-
Notifications
You must be signed in to change notification settings - Fork 0
212 lines (196 loc) · 7.72 KB
/
build-and-upload-static.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
name: Build Docker image and push.
on:
workflow_call:
inputs:
runs-on:
required: true
description: Platform to execute on
type: string
build_container:
required: true
description: Base image to build
type: string
deploy_container:
required: true
description: Base image to deploy
type: string
install_packages_command:
required: true
description: Command to install packages
type: string
build_command:
required: true
description: Build command
type: string
path_to_static_files_to_upload:
required: true
description: Path to files to upload
type: string
build_static_files:
required: false
default: true
description: Build static files?
type: boolean
client_path:
required: false
default: "."
type: string
inject_ssm_secrets:
required: false
default: false
description: Inject ssm secrets?
type: boolean
ssm_environment:
required: false
type: string
stacking_lp:
required: false
type: string
secrets:
NETWORK_AWS_ACCESS_KEY_ID:
required: true
NETWORK_AWS_SECRET_ACCESS_KEY:
required: true
AWS_REGION:
required: true
S3_BUCKET_NAME:
required: true
CF_DISTRIBUTION_ID:
required: true
NPM_TOKEN:
required: false
jobs:
build-static-files:
if: ${{ inputs.build_static_files }}
name: Build static files
runs-on: ${{ fromJSON(inputs.runs-on) }}
container:
image: ${{ inputs.build_container }}
steps:
- uses: actions/checkout@v3
- name: Install system packages
run: |
apt update
apt install -y python3 libpq-dev make build-essential git
- name: Restore cache
uses: actions/cache@v2
with:
path: '${{ inputs.client_path }}/node_modules'
key: ${{ runner.os }}-modules-${{ hashFiles('${{ inputs.client_path }}/yarn.lock') }}
- name: Install packages
working-directory: ${{ inputs.client_path }}
run: ${{ inputs.install_packages_command }}
env:
NPM_TOKEN: ${{secrets.NPM_TOKEN}}
- name: Configure AWS Credentials
if: ${{ inputs.inject_ssm_secrets }}
uses: aws-actions/configure-aws-credentials@v1
with:
aws-access-key-id: ${{ secrets.NETWORK_AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.NETWORK_AWS_SECRET_ACCESS_KEY }}
aws-region: ${{ secrets.AWS_REGION }}
- name: Inject REACT_APP_CHAIN_ID
if: ${{ inputs.inject_ssm_secrets }}
uses: marvinpinto/action-inject-ssm-secrets@latest
with:
ssm_parameter: "/${{ inputs.ssm_environment }}-cere-staking-${{ inputs.stacking_lp }}-REACT_APP_CHAIN_ID"
env_variable_name: "REACT_APP_CHAIN_ID"
- name: Inject REACT_APP_STAKING_REWARDS_ADDRESS
if: ${{ inputs.inject_ssm_secrets }}
uses: marvinpinto/action-inject-ssm-secrets@latest
with:
ssm_parameter: "/${{ inputs.ssm_environment }}-cere-staking-${{ inputs.stacking_lp }}-REACT_APP_STAKING_REWARDS_ADDRESS"
env_variable_name: "REACT_APP_STAKING_REWARDS_ADDRESS"
- name: Inject REACT_APP_PAIR_CONTRACT_ADDRESS
if: ${{ inputs.inject_ssm_secrets }}
uses: marvinpinto/action-inject-ssm-secrets@latest
with:
ssm_parameter: "/${{ inputs.ssm_environment }}-cere-staking-${{ inputs.stacking_lp }}-REACT_APP_PAIR_CONTRACT_ADDRESS"
env_variable_name: "REACT_APP_PAIR_CONTRACT_ADDRESS"
- name: Inject REACT_APP_NETWORK_URL
if: ${{ inputs.inject_ssm_secrets }}
uses: marvinpinto/action-inject-ssm-secrets@latest
with:
ssm_parameter: "/${{ inputs.ssm_environment }}-cere-staking-${{ inputs.stacking_lp }}-REACT_APP_NETWORK_URL"
env_variable_name: "REACT_APP_NETWORK_URL"
- name: Inject REACT_APP_UNISWAP_CURRENCY_PAIR_URL
if: ${{ inputs.inject_ssm_secrets }}
uses: marvinpinto/action-inject-ssm-secrets@latest
with:
ssm_parameter: "/${{ inputs.ssm_environment }}-cere-staking-${{ inputs.stacking_lp }}-REACT_APP_UNISWAP_CURRENCY_PAIR_URL"
env_variable_name: "REACT_APP_UNISWAP_CURRENCY_PAIR_URL"
- name: Inject REACT_APP_STAKING_MODE
if: ${{ inputs.inject_ssm_secrets }}
uses: marvinpinto/action-inject-ssm-secrets@latest
with:
ssm_parameter: "/${{ inputs.ssm_environment }}-cere-staking-${{ inputs.stacking_lp }}-REACT_APP_STAKING_MODE"
env_variable_name: "REACT_APP_STAKING_MODE"
- name: Inject REACT_APP_STAKING_TOTAL_REWARD
if: ${{ inputs.inject_ssm_secrets }}
uses: marvinpinto/action-inject-ssm-secrets@latest
with:
ssm_parameter: "/${{ inputs.ssm_environment }}-cere-staking-${{ inputs.stacking_lp }}-REACT_APP_STAKING_TOTAL_REWARD"
env_variable_name: "REACT_APP_STAKING_TOTAL_REWARD"
- name: Inject REACT_APP_STAKING_CAMPAIGN_DURATION_IN_DAYS
if: ${{ inputs.inject_ssm_secrets }}
uses: marvinpinto/action-inject-ssm-secrets@latest
with:
ssm_parameter: "/${{ inputs.ssm_environment }}-cere-staking-${{ inputs.stacking_lp }}-REACT_APP_STAKING_CAMPAIGN_DURATION_IN_DAYS"
env_variable_name: "REACT_APP_STAKING_CAMPAIGN_DURATION_IN_DAYS"
- name: Inject INFURA_PROJECT_ID
if: ${{ inputs.inject_ssm_secrets }}
uses: marvinpinto/action-inject-ssm-secrets@latest
with:
ssm_parameter: "/${{ inputs.ssm_environment }}-cere-staking-${{ inputs.stacking_lp }}-INFURA_PROJECT_ID"
env_variable_name: "INFURA_PROJECT_ID"
- name: Build
working-directory: ${{ inputs.client_path }}
env:
CI: false
NPM_TOKEN: ${{secrets.NPM_TOKEN}}
run: ${{ inputs.build_command }}
- name: Prepare artifacts
uses: actions/upload-artifact@v2
with:
name: build
path: ${{ inputs.path_to_static_files_to_upload }}
deploy-static-files:
name: Deploy static files
needs: build-static-files
if: always() && (needs.build-static-files.result == 'success' || needs.build-static-files.result == 'skipped')
runs-on: ubuntu-latest
container:
image: ${{ inputs.deploy_container }}
steps:
- name: Restore build
if: ${{ inputs.build_static_files }}
uses: actions/download-artifact@v2
with:
name: build
path: build
- name: Checkout repository
if: ${{ !inputs.build_static_files }}
uses: actions/checkout@v3
with:
path: build
- name: Install aws-cli
env:
DEBIAN_FRONTEND: noninteractive
run: |
apt update
apt install -y awscli
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v1
with:
aws-access-key-id: ${{ secrets.NETWORK_AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.NETWORK_AWS_SECRET_ACCESS_KEY }}
aws-region: ${{ secrets.AWS_REGION }}
- name: Deploy
env:
S3_BUCKET: ${{ secrets.S3_BUCKET_NAME }}
CF_DISTRIBUTION_ID: ${{ secrets.CF_DISTRIBUTION_ID }}
run: |
aws s3 sync --metadata-directive="REPLACE" --delete --exclude ".*" build/ s3://${S3_BUCKET}
invalidation_id=$(aws cloudfront create-invalidation --distribution-id ${CF_DISTRIBUTION_ID} --paths "/*" --query Invalidation.Id)
inval_id=$(echo $invalidation_id | tr -d '"')
aws cloudfront wait invalidation-completed --distribution-id ${CF_DISTRIBUTION_ID} --id ${inval_id}