Skip to content

Pin another post

Pin another post #578

Workflow file for this run

name: build and deploy web app
on:
push:
branches:
- main
- deploy/**
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
jobs:
front_build:
strategy:
matrix:
apps: [prod, deploy]
isMaster:
- ${{ contains(github.ref, 'main') }}
isDeploy:
- ${{ startsWith(github.ref, 'refs/heads/deploy/') }}
exclude:
- isMaster: false
apps: prod
- isMaster: true
apps: deploy
name: Build ${{ matrix.apps }} Docker image
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Base ${{ matrix.apps }}
uses: './.github/actions/common-ci-setup'
with:
username_input: ${{ secrets.DOCKER_USERNAME }}
password_input: ${{ secrets.DOCKER_PASSWORD }}
app_input: ${{ matrix.apps }}
- name: Build production image
if: matrix.apps == 'prod'
uses: docker/build-push-action@v5
with:
context: .
builder: ${{ steps.buildx.outputs.name }}
file: docker/Dockerfile
push: true
build-args: |
GH_GA_ID=G-TP1XEFNHQD
GH_APP_KIND=grill
GH_HCAPTCHA_SITE_KEY=${{ secrets.PROD_HCAPTCHA_SITE_KEY }}
GH_AMP_ID=2eeca0e8a0163c89e3f023c971e426a6
GH_OFFCHAIN_SIGNER_URL=https://signer.subsocial.network
GH_CONNECTION_KIND=main
GH_SELLER_CLIENT_ID=${{ secrets.SELLER_CLIENT_ID }}
GH_SELLER_TOKEN_SIGNER=${{ secrets.SELLER_TOKEN_SIGNER }}
GH_SERVER_MNEMONIC=${{ secrets.SERVER_MNEMONIC }}
GH_NEXT_PUBLIC_DATAHUB_QUERY_URL=https://sub-data-hub.subsocial.network/graphql
GH_NEXT_PUBLIC_DATAHUB_SUBSCRIPTION_URL=wss://sub-data-hub.subsocial.network/graphql-ws
GH_NEXT_PUBLIC_APP_ID=1
GH_DATAHUB_QUEUE_URL=https://sub-queue-data-hub.subsocial.network/graphql
GH_DATAHUB_QUEUE_TOKEN=${{ secrets.DATAHUB_QUEUE_TOKEN }}
# GH_NEXT_PUBLIC_ENABLE_MAINTENANCE_PAGE=true
tags: |
${{ env.image }}
docker.io/dappforce/subsocial-web-app:master-latest
cache-from: type=local,src=/tmp/.buildx-cache
cache-to: type=local,dest=/tmp/.buildx-cache-new
- name: Build feature docker image
if: matrix.apps == 'deploy'
uses: docker/build-push-action@v5
with:
context: .
builder: ${{ steps.buildx.outputs.name }}
file: docker/Dockerfile
push: true
build-args: |
GH_GA_ID=fake
GH_APP_KIND=grill
GH_HCAPTCHA_SITE_KEY=3beeddac-2dce-41cc-8e18-338118426c38
GH_AMP_ID=71bf5a46800fedba5e9a01243b988164
GH_OFFCHAIN_SIGNER_URL=https://signer.subsocial.network
GH_CONNECTION_KIND=dev
GH_SELLER_CLIENT_ID=5DYm3Wk4aa1BbfhH1ajmY6MNEELXoicmKRnP4tzHYjSKnD9K
GH_SELLER_TOKEN_SIGNER=retire strong pole intact cool music high path salt praise stadium spatial
GH_SERVER_MNEMONIC=plunge pumpkin penalty segment cattle more print below fat lemon clap uniform
GH_NEXT_PUBLIC_DATAHUB_QUERY_URL=https://sub-data-hub.subsocial.network/graphql
GH_NEXT_PUBLIC_DATAHUB_SUBSCRIPTION_URL=wss://sub-data-hub.subsocial.network/graphql-ws
GH_DATAHUB_QUEUE_URL=https://sub-queue-data-hub.subsocial.network/graphql
GH_DATAHUB_QUEUE_TOKEN=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhZG1pbiI6dHJ1ZX0.jpXwkIJ4DpV4IvSI3eWVVXE6x89qr_GIq7IlbBv5YE0
GH_NEXT_PUBLIC_APP_ID=12364
# GH_NEXT_PUBLIC_ENABLE_MAINTENANCE_PAGE=true
tags: |
${{ env.image }}
cache-from: type=local,src=/tmp/.buildx-cache
cache-to: type=local,dest=/tmp/.buildx-cache-new
- name: Move cache
run: |
rm -rf /tmp/.buildx-cache
mv /tmp/.buildx-cache-new /tmp/.buildx-cache
front_deploy:
strategy:
matrix:
apps: [prod, deploy]
isMaster:
- ${{ contains(github.ref, 'main') }}
isDeploy:
- ${{ startsWith(github.ref, 'refs/heads/deploy/') }}
exclude:
- isMaster: false
apps: prod
- isMaster: true
apps: deploy
name: deploy ${{ matrix.apps }}
runs-on: ubuntu-latest
needs: front_build
steps:
- name: Checkout
uses: actions/checkout@v4
- name: prod deploy ${{ matrix.apps }}
if: github.ref == 'refs/heads/main'
uses: './.github/actions/common-cd-setup'
with:
token_input: ${{ secrets.DIGITALOCEAN_ACCESS_TOKEN_PROD }}
k8s_input: ${{ secrets.K8S_PROD }}
app_input: ${{ matrix.apps }}
zone_input: ${{ secrets.CF_ZONE }}
mail_input: ${{ secrets.CF_MAIL }}
tokens_input: ${{ secrets.CF_TOKEN }}
- name: stage deploy ${{ matrix.apps }}
if: startsWith(github.ref, 'refs/heads/deploy/')
uses: './.github/actions/common-cd-setup'
with:
token_input: ${{ secrets.DIGITALOCEAN_ACCESS_TOKEN_STAGING }}
k8s_input: ${{ secrets.K8S_STAGING }}
app_input: ${{ matrix.apps }}
zone_input: ${{ secrets.CF_ZONE }}
mail_input: ${{ secrets.CF_MAIL }}
tokens_input: ${{ secrets.CF_TOKEN }}