This repository has been archived by the owner on Sep 26, 2024. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 182
118 lines (104 loc) · 4.96 KB
/
staging.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
name: Release Staging
on:
push:
branches:
- master
paths-ignore:
- '**.md'
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
env:
GATSBY_CPU_COUNT: 16
GATSBY_ENV: staging
NODE_OPTIONS: '--max_old_space_size=7168'
GATSBY_DATADOG_APPLICATION_ID: ${{ secrets.GATSBY_DATADOG_APPLICATION_ID }}
GATSBY_DATADOG_CLIENT_TOKEN: ${{ secrets.GATSBY_DATADOG_CLIENT_TOKEN }}
GATSBY_MAP_API_KEY: ${{ secrets.GATSBY_MAP_API_KEY }}
GATSBY_GROWTHBOOK_CLIENT_KEY: ${{ secrets.GATSBY_GROWTHBOOK_CLIENT_KEY }}
GATSBY_GROWTHBOOK_DECRYPTION_KEY: ${{ secrets.GATSBY_GROWTHBOOK_DECRYPTION_KEY }}
GATSBY_RUDDERSTACK_STAGING_KEY: ${{ secrets.GATSBY_RUDDERSTACK_STAGING_KEY }}
GATSBY_RUDDERSTACK_PRODUCTION_KEY: ${{ secrets.GATSBY_RUDDERSTACK_PRODUCTION_KEY }}
GATSBY_STRAPI_TOKEN: ${{ secrets.GATSBY_STRAPI_TOKEN }}
GATSBY_GOOGLE_TAG_MANAGER_TRACKING_ID: ${{ secrets.GATSBY_GOOGLE_TAG_MANAGER_TRACKING_ID }}
GATSBY_TRUSTPILOT_API_KEY: ${{ secrets.GATSBY_TRUSTPILOT_API_KEY }}
GATSBY_HOTJAR_ID: ${{ secrets.GATSBY_HOTJAR_ID }}
jobs:
release-staging:
timeout-minutes: 30
runs-on: Runner_16cores
environment: staging
steps:
- name: Checkout 🛎️
uses: actions/[email protected]
- name: Setup Node
uses: actions/setup-node@v3
with:
node-version: '18.x'
cache: 'npm'
- name: Create npmrc file
shell: bash
run: echo "@deriv-com:registry=https://npm.pkg.github.com" >> .npmrc
- name: Setup install read-only token for deriv-com org
shell: bash
run: echo '//npm.pkg.github.com/:_authToken=${{ secrets.READ_DERIV_COM_ORG_PACKAGES }}' >> .npmrc
- run: npm ci
# - run: npm run format
# - run: npm run test
- run: npm run build
# - run: npm run build:storybook
- run: echo $GITHUB_SHA > public/version.txt
- uses: olegtarasov/[email protected]
id: tagName
# For using same tag for staging and production we need to uncomment these two below lines:
# with:
# tagRegex: "staging(.*)"
- name: Deploy to Cloudflare ☁️
uses: cloudflare/[email protected]
with:
apiToken: ${{ secrets.CLOUDFLARE_API_TOKEN }}
accountId: ${{ secrets.CLOUDFLARE_ACCOUNT_ID }}
command: pages deploy public --project-name=deriv-com-pages --branch=staging
- name: Cloudflare preview link ✨
run: echo "New staging website - http://staging.cf-pages-deriv-com.deriv.com"
- name: Building docker image 🐳
run: docker build -t ${{ secrets.DOCKERHUB_ORGANISATION }}/deriv-com:latest-staging -t ${{ secrets.DOCKERHUB_ORGANISATION }}/deriv-com:$GITHUB_SHA .
- name: Verify nginx image
run: |
set -e
docker run --rm ${{ secrets.DOCKERHUB_ORGANISATION }}/deriv-com:$GITHUB_SHA nginx -t
echo "docker image validated successfully"
- name: Pushing Image to docker hub 🐳
run: |
echo ${{ secrets.DOCKERHUB_PASSWORD }}| docker login -u ${{ secrets.DOCKERHUB_USERNAME }} --password-stdin
docker push ${{ secrets.DOCKERHUB_ORGANISATION }}/deriv-com:latest-staging
docker push ${{ secrets.DOCKERHUB_ORGANISATION }}/deriv-com:$GITHUB_SHA
- name: Deploy 🚀
env:
KUBE_SERVER: ${{ secrets.KUBE_SERVER }}
SERVICEACCOUNT_TOKEN: ${{ secrets.SERVICEACCOUNT_TOKEN }}
CA_CRT: ${{ secrets.CA_CRT }}
NAMESPACE: deriv-com-staging
DOCKERHUB_ORGANISATION: ${{ secrets.DOCKERHUB_ORGANISATION }}
run: |
git clone https://github.com/binary-com/devops-ci-scripts
cd devops-ci-scripts/k8s-build_tools
echo "${{ env.CA_CRT }}" | base64 --decode > ca.crt
export CA="ca.crt"
./release.sh deriv-com ${GITHUB_SHA}
- name: Slack Notification 📣
uses: 8398a7/action-slack@v3
with:
status: ${{ job.status }}
fields: workflow,repo
if_mention: failure,cancelled
custom_payload: |
{
attachments: [{
color: '${{ job.status }}' === 'success' ? 'good' : '${{ job.status }}' === 'failure' ? 'danger' : 'warning',
text: `Release for *Deriv.com* with version *$GITHUB_SHA*`
}]
}
env:
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }}
if: always()