Merge pull request #1617 from quadratichq/qa #61
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Deploy to Production | |
on: | |
push: | |
branches: | |
- main | |
paths: | |
- 'quadratic-multiplayer/**' | |
- 'quadratic-files/**' | |
- 'quadratic-core/**' | |
- 'quadratic-rust-shared/**' | |
- 'quadratic-connection/**' | |
- 'infra/**' | |
# Use runs on `ubuntu-latest-8-cores`. All of our self hosted runners use this tag. | |
# Our runners pick up jobs first, and if all our runners are being used or are down | |
# it will automatically back up to using GitHub hosted runners. | |
# Require previous builds and deployments to finish before starting a new one | |
# Not sure how Pulumi would handle being terminated when changing a stack. | |
concurrency: | |
group: production | |
jobs: | |
infra_production: | |
needs: | |
- multiplayer_production | |
- files_production | |
- connection_production | |
name: Update Infrastructure with Pulumi | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: actions/setup-node@v4 | |
with: | |
node-version: 18 | |
- uses: pulumi/actions@v4 | |
- name: Update Pulumi Infrastructure | |
working-directory: infra | |
run: | | |
npm ci | |
pulumi org set-default quadratic | |
pulumi stack select production | |
# Point to the Pulumi ESC Environment | |
cat <<EOF | tee Pulumi.production.yaml | |
environment: | |
- aws-infra-production | |
EOF | |
pulumi config set docker-image-tag ${{ github.sha }} | |
pulumi up -y | |
env: | |
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
PULUMI_ACCESS_TOKEN: ${{ secrets.PULUMI_ACCESS_TOKEN }} | |
multiplayer_production: | |
runs-on: ubuntu-latest-8-cores | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: actions/setup-node@v4 | |
with: | |
node-version: 18 | |
- name: Configure AWS Credentials | |
uses: aws-actions/configure-aws-credentials@v4 | |
with: | |
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
aws-region: ${{ secrets.AWS_REGION }} | |
- name: Login to Amazon ECR | |
id: login-ecr | |
uses: aws-actions/amazon-ecr-login@v2 | |
- name: Build, Tag, and Push Image to Amazon ECR | |
env: | |
ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }} | |
ECR_REPOSITORY: quadratic-multiplayer-production | |
IMAGE_TAG: ${{ github.sha }} | |
run: | | |
docker build -t $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG -f quadratic-multiplayer/Dockerfile . | |
docker push $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG | |
files_production: | |
runs-on: ubuntu-latest-8-cores | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: actions/setup-node@v4 | |
with: | |
node-version: 18 | |
- name: Configure AWS Credentials | |
uses: aws-actions/configure-aws-credentials@v4 | |
with: | |
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
aws-region: ${{ secrets.AWS_REGION }} | |
- name: Login to Amazon ECR | |
id: login-ecr | |
uses: aws-actions/amazon-ecr-login@v2 | |
- name: Build, Tag, and Push Image to Amazon ECR | |
env: | |
ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }} | |
ECR_REPOSITORY: quadratic-files-production | |
IMAGE_TAG: ${{ github.sha }} | |
run: | | |
docker build -t $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG -f quadratic-files/Dockerfile . | |
docker push $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG | |
connection_production: | |
runs-on: ubuntu-latest-8-cores | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: actions/setup-node@v4 | |
with: | |
node-version: 18 | |
- name: Configure AWS Credentials | |
uses: aws-actions/configure-aws-credentials@v4 | |
with: | |
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
aws-region: ${{ secrets.AWS_REGION }} | |
- name: Login to Amazon ECR | |
id: login-ecr | |
uses: aws-actions/amazon-ecr-login@v2 | |
- name: Build, Tag, and Push Image to Amazon ECR | |
env: | |
ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }} | |
ECR_REPOSITORY: quadratic-connection-production | |
IMAGE_TAG: ${{ github.sha }} | |
run: | | |
docker build -t $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG -f quadratic-connection/Dockerfile . | |
docker push $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG |