|
| 1 | +name: CI |
| 2 | + |
| 3 | +on: |
| 4 | + push: |
| 5 | + branches: |
| 6 | + - staging |
| 7 | + - feature* |
| 8 | + |
| 9 | +env: |
| 10 | + # Caching |
| 11 | + AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} |
| 12 | + AWS_DEFAULT_REGION: ${{ secrets.AWS_DEFAULT_REGION }} |
| 13 | + AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} |
| 14 | + CACHIX_SIGNING_KEY: ${{ secrets.CACHIX_SIGNING_KEY }} |
| 15 | + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} |
| 16 | + NIX_CACHE_PRIV_KEY: ${{ secrets.NIX_CACHE_PRIV_KEY }} |
| 17 | + NIX_CACHE_PUB_KEY: ${{ secrets.NIX_CACHE_PUB_KEY }} |
| 18 | + NIX_CONFIG: access-tokens = github.com=${{ secrets.NIXPKGS_PRIVATE_PAT }} |
| 19 | + |
| 20 | +jobs: |
| 21 | + check-lint: |
| 22 | + name: "Check / Lint" |
| 23 | + runs-on: ubuntu-latest |
| 24 | + container: |
| 25 | + image: ghcr.io/matrixai/github-runner |
| 26 | + if: > |
| 27 | + github.ref == 'refs/heads/staging' || |
| 28 | + contains(github.ref, 'feature') |
| 29 | + steps: |
| 30 | + - run: entrypoint |
| 31 | + - uses: actions/checkout@v4 |
| 32 | + - name: Lint code |
| 33 | + run: | |
| 34 | + nix develop .#ci --command bash -c $' |
| 35 | + npm run lint --verbose |
| 36 | + ' |
| 37 | +
|
| 38 | + build-dist: |
| 39 | + name: "Build / Dist" |
| 40 | + runs-on: ubuntu-latest |
| 41 | + container: |
| 42 | + image: ghcr.io/matrixai/github-runner |
| 43 | + needs: check-lint |
| 44 | + if: github.ref == 'refs/heads/staging' |
| 45 | + steps: |
| 46 | + - run: entrypoint |
| 47 | + - uses: actions/checkout@v4 |
| 48 | + - name: Build dist |
| 49 | + env: |
| 50 | + POLYKEY_NETWORK_STATUS_PROT: 'https' |
| 51 | + POLYKEY_NETWORK_STATUS_HOST: 'testnet.polykey.com' |
| 52 | + run: | |
| 53 | + echo 'Perform static site generation' |
| 54 | + nix develop .#ci --command bash -c $' |
| 55 | + npm run build --verbose |
| 56 | + ' |
| 57 | + - uses: actions/upload-artifact@v4 |
| 58 | + with: |
| 59 | + name: build-public |
| 60 | + path: ./public |
| 61 | + |
| 62 | + build-pull: |
| 63 | + name: "Build / Pull Request" |
| 64 | + runs-on: ubuntu-latest |
| 65 | + container: |
| 66 | + image: ghcr.io/matrixai/github-runner |
| 67 | + needs: check-lint |
| 68 | + if: github.ref == 'refs/heads/staging' |
| 69 | + steps: |
| 70 | + - uses: actions/checkout@v4 |
| 71 | + - name: Create pull request |
| 72 | + env: |
| 73 | + GH_TOKEN: ${{ secrets.GH_TOKEN }} |
| 74 | + run: | |
| 75 | + git config --global --add safe.directory /__w/Polykey-Network-Dashboard/Polykey-Network-Dashboard |
| 76 | + gh pr create \ |
| 77 | + --head staging \ |
| 78 | + --base master \ |
| 79 | + --title "ci: merge staging to master" \ |
| 80 | + --body "This is an automatic PR generated by the CI/CD pipeline. This will be automatically fast-forward merged if successful." \ |
| 81 | + --assignee "@me" \ |
| 82 | + --no-maintainer-edit || true |
| 83 | + printf "Pipeline Attempt on $GITHUB_RUN_ID for $GITHUB_SHA\n\n$GITHUB_SERVER_URL/$GITHUB_REPOSITORY/actions/runs/$GITHUB_RUN_ID" \ |
| 84 | + | gh pr comment staging \ |
| 85 | + --body-file - \ |
| 86 | + --repo "$GH_PROJECT_PATH" |
| 87 | +
|
| 88 | + integration-build: |
| 89 | + name: "Integration / Build" |
| 90 | + runs-on: ubuntu-latest |
| 91 | + container: |
| 92 | + image: ghcr.io/matrixai/github-runner |
| 93 | + needs: build-dist |
| 94 | + if: github.ref == 'refs/heads/staging' |
| 95 | + steps: |
| 96 | + - run: entrypoint |
| 97 | + - uses: actions/checkout@v4 |
| 98 | + - name: Build dist |
| 99 | + env: |
| 100 | + POLYKEY_NETWORK_STATUS_PROT: 'https' |
| 101 | + POLYKEY_NETWORK_STATUS_HOST: 'mainnet.polykey.com' |
| 102 | + run: | |
| 103 | + echo 'Perform static site generation' |
| 104 | + nix develop .#ci --command bash -c $' |
| 105 | + npm run build --verbose |
| 106 | + ' |
| 107 | + - uses: actions/upload-artifact@v4 |
| 108 | + with: |
| 109 | + name: integration-public |
| 110 | + path: ./public |
| 111 | + |
| 112 | + integration-deployment: |
| 113 | + name: "Integration / Deployment" |
| 114 | + runs-on: ubuntu-latest |
| 115 | + container: |
| 116 | + image: ghcr.io/matrixai/github-runner |
| 117 | + needs: integration-build |
| 118 | + if: github.ref == 'refs/heads/staging' |
| 119 | + steps: |
| 120 | + - run: entrypoint |
| 121 | + - uses: actions/checkout@v4 |
| 122 | + - uses: actions/download-artifact@v4 |
| 123 | + with: |
| 124 | + name: build-public |
| 125 | + path: ./public |
| 126 | + - name: Run deployment |
| 127 | + env: |
| 128 | + name: 'preview' |
| 129 | + deployment_tier: 'staging' |
| 130 | + url: 'https://testnet.polykey.com' |
| 131 | + CLOUDFLARE_ACCOUNT_ID: ${{ secrets.CLOUDFLARE_ACCOUNT_ID }} |
| 132 | + CLOUDFLARE_API_TOKEN: ${{ secrets.CLOUDFLARE_API_TOKEN }} |
| 133 | + run: | |
| 134 | + echo 'Perform service deployment for staging' |
| 135 | + nix develop .#ci --command bash -c $' |
| 136 | + npm run deploy --verbose -- --env staging |
| 137 | + ' |
| 138 | +
|
| 139 | + integration-merge: |
| 140 | + name: "Integration / Merge" |
| 141 | + runs-on: ubuntu-latest |
| 142 | + container: |
| 143 | + image: ghcr.io/matrixai/github-runner |
| 144 | + needs: |
| 145 | + - build-pull |
| 146 | + - integration-build |
| 147 | + if: github.ref == 'refs/heads/staging' |
| 148 | + steps: |
| 149 | + - uses: actions/checkout@v4 |
| 150 | + with: |
| 151 | + fetch-depth: 0 |
| 152 | + token: ${{ secrets.GH_TOKEN }} |
| 153 | + - name: Merge into master |
| 154 | + env: |
| 155 | + GH_TOKEN: ${{ secrets.GH_TOKEN }} |
| 156 | + GIT_AUTHOR_EMAIL: ${{ secrets.GIT_AUTHOR_EMAIL }} |
| 157 | + GIT_AUTHOR_NAME: ${{ secrets.GIT_AUTHOR_NAME }} |
| 158 | + GIT_COMMITTER_EMAIL: ${{ secrets.GIT_COMMITTER_EMAIL }} |
| 159 | + GIT_COMMITTER_NAME: ${{ secrets.GIT_COMMITTER_NAME }} |
| 160 | + run: | |
| 161 | + git config --global --add safe.directory /__w/Polykey-Network-Dashboard/Polykey-Network-Dashboard |
| 162 | + printf "Pipeline Succeeded on $GITHUB_RUN_ID for $GITHUB_SHA\n\n$GITHUB_SERVER_URL/$GITHUB_REPOSITORY/actions/runs/$GITHUB_RUN_ID" \ |
| 163 | + | gh pr comment staging \ |
| 164 | + --body-file - \ |
| 165 | + --repo "$GH_PROJECT_PATH" |
| 166 | + git checkout master |
| 167 | + git merge --ff-only "$GITHUB_SHA" |
| 168 | + git push origin master |
| 169 | +
|
| 170 | + release-deployment: |
| 171 | + name: "Release / Deployment" |
| 172 | + runs-on: ubuntu-latest |
| 173 | + container: |
| 174 | + image: ghcr.io/matrixai/github-runner |
| 175 | + needs: integration-merge |
| 176 | + if: github.ref == 'refs/heads/staging' |
| 177 | + steps: |
| 178 | + - run: entrypoint |
| 179 | + - uses: actions/checkout@v4 |
| 180 | + - uses: actions/download-artifact@v4 |
| 181 | + with: |
| 182 | + name: integration-public |
| 183 | + path: ./public |
| 184 | + - name: Run deployment |
| 185 | + env: |
| 186 | + name: 'production' |
| 187 | + deployment_tier: 'production' |
| 188 | + url: 'https://mainnet.polykey.com' |
| 189 | + CLOUDFLARE_ACCOUNT_ID: ${{ secrets.CLOUDFLARE_ACCOUNT_ID }} |
| 190 | + CLOUDFLARE_API_TOKEN: ${{ secrets.CLOUDFLARE_API_TOKEN }} |
| 191 | + run: | |
| 192 | + echo 'Perform service deployment for production' |
| 193 | + nix develop .#ci --command bash -c $' |
| 194 | + npm run deploy --verbose -- --env production |
| 195 | + ' |
| 196 | +
|
| 197 | +
|
0 commit comments