This repository has been archived by the owner on Sep 26, 2024. It is now read-only.
Pr 00 workflow fix 4 (#7182) #2276
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Release Staging | |
on: | |
push: | |
branches: | |
- master | |
paths-ignore: | |
- '**.md' | |
concurrency: | |
group: ${{ github.workflow }}-${{ github.ref }} | |
cancel-in-progress: true | |
env: | |
GATSBY_CPU_COUNT: 16 | |
GATSBY_ENV: staging | |
NODE_OPTIONS: '--max_old_space_size=7168' | |
GATSBY_DATADOG_APPLICATION_ID: ${{ secrets.GATSBY_DATADOG_APPLICATION_ID }} | |
GATSBY_DATADOG_CLIENT_TOKEN: ${{ secrets.GATSBY_DATADOG_CLIENT_TOKEN }} | |
GATSBY_MAP_API_KEY: ${{ secrets.GATSBY_MAP_API_KEY }} | |
GATSBY_GROWTHBOOK_CLIENT_KEY: ${{ secrets.GATSBY_GROWTHBOOK_CLIENT_KEY }} | |
GATSBY_GROWTHBOOK_DECRYPTION_KEY: ${{ secrets.GATSBY_GROWTHBOOK_DECRYPTION_KEY }} | |
GATSBY_RUDDERSTACK_STAGING_KEY: ${{ secrets.GATSBY_RUDDERSTACK_STAGING_KEY }} | |
GATSBY_RUDDERSTACK_PRODUCTION_KEY: ${{ secrets.GATSBY_RUDDERSTACK_PRODUCTION_KEY }} | |
GATSBY_STRAPI_TOKEN: ${{ secrets.GATSBY_STRAPI_TOKEN }} | |
GATSBY_GOOGLE_TAG_MANAGER_TRACKING_ID: ${{ secrets.GATSBY_GOOGLE_TAG_MANAGER_TRACKING_ID }} | |
GATSBY_TRUSTPILOT_API_KEY: ${{ secrets.GATSBY_TRUSTPILOT_API_KEY }} | |
GATSBY_HOTJAR_ID: ${{ secrets.GATSBY_HOTJAR_ID }} | |
jobs: | |
release-staging: | |
timeout-minutes: 30 | |
runs-on: Runner_16cores | |
environment: staging | |
steps: | |
- name: Checkout 🛎️ | |
uses: actions/[email protected] | |
- name: Setup Node | |
uses: actions/setup-node@v3 | |
with: | |
node-version: '18.x' | |
cache: 'npm' | |
- name: Create npmrc file | |
shell: bash | |
run: echo "@deriv-com:registry=https://npm.pkg.github.com" >> .npmrc | |
- name: Setup install read-only token for deriv-com org | |
shell: bash | |
run: echo '//npm.pkg.github.com/:_authToken=${{ secrets.READ_DERIV_COM_ORG_PACKAGES }}' >> .npmrc | |
- run: npm ci | |
# - run: npm run format | |
# - run: npm run test | |
- run: npm run build | |
# - run: npm run build:storybook | |
- run: echo $GITHUB_SHA > public/version.txt | |
- uses: olegtarasov/[email protected] | |
id: tagName | |
# For using same tag for staging and production we need to uncomment these two below lines: | |
# with: | |
# tagRegex: "staging(.*)" | |
- name: Deploy to Cloudflare ☁️ | |
uses: cloudflare/[email protected] | |
with: | |
apiToken: ${{ secrets.CLOUDFLARE_API_TOKEN }} | |
accountId: ${{ secrets.CLOUDFLARE_ACCOUNT_ID }} | |
command: pages deploy public --project-name=deriv-com-pages --branch=staging | |
- name: Cloudflare preview link ✨ | |
run: echo "New staging website - http://staging.cf-pages-deriv-com.deriv.com" | |
- name: Building docker image 🐳 | |
run: docker build -t ${{ secrets.DOCKERHUB_ORGANISATION }}/deriv-com:latest-staging -t ${{ secrets.DOCKERHUB_ORGANISATION }}/deriv-com:$GITHUB_SHA . | |
- name: Verify nginx image | |
run: | | |
set -e | |
docker run --rm ${{ secrets.DOCKERHUB_ORGANISATION }}/deriv-com:$GITHUB_SHA nginx -t | |
echo "docker image validated successfully" | |
- name: Pushing Image to docker hub 🐳 | |
run: | | |
echo ${{ secrets.DOCKERHUB_PASSWORD }}| docker login -u ${{ secrets.DOCKERHUB_USERNAME }} --password-stdin | |
docker push ${{ secrets.DOCKERHUB_ORGANISATION }}/deriv-com:latest-staging | |
docker push ${{ secrets.DOCKERHUB_ORGANISATION }}/deriv-com:$GITHUB_SHA | |
- name: Deploy 🚀 | |
env: | |
KUBE_SERVER: ${{ secrets.KUBE_SERVER }} | |
SERVICEACCOUNT_TOKEN: ${{ secrets.SERVICEACCOUNT_TOKEN }} | |
CA_CRT: ${{ secrets.CA_CRT }} | |
NAMESPACE: deriv-com-staging | |
DOCKERHUB_ORGANISATION: ${{ secrets.DOCKERHUB_ORGANISATION }} | |
run: | | |
git clone https://github.com/binary-com/devops-ci-scripts | |
cd devops-ci-scripts/k8s-build_tools | |
echo "${{ env.CA_CRT }}" | base64 --decode > ca.crt | |
export CA="ca.crt" | |
./release.sh deriv-com ${GITHUB_SHA} | |
- name: Slack Notification 📣 | |
uses: 8398a7/action-slack@v3 | |
with: | |
status: ${{ job.status }} | |
fields: workflow,repo | |
if_mention: failure,cancelled | |
custom_payload: | | |
{ | |
attachments: [{ | |
color: '${{ job.status }}' === 'success' ? 'good' : '${{ job.status }}' === 'failure' ? 'danger' : 'warning', | |
text: `Release for *Deriv.com* with version *$GITHUB_SHA*` | |
}] | |
} | |
env: | |
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }} | |
if: always() |