diff --git a/.github/workflows/gateway_testnet.yml b/.github/workflows/gateway_testnet.yml new file mode 100644 index 0000000..47b38a4 --- /dev/null +++ b/.github/workflows/gateway_testnet.yml @@ -0,0 +1,116 @@ +# The Licensed Work is (c) 2022 Sygma +# SPDX-License-Identifier: LGPL-3.0-only + +name: RPC-Gateway Testnet + +on: + release: + types: + - published + +env: + ENVIRONMENT: 'TESTNET' + REGISTRY: 'ghcr.io' + TAG: 'stable' + AWS_TESTNET: '${{ secrets.AWS_ARN }}' + +jobs: + push: + name: push + runs-on: ubuntu-latest + + permissions: + contents: read + id-token: write + + steps: + - name: checkout source code + uses: actions/checkout@v3 + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v2 + + - name: login to ghcr + id: ghcr + uses: docker/login-action@v2 + with: + registry: ${{ env.REGISTRY }} + username: ${{ github.repository_owner }} + password: ${{ secrets.GHCR_TOKEN }} + + - name: build / tag / push docker image into ghcr + id: build-and-push-tag + uses: docker/build-push-action@v3 + with: + context: . + push: true + tags: ${{ env.REGISTRY }}/${{ github.repository }}:${{ env.TAG }} + + - name: tag version / push docker image into ghcr + id: build-and-push-ref + uses: docker/build-push-action@v3 + with: + context: . + push: true + tags: ${{ env.REGISTRY }}/${{ github.repository }}:${{ github.ref_name }} + + - name: slack notify + uses: 8398a7/action-slack@v3 + with: + status: ${{ job.status }} + fields: repo,message,commit,author,action,job,eventName,ref,workflow + env: + SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} + if: always() + + + deploy: + needs: push + name: deploy + runs-on: ubuntu-latest + + permissions: + contents: read + id-token: write + + steps: + - name: checkout ecs repo + uses: actions/checkout@v3 + with: + repository: sygmaprotocol/devops + token: ${{ secrets.GHCR_TOKEN }} + + - name: render jinja2 templates to task definition json files + uses: cuchi/jinja2-action@v1.2.0 + with: + template: 'proxy_gateway/ecs/task_definition-${{ env.ENVIRONMENT }}.j2' + output_file: 'proxy_gateway/ecs/task_definition-${{ env.ENVIRONMENT }}.json' + data_format: json + variables: | + awsAccountId=${{ env.AWS_TESTNET }} + awsRegion=${{ secrets.AWS_REGION }} + awsEfs=${{ secrets.TESTNET_RPC_EFS }} + + - name: configure aws credentials + uses: aws-actions/configure-aws-credentials@v1 + with: + role-to-assume: arn:aws:iam::${{ env.AWS_TESTNET }}:role/github-actions-${{ env.ENVIRONMENT }}-chainbridge + aws-region: ${{ secrets.AWS_REGION }} + role-session-name: GithubActions + + - name: deploy task definition + uses: aws-actions/amazon-ecs-deploy-task-definition@v1 + with: + task-definition: 'proxy_gateway/ecs/task_definition-${{ env.ENVIRONMENT }}.json' + service: 'rpc-gateway-service-${{ env.ENVIRONMENT }}' + cluster: 'relayer-${{ env.ENVIRONMENT }}' + wait-for-service-stability: true + + - name: slack notify + uses: 8398a7/action-slack@v3 + with: + status: ${{ job.status }} + fields: repo,message,commit,author,action,job,eventName,ref,workflow + env: + SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} + if: always() \ No newline at end of file diff --git a/Dockerfile b/Dockerfile index 07ea105..cc31055 100644 --- a/Dockerfile +++ b/Dockerfile @@ -16,7 +16,6 @@ RUN apk add --update-cache --no-cache \ COPY --from=builder /src/rpc-gateway /app/ -VOLUME ["/app"] - USER nobody -CMD ["/app/rpc-gateway"] +LABEL org.opencontainers.image.source https://github.com/sygmaprotocol/rpc-gateway +ENTRYPOINT ["/app/rpc-gateway"] \ No newline at end of file