This repository has been archived by the owner on Sep 26, 2024. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 185
148 lines (135 loc) · 6.65 KB
/
production-row.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
name: Production CF for Row
on:
push:
tags:
- 'production*'
paths-ignore:
- '**.md'
env:
GATSBY_CPU_COUNT: 16
GATSBY_ENV: production
NODE_OPTIONS: '--max_old_space_size=7168'
GATSBY_DATADOG_APPLICATION_ID: ${{ secrets.GATSBY_DATADOG_APPLICATION_ID }}
GATSBY_DATADOG_CLIENT_TOKEN: ${{ secrets.GATSBY_DATADOG_CLIENT_TOKEN }}
GATSBY_MAP_API_KEY: ${{ secrets.GATSBY_MAP_API_KEY }}
GATSBY_GROWTHBOOK_CLIENT_KEY: ${{ secrets.GATSBY_GROWTHBOOK_CLIENT_KEY }}
GATSBY_GROWTHBOOK_DECRYPTION_KEY: ${{ secrets.GATSBY_GROWTHBOOK_DECRYPTION_KEY }}
GATSBY_RUDDERSTACK_STAGING_KEY: ${{ secrets.GATSBY_RUDDERSTACK_STAGING_KEY }}
GATSBY_RUDDERSTACK_PRODUCTION_KEY: ${{ secrets.GATSBY_RUDDERSTACK_PRODUCTION_KEY }}
GATSBY_GOOGLE_TAG_MANAGER_TRACKING_ID: ${{ secrets.GATSBY_GOOGLE_TAG_MANAGER_TRACKING_ID }}
GATSBY_TRUSTPILOT_API_KEY: ${{ secrets.GATSBY_TRUSTPILOT_API_KEY }}
GATSBY_HOTJAR_ID: ${{ secrets.GATSBY_HOTJAR_ID }}
GATSBY_DATABASE_URL: ${{ secrets.GATSBY_DATABASE_URL }}
jobs:
release-production:
timeout-minutes: 40
runs-on: Runner_16cores
environment: production
steps:
- name: Checkout 🛎️
uses: actions/[email protected]
- name: Setup Node
uses: actions/setup-node@v3
with:
node-version: '18.x'
cache: 'npm'
- name: Setup install read-only token for deriv-com org
shell: bash
run: echo '//npm.pkg.github.com/:_authToken=${{ secrets.READ_DERIV_COM_ORG_PACKAGES }}' >> .npmrc
- run: npm ci
- run: npm run format
- run: npm run test
- run: npm run build:row
# For using same tag for staging and production we need to uncomment these two below lines:
# with:
# tagRegex: "production(.*)"
- name: Deploy to Cloudflare ☁️
uses: cloudflare/[email protected]
with:
apiToken: ${{ secrets.CLOUDFLARE_API_TOKEN }}
accountId: ${{ secrets.CLOUDFLARE_ACCOUNT_ID }}
command: pages deploy sites/row/public --project-name=row-deriv-com-pages --branch=main
- name: Cloudflare production link ✨
run: echo "New website - http://row-deriv-com-pages.pages.dev"
- name: upload-artifact
uses: actions/upload-artifact@v4
with:
name: production
path: sites/row/public
retention-days: 5
- name: Slack Notification 📣
uses: 8398a7/action-slack@28ba43ae48961b90635b50953d216767a6bea486
with:
status: ${{ job.status }}
fields: workflow,repo
if_mention: failure,cancelled
custom_payload: |
{
attachments: [{
color: '${{ job.status }}' === 'success' ? 'good' : '${{ job.status }}' === 'failure' ? 'danger' : 'warning',
text: `Release for *Deriv.com* with version *$GIT_TAG_NAME*`
}]
}
env:
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }}
if: always()
build_and_publish_to_docker_k8s:
runs-on: Runner_16cores
environment: production
needs: [release-production]
steps:
- name: Checkout 🛎️
uses: actions/[email protected]
- name: Setup Node
uses: actions/setup-node@v2
with:
node-version: '18.x'
- name: Download Artifact
uses: actions/download-artifact@v4
with:
name: production
path: sites/row/public
- name: Set version env variable
run: echo "GIT_TAG_NAME=$(cat sites/row/public/version.txt)" >> $GITHUB_ENV
- name: Building docker image 🐳
run: docker build -t ${{ secrets.DOCKERHUB_ORGANISATION }}/deriv-com:latest -t ${{ secrets.DOCKERHUB_ORGANISATION }}/deriv-com:$GIT_TAG_NAME .
- name: Verify nginx image
run: |
set -e
docker run --rm ${{ secrets.DOCKERHUB_ORGANISATION }}/deriv-com:$GIT_TAG_NAME nginx -t
echo "docker image validated successfully"
- name: Pushing Image to docker hub 🐳
run: |
echo ${{ secrets.DOCKERHUB_PASSWORD }}| docker login -u ${{ secrets.DOCKERHUB_USERNAME }} --password-stdin
docker push ${{ secrets.DOCKERHUB_ORGANISATION }}/deriv-com:latest
docker push ${{ secrets.DOCKERHUB_ORGANISATION }}/deriv-com:$GIT_TAG_NAME
- name: Deploy 🚀
id: build_and_push_docker_image
env:
KUBE_SERVER: ${{ secrets.KUBE_SERVER }}
SERVICEACCOUNT_TOKEN: ${{ secrets.SERVICEACCOUNT_TOKEN }}
CA_CRT: ${{ secrets.CA_CRT }}
NAMESPACE: deriv-com-production-row
DOCKERHUB_ORGANISATION: ${{ secrets.DOCKERHUB_ORGANISATION }}
run: |
git clone https://github.com/binary-com/devops-ci-scripts
cd devops-ci-scripts/k8s-build_tools
echo "${{ env.CA_CRT }}" | base64 --decode > ca.crt
export CA="ca.crt"
./release.sh deriv-com ${{ github.ref_name }}
- name: Send Slack Notification on Docker Publish and Kubernetes Deployment Failure
uses: 8398a7/action-slack@28ba43ae48961b90635b50953d216767a6bea486
with:
status: ${{ job.status }}
fields: workflow,repo
if_mention: failure,cancelled
custom_payload: |
{
attachments: [{
color: '${{ job.status }}' === 'failure' ? 'danger' : 'warning',
text: `Release for *Deriv.com* with version *$GIT_TAG_NAME* has failed`
}]
}
env:
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }}
if: failure()