Add cardano ssn (#730) #521
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: "CICD production" | |
on: | |
# On merged | |
push: | |
branches: | |
- main | |
# On released | |
release: | |
types: [published] | |
jobs: | |
build-docker: | |
permissions: | |
id-token: write | |
contents: write | |
runs-on: ubuntu-22.04 | |
if: github.actor != 'dependabot[bot]' | |
name: "Deploy image" | |
strategy: | |
fail-fast: false | |
matrix: | |
application: | |
[ | |
bluebell-playground, | |
devex-apollo, | |
dev-wallet, | |
faucet-service, | |
eth-spout, | |
governance-api, | |
governance-snapshot, | |
multisig, | |
neo-savant, | |
scilla-server, | |
zillion, | |
] | |
include: | |
- application: bluebell-playground | |
image_name: bluebell-playground | |
path: products/bluebell | |
tag_length: 8 | |
tag_latest: false | |
- application: devex-apollo | |
image_name: devex-apollo | |
path: products/devex-apollo | |
tag_length: 8 | |
tag_latest: false | |
- application: dev-wallet | |
image_name: dev-wallet | |
path: products/dev-wallet | |
tag_length: 8 | |
tag_latest: false | |
- application: faucet-service | |
image_name: faucet-service | |
path: products/faucet-service | |
tag_length: 8 | |
tag_latest: false | |
- application: eth-spout | |
image_name: eth-spout | |
path: products/eth-spout | |
tag_length: 9 | |
tag_latest: true | |
- application: governance-api | |
image_name: governance-api | |
path: products/governance-api | |
tag_length: 8 | |
tag_latest: false | |
- application: governance-snapshot | |
image_name: governance-snapshot | |
path: products/governance-snapshot | |
tag_length: 8 | |
tag_latest: false | |
- application: multisig | |
image_name: multisig | |
path: products/multisig | |
tag_length: 8 | |
tag_latest: false | |
- application: neo-savant | |
image_name: neo-savant | |
path: products/neo-savant | |
tag_length: 8 | |
tag_latest: false | |
- application: scilla-server | |
image_name: scilla-server | |
path: products/scilla-server | |
tag_length: 8 | |
tag_latest: false | |
- application: zillion | |
image_name: zillion | |
path: products/zillion | |
tag_length: 8 | |
tag_latest: false | |
env: | |
DOCKER_DOMAIN: asia-docker.pkg.dev | |
REGISTRY: asia-docker.pkg.dev/prj-p-devops-services-tvwmrf63/zilliqa-public | |
steps: | |
- name: Checkout code | |
uses: actions/checkout@v3 | |
with: | |
submodules: recursive | |
ref: ${{ github.event.pull_request.head.ref }} | |
repository: ${{ github.event.pull_request.head.repo.full_name }} | |
fetch-depth: 0 | |
- name: Docker build and push - production | |
uses: Zilliqa/gh-actions-workflows/actions/ci-dockerized-app-build-push@v2 | |
with: | |
context: ${{ matrix.path }} | |
push: true | |
tag: asia-docker.pkg.dev/prj-p-devops-services-tvwmrf63/zilliqa-public/${{ matrix.image_name }}:${{ github.ref_name }} | |
registry: asia-docker.pkg.dev | |
workload-identity-provider: "${{ secrets.GCP_PRD_GITHUB_WIF }}" | |
service-account: "${{ secrets.GCP_PRD_GITHUB_SA_DOCKER_REGISTRY }}" | |
cache-key: ${{ env.REGISTRY }}/${{ matrix.image_name }}-cache | |
build-args: | | |
DEPLOY_ENV=prd | |
VITE_ENV="PROD" | |
build-makefile: | |
permissions: | |
id-token: write | |
contents: write | |
runs-on: ubuntu-22.04 | |
name: "Build image with Makefile" | |
strategy: | |
fail-fast: false | |
matrix: | |
application: [devex, zilliqa-isolated-server] | |
include: | |
- application: devex | |
image_name: devex | |
path: products/devex | |
tag_length: 8 | |
tag_latest: false | |
- application: zilliqa-isolated-server | |
image_name: zilliqa-isolated-server | |
path: products/zilliqa-isolated-server | |
tag_length: 8 | |
tag_latest: true | |
env: | |
DOCKER_DOMAIN: asia-docker.pkg.dev | |
REGISTRY: asia-docker.pkg.dev/prj-p-devops-services-tvwmrf63/zilliqa-public | |
steps: | |
- name: Checkout code | |
uses: actions/checkout@v3 | |
with: | |
submodules: recursive | |
ref: ${{ github.event.pull_request.head.ref }} | |
repository: ${{ github.event.pull_request.head.repo.full_name }} | |
fetch-depth: 0 | |
- name: "Authenticate to Google Cloud - production" | |
id: google-auth | |
uses: "google-github-actions/auth@v1" | |
with: | |
token_format: "access_token" | |
workload_identity_provider: "${{ secrets.GCP_PRD_GITHUB_WIF }}" | |
service_account: "${{ secrets.GCP_PRD_GITHUB_SA_DOCKER_REGISTRY }}" | |
create_credentials_file: true | |
- name: Login to the registry - production | |
uses: docker/login-action@v2 | |
with: | |
registry: ${{ env.DOCKER_DOMAIN }} | |
username: "oauth2accesstoken" | |
password: "${{ steps.google-auth.outputs.access_token }}" | |
- name: Get tag version - production | |
if: github.event_name == 'push' | |
id: set-tag | |
uses: Zilliqa/gh-actions-workflows/actions/generate-tag@v1 | |
with: | |
tag: ${{ env.REGISTRY }}/${{ matrix.image_name }} | |
length: ${{ matrix.tag_length }} | |
- name: "Build and push ${{ matrix.application }} - production" | |
if: github.event_name == 'push' | |
env: | |
ENVIRONMENT: prd | |
IMAGE_TAG: ${{ steps.set-tag.outputs.tags }} | |
ENV_FILES_DECRYPTER_NONPRD: ${{ secrets.ENV_FILES_DECRYPTER_NONPRD }} | |
ENV_FILES_DECRYPTER_PRD: ${{ secrets.ENV_FILES_DECRYPTER_PRD }} | |
run: | | |
cd ${{ matrix.path }} | |
make image/build-and-push | |
- name: "Build and push ${{ matrix.application }} - production" | |
if: github.event_name == 'release' | |
env: | |
ENVIRONMENT: prd | |
IMAGE_TAG: ${{ env.REGISTRY }}/${{ matrix.image_name }}:${{ github.ref_name }} | |
ENV_FILES_DECRYPTER_NONPRD: ${{ secrets.ENV_FILES_DECRYPTER_NONPRD }} | |
ENV_FILES_DECRYPTER_PRD: ${{ secrets.ENV_FILES_DECRYPTER_PRD }} | |
run: | | |
cd ${{ matrix.path }} | |
make image/build-and-push | |
- name: "Build and push ${{ matrix.application }} tag latest - production" | |
if: matrix.tag_latest == true && github.event_name == 'release' | |
env: | |
ENVIRONMENT: prd | |
IMAGE_TAG: ${{ env.REGISTRY }}/${{ matrix.image_name }}:latest | |
ENV_FILES_DECRYPTER_NONPRD: ${{ secrets.ENV_FILES_DECRYPTER_NONPRD }} | |
ENV_FILES_DECRYPTER_PRD: ${{ secrets.ENV_FILES_DECRYPTER_PRD }} | |
run: | | |
cd ${{ matrix.path }} | |
make image/build-and-push |