diff --git a/.github/workflows/deploy-production.yaml b/.github/workflows/deploy-production.yaml index 8a92f906..60bfc1e1 100644 --- a/.github/workflows/deploy-production.yaml +++ b/.github/workflows/deploy-production.yaml @@ -1,62 +1,62 @@ -name: Deploy https://starkcompass.com/ - -concurrency: - group: ${{ github.workflow }} - -on: - push: - tags: - - v** - -jobs: - - build-deploy: - name: Build and deploy to production - runs-on: ubuntu-latest - environment: - name: production - url: https://starkcompass.com/ - steps: - - - name: Checkout - uses: actions/checkout@v3.3.0 - - - name: Create ssh private key file from env var - env: - SSH_KEY: ${{ secrets.SSH_KEY }} - run: | - set -ex - sed -E 's/(-+(BEGIN|END) OPENSSH PRIVATE KEY-+) *| +/\1\n/g' <<< "$SSH_KEY" > id_ed25519_production - chmod 400 id_ed25519_production - - - name: Install ansible - run: | - pip install ansible - - - name: "Deploy with ansible" - env: - MIX_ENV: ${{ vars.MIX_ENV }} - DB_TYPE: ${{ vars.DB_TYPE }} - DATABASE_URL: ${{ secrets.DATABASE_URL }} - SECRET_KEY_BASE: ${{ secrets.SECRET_KEY_BASE }} - PHX_HOST: ${{ vars.PHX_HOST }} - PHX_SERVER: ${{ vars.PHX_SERVER }} - RPC_API_HOST: ${{ secrets.RPC_API_HOST }} - TESTNET_RPC_API_HOST: ${{ secrets.TESTNET_RPC_API_HOST }} - AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} - AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} - AWS_REGION: ${{ vars.AWS_REGION }} - PROVER_STORAGE: ${{ vars.PROVER_STORAGE }} - ANSIBLE_SSH_PKEY_DIR: "./id_ed25519_production" - SSH_HOST: ${{ vars.SSH_HOST }} - GIT_BRANCH: ${{ github.head_ref || github.ref_name }} - ANSIBLE_STDOUT_CALLBACK: "yaml" - NEWRELIC_KEY: ${{ secrets.NEWRELIC_KEY }} - NEWRELIC_APP_NAME: ${{ vars.NEWRELIC_APP_NAME }} - SENTRY_ENV: "production" - SENTRY_DSN: ${{ secrets.SENTRY_DSN }} - ENABLE_MAINNET_SYNC: "true" - ENABLE_TESTNET_SYNC: "true" - ENABLE_GATEWAY_DATA: "true" - run: | - ansible-playbook -i ansible/inventory.yaml ansible/playbooks/deployment.yaml +# name: Deploy https://starkcompass.com/ + +# concurrency: +# group: ${{ github.workflow }} + +# on: +# push: +# tags: +# - v** + +# jobs: + +# build-deploy: +# name: Build and deploy to production +# runs-on: ubuntu-latest +# environment: +# name: production +# url: https://starkcompass.com/ +# steps: + +# - name: Checkout +# uses: actions/checkout@v3.3.0 + +# - name: Create ssh private key file from env var +# env: +# SSH_KEY: ${{ secrets.SSH_KEY }} +# run: | +# set -ex +# sed -E 's/(-+(BEGIN|END) OPENSSH PRIVATE KEY-+) *| +/\1\n/g' <<< "$SSH_KEY" > id_ed25519_production +# chmod 400 id_ed25519_production + +# - name: Install ansible +# run: | +# pip install ansible + +# - name: "Deploy with ansible" +# env: +# MIX_ENV: ${{ vars.MIX_ENV }} +# DB_TYPE: ${{ vars.DB_TYPE }} +# DATABASE_URL: ${{ secrets.DATABASE_URL }} +# SECRET_KEY_BASE: ${{ secrets.SECRET_KEY_BASE }} +# PHX_HOST: ${{ vars.PHX_HOST }} +# PHX_SERVER: ${{ vars.PHX_SERVER }} +# RPC_API_HOST: ${{ secrets.RPC_API_HOST }} +# TESTNET_RPC_API_HOST: ${{ secrets.TESTNET_RPC_API_HOST }} +# AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} +# AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} +# AWS_REGION: ${{ vars.AWS_REGION }} +# PROVER_STORAGE: ${{ vars.PROVER_STORAGE }} +# ANSIBLE_SSH_PKEY_DIR: "./id_ed25519_production" +# SSH_HOST: ${{ vars.SSH_HOST }} +# GIT_BRANCH: ${{ github.head_ref || github.ref_name }} +# ANSIBLE_STDOUT_CALLBACK: "yaml" +# NEWRELIC_KEY: ${{ secrets.NEWRELIC_KEY }} +# NEWRELIC_APP_NAME: ${{ vars.NEWRELIC_APP_NAME }} +# SENTRY_ENV: "production" +# SENTRY_DSN: ${{ secrets.SENTRY_DSN }} +# ENABLE_MAINNET_SYNC: "true" +# ENABLE_TESTNET_SYNC: "true" +# ENABLE_GATEWAY_DATA: "true" +# run: | +# ansible-playbook -i ansible/inventory.yaml ansible/playbooks/deployment.yaml diff --git a/.github/workflows/deploy-testing.yaml b/.github/workflows/deploy-testing.yaml index 7fbf8538..9786dac5 100644 --- a/.github/workflows/deploy-testing.yaml +++ b/.github/workflows/deploy-testing.yaml @@ -1,72 +1,72 @@ -name: Deploy https://testing.starkcompass.com/ +# name: Deploy https://testing.starkcompass.com/ -concurrency: - group: ${{ github.workflow }} +# concurrency: +# group: ${{ github.workflow }} -on: - push: - branches: - - main - workflow_dispatch: +# on: +# push: +# branches: +# - main +# workflow_dispatch: -jobs: +# jobs: - build-deploy: - name: Build and deploy to testing - runs-on: ubuntu-latest - environment: - name: testing - url: https://testing.starkcompass.com/ +# build-deploy: +# name: Build and deploy to testing +# runs-on: ubuntu-latest +# environment: +# name: testing +# url: https://testing.starkcompass.com/ - steps: - - name: Checkout - uses: actions/checkout@v3.3.0 +# steps: +# - name: Checkout +# uses: actions/checkout@v3.3.0 - - name: Tailscale - uses: tailscale/github-action@v2 - with: - oauth-client-id: ${{ secrets.TS_OAUTH_CLIENT_ID }} - oauth-secret: ${{ secrets.TS_OAUTH_SECRET }} - tags: tag:server +# - name: Tailscale +# uses: tailscale/github-action@v2 +# with: +# oauth-client-id: ${{ secrets.TS_OAUTH_CLIENT_ID }} +# oauth-secret: ${{ secrets.TS_OAUTH_SECRET }} +# tags: tag:server - - name: Create ssh private key file from env var - env: - SSH_KEY: ${{ secrets.SSH_KEY }} - TS_HOST: ${{ vars.TS_HOST }} - run: | - mkdir -p ~/.ssh/ - sed -E 's/(-+(BEGIN|END) OPENSSH PRIVATE KEY-+) *| +/\1\n/g' <<< "$SSH_KEY" > ~/.ssh/id_ed25519 - chmod 400 ~/.ssh/id_ed25519 - retries=5; until ssh-keyscan $TS_HOST >> ~/.ssh/known_hosts || [ $retries -eq 0 ]; do ((retries--)); sleep 5; done +# - name: Create ssh private key file from env var +# env: +# SSH_KEY: ${{ secrets.SSH_KEY }} +# TS_HOST: ${{ vars.TS_HOST }} +# run: | +# mkdir -p ~/.ssh/ +# sed -E 's/(-+(BEGIN|END) OPENSSH PRIVATE KEY-+) *| +/\1\n/g' <<< "$SSH_KEY" > ~/.ssh/id_ed25519 +# chmod 400 ~/.ssh/id_ed25519 +# retries=5; until ssh-keyscan $TS_HOST >> ~/.ssh/known_hosts || [ $retries -eq 0 ]; do ((retries--)); sleep 5; done - - name: Install ansible - run: | - pip install ansible +# - name: Install ansible +# run: | +# pip install ansible - - name: "Deploy with ansible" - env: - MIX_ENV: ${{ vars.MIX_ENV }} - DB_TYPE: ${{ vars.DB_TYPE }} - DATABASE_URL: ${{ secrets.DATABASE_URL }} - SECRET_KEY_BASE: ${{ secrets.SECRET_KEY_BASE }} - PHX_HOST: ${{ vars.PHX_HOST }} - PHX_SERVER: ${{ vars.PHX_SERVER }} - RPC_API_HOST: ${{ secrets.RPC_API_HOST }} - TESTNET_RPC_API_HOST: ${{ secrets.TESTNET_RPC_API_HOST }} - AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} - AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} - AWS_REGION: ${{ vars.AWS_REGION }} - PROVER_STORAGE: ${{ vars.PROVER_STORAGE }} - ANSIBLE_SSH_PKEY_DIR: "~/.ssh/id_ed25519" - TS_HOST: ${{ vars.TS_HOST }} - GIT_BRANCH: ${{ github.head_ref || github.ref_name }} - ANSIBLE_STDOUT_CALLBACK: "yaml" - ENABLE_MAINNET_SYNC: "true" - ENABLE_TESTNET_SYNC: "true" - ENABLE_GATEWAY_DATA: "true" - NEWRELIC_KEY: ${{ secrets.NEWRELIC_KEY }} - NEWRELIC_APP_NAME: ${{ vars.NEWRELIC_APP_NAME }} - SENTRY_ENV: "testing" - SENTRY_DSN: ${{ secrets.SENTRY_DSN }} - run: | - ansible-playbook -i ansible/inventory.yaml ansible/playbooks/deployment.yaml +# - name: "Deploy with ansible" +# env: +# MIX_ENV: ${{ vars.MIX_ENV }} +# DB_TYPE: ${{ vars.DB_TYPE }} +# DATABASE_URL: ${{ secrets.DATABASE_URL }} +# SECRET_KEY_BASE: ${{ secrets.SECRET_KEY_BASE }} +# PHX_HOST: ${{ vars.PHX_HOST }} +# PHX_SERVER: ${{ vars.PHX_SERVER }} +# RPC_API_HOST: ${{ secrets.RPC_API_HOST }} +# TESTNET_RPC_API_HOST: ${{ secrets.TESTNET_RPC_API_HOST }} +# AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} +# AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} +# AWS_REGION: ${{ vars.AWS_REGION }} +# PROVER_STORAGE: ${{ vars.PROVER_STORAGE }} +# ANSIBLE_SSH_PKEY_DIR: "~/.ssh/id_ed25519" +# TS_HOST: ${{ vars.TS_HOST }} +# GIT_BRANCH: ${{ github.head_ref || github.ref_name }} +# ANSIBLE_STDOUT_CALLBACK: "yaml" +# ENABLE_MAINNET_SYNC: "true" +# ENABLE_TESTNET_SYNC: "true" +# ENABLE_GATEWAY_DATA: "true" +# NEWRELIC_KEY: ${{ secrets.NEWRELIC_KEY }} +# NEWRELIC_APP_NAME: ${{ vars.NEWRELIC_APP_NAME }} +# SENTRY_ENV: "testing" +# SENTRY_DSN: ${{ secrets.SENTRY_DSN }} +# run: | +# ansible-playbook -i ansible/inventory.yaml ansible/playbooks/deployment.yaml diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 5bee3e71..a9d57328 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -1,118 +1,118 @@ ---- -name: Workflow - Release - -on: - workflow_dispatch: - inputs: - release_tag_name: - description: "Release tag name" - type: string - required: true - workflow_call: - inputs: - release_tag_name: - description: "Release tag name" - type: string - required: true - release: - types: [published] - -env: - REGISTRY_IMAGE: ghcr.io/${{ github.repository }} - -jobs: - build: - runs-on: ubuntu-latest - strategy: - fail-fast: false - matrix: - platform: - - linux/amd64 - - linux/arm64 - steps: - - name: Checkout - uses: actions/checkout@v3 - - - name: Docker meta - id: meta - uses: docker/metadata-action@v4 - with: - images: ${{ env.REGISTRY_IMAGE }} - tags: | - type=raw,value=${{ inputs.release_tag_name }} - - - name: Set up QEMU - uses: docker/setup-qemu-action@v2 - - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v2 - - - name: Login to GitHub Container Registry - uses: docker/login-action@v2 - with: - registry: ghcr.io - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} - - - name: Build and push by digest - id: build - uses: docker/build-push-action@v4 - with: - context: . - file: Dockerfile - platforms: ${{ matrix.platform }} - labels: ${{ steps.meta.outputs.labels }} - outputs: - type=image,name=${{ env.REGISTRY_IMAGE - }},push-by-digest=true,name-canonical=true,push=true - - - name: Export digest - run: | - mkdir -p /tmp/digests - digest="${{ steps.build.outputs.digest }}" - touch "/tmp/digests/${digest#sha256:}" - - - name: Upload digest - uses: actions/upload-artifact@v3 - with: - name: digests - path: /tmp/digests/* - if-no-files-found: error - retention-days: 1 - - merge: - runs-on: ubuntu-latest - needs: - - build - steps: - - name: Download digests - uses: actions/download-artifact@v3 - with: - name: digests - path: /tmp/digests - - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v2 - - - name: Docker meta - id: meta - uses: docker/metadata-action@v4 - with: - images: ${{ env.REGISTRY_IMAGE }} - - - name: Login to GitHub Container Registry - uses: docker/login-action@v2 - with: - registry: ghcr.io - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} - - - name: Create manifest list and push - working-directory: /tmp/digests - run: | - docker buildx imagetools create $(jq -cr '.tags | map("-t " + .) | join(" ")' <<< "$DOCKER_METADATA_OUTPUT_JSON") \ - $(printf '${{ env.REGISTRY_IMAGE }}@sha256:%s ' *) - - - name: Inspect image - run: | - docker buildx imagetools inspect ${{ env.REGISTRY_IMAGE }}:${{ steps.meta.outputs.version }} +# --- +# name: Workflow - Release + +# on: +# workflow_dispatch: +# inputs: +# release_tag_name: +# description: "Release tag name" +# type: string +# required: true +# workflow_call: +# inputs: +# release_tag_name: +# description: "Release tag name" +# type: string +# required: true +# release: +# types: [published] + +# env: +# REGISTRY_IMAGE: ghcr.io/${{ github.repository }} + +# jobs: +# build: +# runs-on: ubuntu-latest +# strategy: +# fail-fast: false +# matrix: +# platform: +# - linux/amd64 +# - linux/arm64 +# steps: +# - name: Checkout +# uses: actions/checkout@v3 + +# - name: Docker meta +# id: meta +# uses: docker/metadata-action@v4 +# with: +# images: ${{ env.REGISTRY_IMAGE }} +# tags: | +# type=raw,value=${{ inputs.release_tag_name }} + +# - name: Set up QEMU +# uses: docker/setup-qemu-action@v2 + +# - name: Set up Docker Buildx +# uses: docker/setup-buildx-action@v2 + +# - name: Login to GitHub Container Registry +# uses: docker/login-action@v2 +# with: +# registry: ghcr.io +# username: ${{ github.actor }} +# password: ${{ secrets.GITHUB_TOKEN }} + +# - name: Build and push by digest +# id: build +# uses: docker/build-push-action@v4 +# with: +# context: . +# file: Dockerfile +# platforms: ${{ matrix.platform }} +# labels: ${{ steps.meta.outputs.labels }} +# outputs: +# type=image,name=${{ env.REGISTRY_IMAGE +# }},push-by-digest=true,name-canonical=true,push=true + +# - name: Export digest +# run: | +# mkdir -p /tmp/digests +# digest="${{ steps.build.outputs.digest }}" +# touch "/tmp/digests/${digest#sha256:}" + +# - name: Upload digest +# uses: actions/upload-artifact@v3 +# with: +# name: digests +# path: /tmp/digests/* +# if-no-files-found: error +# retention-days: 1 + +# merge: +# runs-on: ubuntu-latest +# needs: +# - build +# steps: +# - name: Download digests +# uses: actions/download-artifact@v3 +# with: +# name: digests +# path: /tmp/digests + +# - name: Set up Docker Buildx +# uses: docker/setup-buildx-action@v2 + +# - name: Docker meta +# id: meta +# uses: docker/metadata-action@v4 +# with: +# images: ${{ env.REGISTRY_IMAGE }} + +# - name: Login to GitHub Container Registry +# uses: docker/login-action@v2 +# with: +# registry: ghcr.io +# username: ${{ github.actor }} +# password: ${{ secrets.GITHUB_TOKEN }} + +# - name: Create manifest list and push +# working-directory: /tmp/digests +# run: | +# docker buildx imagetools create $(jq -cr '.tags | map("-t " + .) | join(" ")' <<< "$DOCKER_METADATA_OUTPUT_JSON") \ +# $(printf '${{ env.REGISTRY_IMAGE }}@sha256:%s ' *) + +# - name: Inspect image +# run: | +# docker buildx imagetools inspect ${{ env.REGISTRY_IMAGE }}:${{ steps.meta.outputs.version }}