Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

ci: update CD process #421

Merged
merged 13 commits into from
Oct 5, 2023
122 changes: 122 additions & 0 deletions .github/workflows/ci.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,9 @@ on:
jobs:
build-publish:
runs-on: ubuntu-latest
outputs:
docker_image_digest: ${{ steps.docker_push.outputs.digest }}
new_release_published: ${{ steps.semantic.outputs.new_release_published }}
steps:
- uses: actions/checkout@v2
with:
Expand Down Expand Up @@ -70,10 +73,129 @@ jobs:

- name: Build/Tag/Push Image
uses: docker/build-push-action@v2
id: docker_push
with:
context: .
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
file: ./dockerfiles/components/chainhook-node.dockerfile
# Only push if (there's a new release on main branch, or if building a non-main branch) and (Only run on non-PR events or only PRs that aren't from forks)
push: ${{ (github.ref != 'refs/heads/master' || steps.semantic.outputs.new_release_version != '') && (github.event_name != 'pull_request' || github.event.pull_request.head.repo.full_name == github.repository) }}

deploy-dev:
runs-on: ubuntu-latest
strategy:
matrix:
deantchi marked this conversation as resolved.
Show resolved Hide resolved
k8s-env: [mainnet,testnet]
needs:
- build-publish
if: github.event_name != 'pull_request' || github.event.pull_request.head.repo.full_name == github.repository
env:
DEPLOY_ENV: dev
environment:
name: Development
deantchi marked this conversation as resolved.
Show resolved Hide resolved
steps:
- name: Checkout actions repo
uses: actions/checkout@v4
with:
ref: main
token: ${{ secrets.GH_TOKEN }}
repository: ${{ secrets.DEVOPS_ACTIONS_REPO }}

- name: Deploy Chainhook build to Dev
uses: ./actions/deploy
with:
docker_tag: ${{ needs.build-publish.outputs.docker_image_digest }}
CharlieC3 marked this conversation as resolved.
Show resolved Hide resolved
k8s_repo: k8s
k8s_branch: next
file_pattern: manifests/chainhooks/${{ matrix.k8s-env }}/chainhook-node/${{ env.DEPLOY_ENV }}/base/kustomization.yaml
gh_token: ${{ secrets.GH_TOKEN }}


auto-approve-dev:
runs-on: ubuntu-latest
if: needs.build-publish.outputs.new_release_published == 'true' && (github.event_name != 'pull_request' || github.event.pull_request.head.repo.full_name == github.repository)
needs:
- build-publish
steps:
- name: Approve pending deployment
run: |
sleep 5
ENV_ID=$(curl -s -H "Authorization: token ${{ secrets.GITHUB_TOKEN }}" -H "Accept: application/vnd.github.v3+json" "https://api.github.com/repos/hirosystems/chainhook/actions/runs/${{ github.run_id }}/pending_deployments" | jq -r '.[0].environment.id // empty')
if [[ -n "${ENV_ID}" ]]; then
curl -s -X POST -H "Authorization: token ${{ secrets.GITHUB_TOKEN }}" -H "Accept: application/vnd.github.v3+json" "https://api.github.com/repos/hirosystems/chainhook/actions/runs/${{ github.run_id }}/pending_deployments" -d "{\"environment_ids\":[${ENV_ID}],\"state\":\"approved\",\"comment\":\"auto approve\"}"
fi

deploy-staging:
runs-on: ubuntu-latest
strategy:
matrix:
k8s-env: [mainnet,testnet]
needs:
- build-publish
- deploy-dev
if: github.event_name != 'pull_request' || github.event.pull_request.head.repo.full_name == github.repository
env:
DEPLOY_ENV: stg
environment:
name: Staging
steps:
- name: Checkout actions repo
uses: actions/checkout@v4
with:
ref: main
token: ${{ secrets.GH_TOKEN }}
repository: ${{ secrets.DEVOPS_ACTIONS_REPO }}

- name: Deploy Chainhook build to Stg
uses: ./actions/deploy
with:
docker_tag: ${{ needs.build-publish.outputs.docker_image_digest }}
k8s_repo: k8s
k8s_branch: next
file_pattern: manifests/chainhooks/${{ matrix.k8s-env }}/chainhook-node/${{ env.DEPLOY_ENV }}/base/kustomization.yaml
gh_token: ${{ secrets.GH_TOKEN }}

auto-approve-stg:
runs-on: ubuntu-latest
if: needs.build-publish.outputs.new_release_published == 'true' && (github.event_name != 'pull_request' || github.event.pull_request.head.repo.full_name == github.repository)
needs:
- build-publish
steps:
- name: Approve pending deployment
run: |
sleep 5
ENV_ID=$(curl -s -H "Authorization: token ${{ secrets.GITHUB_TOKEN }}" -H "Accept: application/vnd.github.v3+json" "https://api.github.com/repos/hirosystems/chainhook/actions/runs/${{ github.run_id }}/pending_deployments" | jq -r '.[0].environment.id // empty')
if [[ -n "${ENV_ID}" ]]; then
curl -s -X POST -H "Authorization: token ${{ secrets.GITHUB_TOKEN }}" -H "Accept: application/vnd.github.v3+json" "https://api.github.com/repos/hirosystems/chainhook/actions/runs/${{ github.run_id }}/pending_deployments" -d "{\"environment_ids\":[${ENV_ID}],\"state\":\"approved\",\"comment\":\"auto approve\"}"
fi

deploy-prod:
runs-on: ubuntu-latest
strategy:
matrix:
k8s-env: [mainnet,testnet]
needs:
- build-publish
- deploy-staging
if: needs.build-publish-release.outputs.new_release_published == 'true' && (github.event_name != 'pull_request' || github.event.pull_request.head.repo.full_name == github.repository)
deantchi marked this conversation as resolved.
Show resolved Hide resolved
env:
DEPLOY_ENV: prd
environment:
name: Production
steps:
- name: Checkout actions repo
uses: actions/checkout@v4
with:
ref: main
token: ${{ secrets.GH_TOKEN }}
repository: ${{ secrets.DEVOPS_ACTIONS_REPO }}

- name: Deploy Chainhook build to Prd
uses: ./actions/deploy
with:
docker_tag: ${{ needs.build-publish.outputs.docker_image_digest }}
k8s_repo: k8s
k8s_branch: next
file_pattern: manifests/chainhooks/${{ matrix.k8s-env }}/chainhook-node/${{ env.DEPLOY_ENV }}/base/kustomization.yaml
gh_token: ${{ secrets.GH_TOKEN }}