This repository has been archived by the owner on Oct 4, 2024. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 23
72 lines (63 loc) · 2.3 KB
/
deploy-production.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
name: Deploy https://starkcompass.com/
concurrency:
group: ${{ github.workflow }}
on:
push:
tags:
- v**
jobs:
build-deploy:
name: Build and deploy to production
runs-on: ubuntu-latest
environment:
name: production
url: https://starkcompass.com/
steps:
- name: Checkout
uses: actions/[email protected]
- name: Tailscale
uses: tailscale/github-action@v2
with:
oauth-client-id: ${{ secrets.TS_OAUTH_CLIENT_ID }}
oauth-secret: ${{ secrets.TS_OAUTH_SECRET }}
tags: tag:server
- name: Create ssh private key file from env var
env:
SSH_KEY: ${{ secrets.SSH_KEY }}
TS_HOST: ${{ vars.TS_HOST }}
run: |
mkdir -p ~/.ssh/
sed -E 's/(-+(BEGIN|END) OPENSSH PRIVATE KEY-+) *| +/\1\n/g' <<< "$SSH_KEY" > ~/.ssh/id_ed25519
chmod 400 ~/.ssh/id_ed25519
retries=5; until ssh-keyscan $TS_HOST >> ~/.ssh/known_hosts || [ $retries -eq 0 ]; do ((retries--)); sleep 5; done
- name: Install ansible
run: |
pip install ansible
- name: "Deploy with ansible"
env:
MIX_ENV: ${{ vars.MIX_ENV }}
DB_TYPE: ${{ vars.DB_TYPE }}
DATABASE_URL: ${{ secrets.DATABASE_URL }}
SECRET_KEY_BASE: ${{ secrets.SECRET_KEY_BASE }}
PHX_HOST: ${{ vars.PHX_HOST }}
PHX_SERVER: ${{ vars.PHX_SERVER }}
RPC_API_HOST: ${{ secrets.RPC_API_HOST }}
TESTNET_RPC_API_HOST: ${{ secrets.TESTNET_RPC_API_HOST }}
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
AWS_REGION: ${{ vars.AWS_REGION }}
PROVER_STORAGE: ${{ vars.PROVER_STORAGE }}
ANSIBLE_SSH_PKEY_DIR: "./id_ed25519_production"
TS_HOST: ${{ vars.TS_HOST }}
TS_USER: ${{ vars.TS_USER }}
GIT_BRANCH: ${{ github.head_ref || github.ref_name }}
ANSIBLE_STDOUT_CALLBACK: "yaml"
NEWRELIC_KEY: ${{ secrets.NEWRELIC_KEY }}
NEWRELIC_APP_NAME: ${{ vars.NEWRELIC_APP_NAME }}
SENTRY_ENV: "production"
SENTRY_DSN: ${{ secrets.SENTRY_DSN }}
ENABLE_MAINNET_SYNC: "true"
ENABLE_TESTNET_SYNC: "true"
ENABLE_GATEWAY_DATA: "true"
run: |
ansible-playbook -i ansible/inventory.yaml ansible/playbooks/deployment.yaml