Release v13.15.0 #503
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
on: | |
push: | |
branches: | |
- main | |
name: Deploy to AWS Production | |
jobs: | |
deploy: | |
name: Deploy | |
runs-on: ubuntu-latest | |
env: | |
AWS_REGION: us-east-1 | |
ECR_REPO_NAME: summer-fi-prod | |
SERVICE_NAME: summer-fi-prod | |
CLUSTER_NAME: summer-fi-prod | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v3 | |
- name: Configure AWS credentials | |
uses: aws-actions/configure-aws-credentials@v2 | |
with: | |
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID_PROD }} | |
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY_PROD }} | |
aws-region: ${{ env.AWS_REGION }} | |
- name: Login to Amazon ECR | |
id: login-ecr | |
uses: aws-actions/amazon-ecr-login@v1 | |
- name: Extract commit hash | |
id: vars | |
shell: bash | |
run: | | |
echo "::set-output name=sha_short::$(git rev-parse --short HEAD)" | |
- name: Build, tag, and push image to Amazon ECR | |
id: build-image | |
env: | |
SHA_TAG: ${{ steps.vars.outputs.sha_short }} | |
LATEST_TAG: latest | |
ENVIRONMENT_TAG: prod | |
ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }} | |
run: | | |
# Build a docker container and | |
# push it to ECR so that it can | |
# be deployed to ECS. | |
docker build -f Dockerfile.production \ | |
--build-arg COMMIT_SHA='' \ | |
--build-arg AJNA_SUBGRAPH_URL=${{ secrets.AJNA_SUBGRAPH_URL_PROD }} \ | |
--build-arg AJNA_SUBGRAPH_URL_GOERLI=${{ secrets.AJNA_SUBGRAPH_URL_GOERLI }} \ | |
--build-arg AJNA_SUBGRAPH_V2_URL=${{ secrets.AJNA_SUBGRAPH_V2_URL_PROD }} \ | |
--build-arg AJNA_SUBGRAPH_V2_URL_GOERLI=${{ secrets.AJNA_SUBGRAPH_V2_URL_GOERLI }} \ | |
--build-arg MIXPANEL_ENV=production \ | |
--build-arg MIXPANEL_KEY=${{ secrets.MIXPANEL_KEY_PROD }} \ | |
--build-arg INFURA_PROJECT_ID=${{ secrets.INFURA_PROJECT_ID_PROD }} \ | |
--build-arg ETHERSCAN_API_KEY=${{ secrets.ETHERSCAN_API_KEY }} \ | |
--build-arg BLOCKNATIVE_API_KEY=${{ secrets.BLOCKNATIVE_API_KEY_PROD }} \ | |
--build-arg SHOW_BUILD_INFO=0 \ | |
--build-arg NODE_ENV=production \ | |
--build-arg NEXT_PUBLIC_SENTRY_ENV=production \ | |
--build-arg SENTRY_AUTH_TOKEN=${{ secrets.SENTRY_AUTH_TOKEN }} \ | |
--build-arg PRODUCT_HUB_KEY=${{ secrets.PRODUCT_HUB_KEY }} \ | |
--build-arg ONE_INCH_API_KEY=${{ secrets.ONE_INCH_API_KEY_PROD }} \ | |
--build-arg ONE_INCH_API_URL=${{ secrets.ONE_INCH_API_URL_PROD }} \ | |
--build-arg REFERRAL_SUBGRAPH_URL=${{ secrets.REFERRAL_SUBGRAPH_URL_PROD }} \ | |
--build-arg CONFIG_URL=${{ secrets.CONFIG_URL }} \ | |
--build-arg NPM_TOKEN=${{ secrets.NPM_TOKEN }} \ | |
--build-arg BLOG_POSTS_API_KEY=${{ secrets.BLOG_POSTS_API_KEY }} \ | |
--build-arg BLOG_POSTS_API_URL=${{ secrets.BLOG_POSTS_API_URL }} \ | |
--build-arg NEXT_PUBLIC_SPINDL_SDK_KEY=${{ secrets.NEXT_PUBLIC_SPINDL_SDK_KEY }} \ | |
--build-arg NEWSLETTER_API_KEY=${{ secrets.NEWSLETTER_API_KEY }} \ | |
--build-arg NEWSLETTER_PUBLICATION_ID=${{ secrets.NEWSLETTER_PUBLICATION_ID }} \ | |
--build-arg NEWSLETTER_ENDPOINT=${{ secrets.NEWSLETTER_ENDPOINT }} \ | |
--cache-from=$ECR_REGISTRY/$ECR_REPO_NAME:$ENVIRONMENT_TAG \ | |
-t $ECR_REGISTRY/$ECR_REPO_NAME:$SHA_TAG \ | |
-t $ECR_REGISTRY/$ECR_REPO_NAME:$LATEST_TAG \ | |
-t $ECR_REGISTRY/$ECR_REPO_NAME:$ENVIRONMENT_TAG \ | |
. | |
docker push $ECR_REGISTRY/$ECR_REPO_NAME --all-tags | |
- name: Update ECS service with latest Docker image | |
id: service-update | |
run: | | |
aws ecs update-service --cluster $CLUSTER_NAME --service ${{ env.SERVICE_NAME }} --force-new-deployment --region $AWS_REGION | |
- name: Wait for all services to become stable | |
uses: oryanmoshe/ecs-wait-action@v1.3 | |
with: | |
ecs-cluster: ${{ env.CLUSTER_NAME }} | |
ecs-services: '["${{ env.SERVICE_NAME }}"]' | |
- name: Invalidate CloudFront | |
run: | |
AWS_MAX_ATTEMPTS=10 aws cloudfront create-invalidation --distribution-id ${{ | |
secrets.CF_DIST_ID_PROD }} --paths "/*" |