Skip to content

Feat/signers map2 #3126

Feat/signers map2

Feat/signers map2 #3126

Workflow file for this run

# PRs:
# - Builds Explorer
# Pushes:
# - Builds Explorer
# - Pushes Docker image to Docker Hub
# - Deploys to staging environment
# Tags:
# - Builds Explorer
# - Pushes Docker image to Docker Hub
# - Deploys to staging environment
# - Deploys to prod environment
name: CI/CD
on:
push:
branches:
- '**'
paths-ignore:
- '**/CHANGELOG.md'
- '**/package.json'
pull_request:
workflow_dispatch:
concurrency:
group: ${{ github.workflow }} @ ${{ github.event.pull_request.head.label || github.head_ref || github.ref }}
cancel-in-progress: true
jobs:
build-publish:
runs-on: ubuntu-latest
outputs:
docker_image_digest: ${{ steps.docker_push.outputs.digest }}
version: ${{ steps.docker_meta.outputs.version }}
new_release_published: ${{ steps.semantic.outputs.new_release_published }}
steps:
- name: Checkout
uses: actions/checkout@v3
with:
persist-credentials: false
- name: Semantic Release
uses: cycjimmy/semantic-release-action@v3
id: semantic
if: github.event_name != 'pull_request' || github.event.pull_request.head.repo.full_name == github.repository
env:
GITHUB_TOKEN: ${{ secrets.GH_TOKEN || secrets.GITHUB_TOKEN }}
SEMANTIC_RELEASE_PACKAGE: ${{ github.event.repository.name }}
with:
semantic_version: 19
extra_plugins: |
@semantic-release/changelog
@semantic-release/git
- name: Checkout tag
if: steps.semantic.outputs.new_release_version != ''
uses: actions/checkout@v3
with:
ref: v${{ steps.semantic.outputs.new_release_version }}
- name: Docker meta
id: docker_meta
uses: docker/metadata-action@v4
with:
images: ${{ github.repository }}
tags: |
type=ref,event=branch
type=ref,event=pr
type=semver,pattern={{version}},value=${{ steps.semantic.outputs.new_release_version }},enable=${{ steps.semantic.outputs.new_release_published == 'true' }}
type=semver,pattern={{major}}.{{minor}},value=${{ steps.semantic.outputs.new_release_version }},enable=${{ steps.semantic.outputs.new_release_published == 'true' }}
- name: Login to Dockerhub
uses: docker/login-action@v2
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_PASSWORD }}
- name: Build/Tag/Push Image
id: docker_push
uses: docker/build-push-action@v3
with:
push: true
tags: ${{ steps.docker_meta.outputs.tags }}
labels: ${{ steps.docker_meta.outputs.labels }}
- name: Deployment Info
run: 'echo "::warning::Will deploy docker tag/digest: ${{ steps.docker_meta.outputs.version }}/${{ steps.docker_push.outputs.digest }}"'
deploy-dev:
runs-on: ubuntu-latest
needs:
- build-publish
env:
DEPLOY_ENV: dev
environment:
name: k8s-dev
url: https://explorer.dev.hiro.so/
steps:
- name: Checkout actions repo
uses: actions/checkout@v3
with:
ref: explorer
token: ${{ secrets.GH_TOKEN }}
repository: ${{ secrets.DEVOPS_ACTIONS_REPO }}
- name: Deploy Explorer
uses: ./actions/deploy
with:
docker_tag: ${{ needs.build-publish.outputs.docker_image_digest }}
application_path: manifests/sites/explorer/${{ env.DEPLOY_ENV }}/base/kustomization.yaml
gh_token: ${{ secrets.GH_TOKEN }}
auto-approve-dev:
runs-on: ubuntu-latest
if: needs.build-publish.outputs.new_release_published == 'true'
needs:
- build-publish
steps:
- name: Approve pending deployment
run: |
sleep 5
ENV_ID=$(curl -s -H "Authorization: token ${{ secrets.GITHUB_TOKEN }}" -H "Accept: application/vnd.github.v3+json" "https://api.github.com/repos/hirosystems/explorer/actions/runs/${{ github.run_id }}/pending_deployments" | jq -r '.[0].environment.id // empty')
if [[ -n "${ENV_ID}" ]]; then
curl -s -X POST -H "Authorization: token ${{ secrets.GITHUB_TOKEN }}" -H "Accept: application/vnd.github.v3+json" "https://api.github.com/repos/hirosystems/explorer/actions/runs/${{ github.run_id }}/pending_deployments" -d "{\"environment_ids\":[${ENV_ID}],\"state\":\"approved\",\"comment\":\"auto approve\"}"
fi
deploy-staging:
runs-on: ubuntu-latest
needs:
- build-publish
- deploy-dev
env:
DEPLOY_ENV: stg
environment:
name: k8s-staging
url: https://explorer.stg.hiro.so/
steps:
- name: Checkout actions repo
uses: actions/checkout@v3
with:
ref: explorer
token: ${{ secrets.GH_TOKEN }}
repository: ${{ secrets.DEVOPS_ACTIONS_REPO }}
- name: Deploy Explorer
uses: ./actions/deploy
with:
docker_tag: ${{ needs.build-publish.outputs.docker_image_digest }}
application_path: manifests/sites/explorer/${{ env.DEPLOY_ENV }}/base/kustomization.yaml
gh_token: ${{ secrets.GH_TOKEN }}
auto-approve-staging:
runs-on: ubuntu-latest
if: needs.build-publish.outputs.new_release_published == 'true'
needs:
- build-publish
- deploy-dev
steps:
- name: Approve pending deployment
run: |
sleep 5
ENV_ID=$(curl -s -H "Authorization: token ${{ secrets.GITHUB_TOKEN }}" -H "Accept: application/vnd.github.v3+json" "https://api.github.com/repos/hirosystems/explorer/actions/runs/${{ github.run_id }}/pending_deployments" | jq -r '.[0].environment.id // empty')
if [[ -n "${ENV_ID}" ]]; then
curl -s -X POST -H "Authorization: token ${{ secrets.GITHUB_TOKEN }}" -H "Accept: application/vnd.github.v3+json" "https://api.github.com/repos/hirosystems/explorer/actions/runs/${{ github.run_id }}/pending_deployments" -d "{\"environment_ids\":[${ENV_ID}],\"state\":\"approved\",\"comment\":\"auto approve\"}"
fi
deploy-prod:
runs-on: ubuntu-latest
if: needs.build-publish.outputs.new_release_published == 'true'
needs:
- build-publish
- deploy-staging
env:
DEPLOY_ENV: prd
environment:
name: k8s-prod
url: https://explorer.hiro.so/
steps:
- name: Checkout actions repo
uses: actions/checkout@v3
with:
ref: explorer
token: ${{ secrets.GH_TOKEN }}
repository: ${{ secrets.DEVOPS_ACTIONS_REPO }}
- name: Deploy Explorer
uses: ./actions/deploy
with:
docker_tag: ${{ needs.build-publish.outputs.docker_image_digest }}
application_path: manifests/sites/explorer/${{ env.DEPLOY_ENV }}/base/kustomization.yaml
gh_token: ${{ secrets.GH_TOKEN }}