Fix/DF-20799 multiline env (#3617) #649
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# This action acts as a signal dispatcher that fires whenever the release process has | |
# successfully completed. The listening workflow within the infra-k8s repository has | |
# a corresponding event handler to generate releases based on this signal | |
name: Deploy | |
on: | |
push: | |
branches: | |
- main | |
# The only commits that will contain changes to the masterlist will be releases | |
paths-ignore: | |
- 'MASTERLIST.md' | |
- 'package.json' | |
- '.changeset/**' | |
- 'packages/**/CHANGELOG.md' | |
- 'packages/**/README.md' | |
- 'packages/**/package.json' | |
workflow_dispatch: | |
inputs: | |
# For this workflow, BUILD_ALL will cause all adapters to have their image built and deployed | |
build-all: | |
description: whether to run steps for all adapters, regardless of whether they were changed in this event | |
required: false | |
default: 'false' | |
concurrency: | |
group: deploy-and-release | |
cancel-in-progress: false | |
jobs: | |
calculate-changes: | |
name: Compute changed adapters | |
runs-on: [ubuntu-latest] | |
outputs: | |
adapter-list: ${{ steps.changed-adapters.outputs.CHANGED_ADAPTERS }} | |
tmp-branch: ${{ steps.push-branch.outputs.TMP_BRANCH }} | |
steps: | |
- name: Checkout Repo | |
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
with: | |
fetch-depth: 2 | |
- name: Set up and install dependencies | |
uses: ./.github/actions/setup | |
with: | |
skip-setup: true | |
- name: Build list of changed packages and changed adapters | |
id: changed-adapters | |
env: | |
UPSTREAM_BRANCH: HEAD~1 | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
run: | | |
# The deployment will overwrite existing ones, so in order to calculate all adapters that have been changed, | |
# we can mock running the changesets version command to have them present in the diff. | |
# Additionally, running the changeset version will cause the images we publish here to have the proper increased version. | |
yarn changeset version | |
# If there are changes, commit them and calculate the adapters. | |
# If there are no changes, we don't need to deploy anything :) | |
if [[ `git status --porcelain` ]]; then | |
git commit -am "Mock changesets" | |
fi | |
./.github/scripts/changed-adapters.sh | |
# Since we want to publish with the versions updated, we need to store the changes we've made to a temporary branch | |
- name: Publish branch | |
id: push-branch | |
if: steps.changed-adapters.outputs.CHANGED_ADAPTERS != '[]' | |
run: | | |
export TMP_BRANCH="tmp-deploy-$(git rev-parse HEAD)" | |
git checkout -b tmp-deploy-$(git rev-parse HEAD) | |
git push origin tmp-deploy-$(git rev-parse HEAD) | |
echo "TMP_BRANCH=$TMP_BRANCH" >> $GITHUB_OUTPUT | |
publish-adapter-images: | |
name: Build and publish ${{ matrix.adapter.shortName }} | |
runs-on: ubuntu-latest | |
needs: | |
- calculate-changes | |
if: needs.calculate-changes.outputs.adapter-list != '[]' | |
environment: release | |
permissions: # These are needed for the configure-aws-credentials action | |
id-token: write | |
contents: read | |
strategy: | |
max-parallel: 20 | |
matrix: ${{fromJson(needs.calculate-changes.outputs.adapter-list)}} | |
env: | |
ECR_URL: ${{ secrets.SDLC_ACCOUNT_ID }}.dkr.ecr.${{ secrets.AWS_REGION_ECR_PRIVATE }}.amazonaws.com | |
ECR_REPO: adapters/${{ matrix.adapter.shortName }}-adapter | |
IMAGE_VERSION: ${{ matrix.adapter.version }} | |
steps: | |
- name: Check out code | |
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
with: | |
ref: ${{ needs.calculate-changes.outputs.tmp-branch }} | |
- name: Build the adapter image | |
uses: docker/build-push-action@4f58ea79222b3b9dc2c8bbdd6debcef730109a75 # v6.9.0 | |
with: | |
context: . | |
push: false | |
tags: ${{ env.ECR_URL }}/${{ env.ECR_REPO }}:${{ matrix.adapter.version }} | |
build-args: | | |
package=${{ matrix.adapter.name }} | |
location=${{ matrix.adapter.location }} | |
- name: Debug | |
run: docker image ls | |
- name: Publish adapter image | |
uses: ./.github/actions/publish-image | |
with: | |
image-version: ${{ matrix.adapter.version }} | |
aws-ecr-url: ${{ env.ECR_URL }} | |
aws-ecr-repo: ${{ env.ECR_REPO }} | |
aws-region: ${{ secrets.AWS_REGION_ECR_PRIVATE }} | |
aws-role: ${{ secrets.AWS_OIDC_IAM_ROLE_ARN }} | |
aws-ecr-account-ids: ${{ secrets.AWS_PRIVATE_ECR_SECONDARY_ACCOUNT_ACCESS_IDS }} | |
aws-ecr-private: true | |
latest: true | |
deploy: | |
name: Trigger infra deployment | |
permissions: | |
id-token: write | |
contents: read | |
runs-on: ubuntu-latest | |
needs: | |
- calculate-changes | |
- publish-adapter-images | |
if: needs.calculate-changes.outputs.adapter-list != '[]' | |
environment: InfraK8s | |
env: | |
ECR_URL: ${{ secrets.SDLC_ACCOUNT_ID }}.dkr.ecr.${{ secrets.AWS_REGION_ECR_PRIVATE }}.amazonaws.com | |
CHANGED_ADAPTERS: ${{ needs.calculate-changes.outputs.adapter-list }} | |
steps: | |
- name: Setup GitHub Token | |
id: setup-github-token | |
uses: smartcontractkit/.github/actions/setup-github-token@9e7cc0779934cae4a9028b8588c9adb64d8ce68c # [email protected] | |
with: | |
aws-role-arn: ${{ secrets.AWS_ROLE_ARN_FOR_INFRA_K8s_PAT }} | |
aws-lambda-url: ${{ secrets.GATI_LAMBDA_DATA_FEEDS_URL }} | |
aws-region: ${{ secrets.AWS_REGION }} | |
aws-role-duration-seconds: '1800' # this is optional and defaults to 900 | |
- name: Trigger Image Dispatcher | |
run: > | |
gh workflow run | |
--repo smartcontractkit/infra-k8s | |
--ref main "Infra-k8s Image Dispatcher" | |
-F imageRepos="$(echo $CHANGED_ADAPTERS | jq -r "\"$ECR_URL/adapters/\" + (.adapter | .[].shortName) + \"-adapter\"" | tr '\n' ' ')" | |
-F gitRepo=${{ github.event.repository.name }} | |
env: | |
GITHUB_TOKEN: ${{ steps.setup-github-token.outputs.access-token }} | |
cleanup: | |
name: Clean up ephemeral items | |
runs-on: ubuntu-latest | |
needs: | |
- calculate-changes | |
- deploy | |
if: always() && needs.calculate-changes.outputs.adapter-list != '[]' | |
steps: | |
- name: Check out code | |
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
with: | |
ref: ${{ needs.calculate-changes.outputs.tmp-branch }} | |
- name: Delete ephemeral branch | |
run: | | |
git push origin --delete ${{ needs.calculate-changes.outputs.tmp-branch }} |