-
Notifications
You must be signed in to change notification settings - Fork 0
144 lines (120 loc) · 4.38 KB
/
deploy-prod.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
name: 'Deploy to prod'
on:
release:
types:
- created
env:
NODE_VERSION: 18.16.0
ENV: prod
AWS_EC2_METADATA_DISABLED: true
jobs:
frontend_deploy_prod:
runs-on: ubuntu-20.04
timeout-minutes: 15
env:
BUCKET_NAME: www.rumblefish.dev.evm-debugger
PREFIX: evm-debugger
if: |
startsWith(github.ref, 'refs/tags/@evm-debuger/frontend') &&
!contains(github.ref, '-alpha.')
permissions:
id-token: write
contents: read
steps:
- name: 'Checkout'
uses: actions/[email protected]
- uses: actions/setup-node@master
with:
node-version: ${{ env.NODE_VERSION }}
registry-url: 'https://npm.pkg.github.com'
scope: "@rumblefishdev"
- name: 'Cache NPM dependencies'
uses: pat-s/[email protected]
with:
path: |
**/node_modules
key: ${{ runner.OS }}-npm-cache-${{ hashFiles('packages/*/package-lock.json') }}
restore-keys: |
${{ runner.OS }}-npm-cache-
- name: Install dependencies
run: |
npm i
node_modules/.bin/lerna bootstrap
env:
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
- name: Check if @rumblefishdev/ui installed
run: |
if [[ ! -d packages/frontend/node_modules/@rumblefishdev/ui ]]; then
echo "Error: @rumblefishdev/ui not installed"
exit 1
fi
- name: 'Build'
run: |
npm run types:build
npm run analyzer:build
npm run frontend:build:prod
env:
REACT_APP_STRAPI_AUTH_TOKEN: ${{ secrets.STRAPI_AUTH_TOKEN }}
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v2
with:
role-to-assume: arn:aws:iam::428196107266:role/evm-debugger-frontend-deploy-prod
aws-region: us-east-1
role-session-name: ${{ github.event.repository.name }}-${{ github.job }}
- name: 'Deploy'
run: |
aws s3 sync packages/frontend/build s3://${BUCKET_NAME}/${PREFIX} --delete --exact-timestamps
- name: Assume role on main AWS account
run: |
role_name=$(aws cloudformation describe-stacks --stack-name evm-transaction-trace-prod | jq -r '.Stacks[0].Parameters | map(select(.ParameterKey == "CloudfrontInvalidationRoleArn"))[0].ParameterValue')
output=$(aws sts assume-role --role-arn "$role_name" --role-session-name github-stage-frontend-Session)
echo "AWS_ACCESS_KEY_ID=$(echo $output | jq -r '.Credentials.AccessKeyId')" >> $GITHUB_ENV
echo "AWS_SECRET_ACCESS_KEY=$(echo $output | jq -r '.Credentials.SecretAccessKey')" >> $GITHUB_ENV
echo "AWS_SESSION_TOKEN=$(echo $output | jq -r '.Credentials.SessionToken')" >> $GITHUB_ENV
- name: Invalidate CloudFront
run: |
aws cloudfront create-invalidation --distribution-id ${DISTRIBUTION_ID} --paths "/${PREFIX}/*"
env:
DISTRIBUTION_ID: E3IK5XITYN78AJ
transaction_trace_deploy_prod:
runs-on: ubuntu-20.04
if: |
startsWith(github.ref, 'refs/tags/@evm-debuger/transaction-trace') &&
!contains(github.ref, '-alpha.')
permissions:
id-token: write
contents: read
steps:
- name: 'Checkout'
uses: actions/[email protected]
- uses: actions/setup-node@master
with:
node-version: ${{ env.NODE_VERSION }}
- name: 'Cache NPM dependencies'
uses: pat-s/[email protected]
with:
path: |
**/node_modules
key: ${{ runner.OS }}-npm-cache-${{ hashFiles('packages/*/package-lock.json') }}
restore-keys: |
${{ runner.OS }}-npm-cache-
- name: Install dependencies
run: |
npm i
npm install jq.node -g
lerna bootstrap
env:
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
- name: Build
run: |
npm run types:build
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v2
with:
role-to-assume: arn:aws:iam::428196107266:role/evm-debugger-transaction-trace-deploy-prod
aws-region: us-east-1
role-session-name: ${{ github.event.repository.name }}-${{ github.job }}
- name: Deploy stack
working-directory: ./packages/infra
run: |
make prod-deploy