From 74185897c4f3e62abefbb46c1f215b3acb668042 Mon Sep 17 00:00:00 2001 From: Isah Idris <58168886+eedygreen@users.noreply.github.com> Date: Wed, 29 May 2024 21:13:13 +0100 Subject: [PATCH 1/2] pipeline upgrade & visibility of image versions --- .github/workflows/gateway_testnet.yml | 21 +++++++-------------- 1 file changed, 7 insertions(+), 14 deletions(-) diff --git a/.github/workflows/gateway_testnet.yml b/.github/workflows/gateway_testnet.yml index 47b38a4..8247c0c 100644 --- a/.github/workflows/gateway_testnet.yml +++ b/.github/workflows/gateway_testnet.yml @@ -25,14 +25,14 @@ jobs: steps: - name: checkout source code - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v2 + uses: docker/setup-buildx-action@v3 - name: login to ghcr id: ghcr - uses: docker/login-action@v2 + uses: docker/login-action@v3 with: registry: ${{ env.REGISTRY }} username: ${{ github.repository_owner }} @@ -44,15 +44,7 @@ jobs: with: context: . push: true - tags: ${{ env.REGISTRY }}/${{ github.repository }}:${{ env.TAG }} - - - name: tag version / push docker image into ghcr - id: build-and-push-ref - uses: docker/build-push-action@v3 - with: - context: . - push: true - tags: ${{ env.REGISTRY }}/${{ github.repository }}:${{ github.ref_name }} + tags: ${{ env.REGISTRY }}/${{ github.repository }}:${{ env.TAG }},${{ env.REGISTRY }}/${{ github.repository }}:${{ github.ref_name }} - name: slack notify uses: 8398a7/action-slack@v3 @@ -75,7 +67,7 @@ jobs: steps: - name: checkout ecs repo - uses: actions/checkout@v3 + uses: actions/checkout@v4 with: repository: sygmaprotocol/devops token: ${{ secrets.GHCR_TOKEN }} @@ -90,9 +82,10 @@ jobs: awsAccountId=${{ env.AWS_TESTNET }} awsRegion=${{ secrets.AWS_REGION }} awsEfs=${{ secrets.TESTNET_RPC_EFS }} + imageTag=${{ github.ref_name }} - name: configure aws credentials - uses: aws-actions/configure-aws-credentials@v1 + uses: aws-actions/configure-aws-credentials@v4 with: role-to-assume: arn:aws:iam::${{ env.AWS_TESTNET }}:role/github-actions-${{ env.ENVIRONMENT }}-chainbridge aws-region: ${{ secrets.AWS_REGION }} From 90a8c1549e7740406e8a4ab307ad7f9628dd3bef Mon Sep 17 00:00:00 2001 From: Isah Idris <58168886+eedygreen@users.noreply.github.com> Date: Thu, 30 May 2024 13:02:40 +0100 Subject: [PATCH 2/2] mainnet CD pipeline --- .github/workflows/gateway_mainnet.yml | 73 +++++++++++++++++++++++++++ 1 file changed, 73 insertions(+) create mode 100644 .github/workflows/gateway_mainnet.yml diff --git a/.github/workflows/gateway_mainnet.yml b/.github/workflows/gateway_mainnet.yml new file mode 100644 index 0000000..df5b5f4 --- /dev/null +++ b/.github/workflows/gateway_mainnet.yml @@ -0,0 +1,73 @@ +name: RPC-Gateway Mainnet + +on: + workflow_dispatch: + inputs: + release_tag: + description: 'The Release tag Version' + required: false + type: string + + +env: + AWS_REGION: '${{ secrets.AWS_REGION }}' + ENVIRONMENT: MAINNET + AWS_MAINNET: '${{ secrets.AWS_MAINNET }}' + REGISTRY: 'ghcr.io' + +jobs: + deploy: + name: deploy + runs-on: ubuntu-latest + + permissions: + contents: read + id-token: write + actions: write + + steps: + - name: checkout the source code + uses: actions/checkout@v4 + + - name: checkout ecs repo + uses: actions/checkout@v3 + with: + repository: sygmaprotocol/devops + token: ${{ secrets.GHCR_TOKEN }} + ref: main + + - name: render jinja2 templates to task definition json files + uses: cuchi/jinja2-action@v1.2.0 + with: + template: 'proxy_gateway/ecs/task_definition-${{ env.ENVIRONMENT }}.j2' + output_file: 'proxy_gateway/ecs/task_definition-${{ env.ENVIRONMENT }}.json' + data_format: json + variables: | + awsAccountId=${{ env.AWS_MAINNET }} + awsRegion=${{ env.AWS_REGION }} + awsEnv=${{ env.ENVIRONMENT }} + imageTag=${{ inputs.release_tag }} + + - name: Configure AWS Credentials + uses: aws-actions/configure-aws-credentials@v4 + with: + role-to-assume: arn:aws:iam::${{ env.AWS_MAINNET }}:role/github-actions-${{ env.ENVIRONMENT }}-sygma + aws-region: ${{ env.AWS_REGION }} + role-session-name: GithubActions + + - name: Deploy to Amazon ECS + uses: aws-actions/amazon-ecs-deploy-task-definition@v1 + with: + task-definition: 'proxy_gateway/ecs/task_definition-${{ env.ENVIRONMENT }}.json' + service: rpc-service-${{ env.ENVIRONMENT }} + cluster: relayer-${{ env.ENVIRONMENT }} + wait-for-service-stability: true + + - name: slack notify + uses: 8398a7/action-slack@v3 + with: + status: ${{ job.status }} + fields: repo,message,commit,author,action,job,eventName,ref,workflow + env: + SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} + if: always()