_FEATURE_URL }}/siwe-delegate-manager/)
* [Tx Builder App](${{ env.REVIEW_FEATURE_URL }}/tx-builder/)
* [WalletConnect app](${{ env.REVIEW_FEATURE_URL }}/wallet-connect/)
* [MMI App](${{ env.REVIEW_FEATURE_URL }}/mmi/)
repo-token: ${{ secrets.GITHUB_TOKEN }}
repo-token-user-login: 'github-actions[bot]'
env:
REVIEW_FEATURE_URL: https://pr${{ github.event.number }}--${{ env.REPO_NAME_ALPHANUMERIC }}.review-react-hr.5afe.dev
deploy:
name: Deploy Dev/Staging
runs-on: ubuntu-latest
if: github.event_name != 'pull_request' && github.event_name != 'workflow_dispatch'
steps:
- uses: actions/checkout@v3
with:
fetch-depth: 0
- uses: ./.github/actions/setup-env
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: ${{ secrets.AWS_DEFAULT_REGION }}
- name: Derive appropriate SHAs for base and head for `nx affected` commands
uses: nrwl/nx-set-shas@v2
- name: Test and Build
run: |
npx nx affected --target=test --parallel
npx nx affected --target=build --parallel
env:
REACT_APP_TENDERLY_ORG_NAME: ${{ secrets.REACT_APP_TENDERLY_ORG_NAME }}
REACT_APP_TENDERLY_SIMULATE_ENDPOINT_URL: ${{ secrets.REACT_APP_TENDERLY_SIMULATE_ENDPOINT_URL }}
REACT_APP_TENDERLY_PROJECT_NAME: ${{ secrets.REACT_APP_TENDERLY_PROJECT_NAME }}
REACT_APP_MMI_BACKEND_BASE_URL: ${{ secrets.MMI_BACKEND_BASE_URL }}
REACT_APP_MMI_ENVIRONMENT: ${{ secrets.MMI_ENVIRONMENT }}
REACT_APP_WALLETCONNECT_PROJECT_ID: ${{ secrets.REACT_APP_WALLETCONNECT_PROJECT_ID_DEVSTAGING }}
REACT_APP_RAMP_APIKEY: ${{ secrets.REACT_APP_RAMP_APIKEY }}
# Script to deploy to the dev environment
- name: 'Deploy to S3: Develop'
if: github.ref == 'refs/heads/development'
run: npx nx affected --target=deploy:s3
env:
BUCKET_NAME: ${{ secrets.AWS_DEV_BUCKET_NAME }}
# Script to deploy to staging environment
- name: 'Deploy to S3: Staging'
if: github.ref == 'refs/heads/main'
run: npx nx affected --base=last-release --target=deploy:s3
env:
BUCKET_NAME: ${{ secrets.STAGING_BUCKET_NAME }}/current
release:
name: Production release
runs-on: ubuntu-latest
if: github.ref == 'refs/heads/main' && github.event_name == 'workflow_dispatch'
steps:
- uses: actions/checkout@v3
with:
fetch-depth: 0
ref: main
- uses: ./.github/actions/setup-env
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: ${{ secrets.AWS_DEFAULT_REGION }}
- name: 'Deploy production'
uses: ./.github/actions/release
with:
github-token: ${{ secrets.GITHUB_TOKEN }}
prod-deployment-hook-token: ${{ secrets.PROD_DEPLOYMENT_HOOK_TOKEN }}
prod-deployment-hook-url: ${{ secrets.PROD_DEPLOYMENT_HOOK_URL }}
bucket-name: ${{ secrets.STAGING_BUCKET_NAME }}/releases
react-app-tenderly-org-name: ${{ secrets.REACT_APP_TENDERLY_ORG_NAME }}
react-app-tenderly-project-name: ${{ secrets.REACT_APP_TENDERLY_PROJECT_NAME }}
react-app-tenderly-simulate-endpoint-url: ${{ secrets.REACT_APP_TENDERLY_SIMULATE_ENDPOINT_URL }}
react-app-mmi-backend-base-url: ${{ secrets.MMI_BACKEND_BASE_URL }}
react-app-mmi-environment: ${{ secrets.MMI_ENVIRONMENT }}
react-app-walletconnect-project-id: ${{ secrets.REACT_APP_WALLETCONNECT_PROJECT_ID }}
react-app-ramp-api: ${{ secrets.REACT_APP_RAMP_APIKEY }}