refactor(ci): optimize deployment workflows

Author: abbesBenayache

.github/workflows/dapp-deploy.yml

@@ -6,33 +6,39 @@ on:
       - 'web3mail-dapp-v*'
 
 jobs:
-  get-version:
+  extract-tag:
     runs-on: ubuntu-latest
+    outputs:
+      clean_tag: ${{ steps.tag.outputs.clean_tag }}
     steps:
-      - name: Checkout code
-        uses: actions/checkout@v4
-
-      - name: Set up Node.js
-        uses: actions/setup-node@v4
-        with:
-          node-version: '20'
-
-      - name: Set publish version
-        id: set-publish-version
+      - name: Extract tag
+        id: tag
         run: |
-          GIT_TAG="${{ github.ref_name }}"
-          VERSION=$(echo "$GIT_TAG" | sed 's/web3mail-dapp-v//')
-          echo "VERSION=${VERSION}" | tee -a $GITHUB_OUTPUT
-          echo "GIT_TAG=${GIT_TAG}" | tee -a $GITHUB_OUTPUT
-    outputs:
-      version: ${{ steps.set-publish-version.outputs.VERSION }}
+          TAG=${GITHUB_REF#refs/tags/web3mail-dapp-v}
+          echo "clean_tag=${TAG}" >> $GITHUB_OUTPUT
+
+  build-push:
+    needs: extract-tag
+    uses: iExecBlockchainComputing/github-actions-workflows/.github/workflows/docker-build.yml@main
+    with:
+      image-name: 'product/web3mail-dapp'
+      image-tag: ${{ needs.extract-tag.outputs.clean_tag }}
+      push: true
+      dockerfile: 'dapp/Dockerfile'
+      security-scan: false
+      hadolint: false
+      registry: 'docker.io'
+      context: 'dapp'
+    secrets:
+      username: ${{ secrets.REGIS_USERNAME }}
+      password: ${{ secrets.REGIS_PASSWORD }}
 
-  # Single sconification job for both environments
   sconify:
-    uses: iExecBlockchainComputing/github-actions-workflows/.github/workflows/[email protected]
+    needs: [extract-tag, build-push]
+    uses: iExecBlockchainComputing/github-actions-workflows/.github/workflows/[email protected]
     with:
       image-name: product/web3mail-dapp
-      image-tag: ${{ github.ref_name }}
+      image-tag: ${{ needs.extract-tag.outputs.clean_tag }}
       sconify-debug: false
       sconify-prod: true
       docker-registry: docker.io
@@ -47,97 +53,13 @@ jobs:
       heap: 1G
       dlopen: 1
       mprotect: 1
-      docker-username: ${{ vars.DOCKERHUB_USERNAME }}
-      scontain-username: ${{ vars.SCONTAIN_REGISTRY_USERNAME }}
     secrets:
+      docker-username: ${{ secrets.DOCKERHUB_USERNAME }}
       docker-password: ${{ secrets.DOCKERHUB_PAT }}
+      scontain-username: ${{ secrets.SCONTAIN_REGISTRY_USERNAME }}
       scontain-password: ${{ secrets.SCONTAIN_REGISTRY_PAT }}
       scone-signing-key: ${{ secrets.SCONIFY_SIGNING_PRIVATE_KEY }}
 
-  # Deploy to Dev Environment
-  deploy-dapp-dev:
-    runs-on: ubuntu-latest
-    needs: sconify
-    steps:
-      - name: Checkout code
-        uses: actions/checkout@v4
-
-      - name: Setup Node.js
-        uses: actions/setup-node@v4
-        with:
-          node-version: '20'
-          cache: 'npm'
-
-      - name: Install dependencies
-        run: |
-          npm ci
-          cd node_modules/whitelist-smart-contract
-          npm install --save-dev ts-node
-          cd ../../deployment-dapp
-          npm ci
-
-      - name: Create scone fingerprint file (dev)
-        run: |
-          MRENCLAVE="${{ needs.sconify.outputs.prod-mrenclave }}"
-          echo "$MRENCLAVE" > deployment-dapp/.scone-fingerprint
-
-      - name: Deploy dapp contract (dev)
-        env:
-          DEPLOY_ENVIRONMENT: dapp-dev
-          WALLET_PRIVATE_KEY_DEV: ${{ secrets.WEB3MAIL_DAPP_OWNER_DEV_PRIVATEKEY }}
-          DOCKER_IMAGE_CHECKSUM_DEV: ${{ needs.sconify.outputs.prod-checksum }}
-        run: |
-          cd deployment-dapp
-          npm run deploy-dapp
-
-      - name: Push dapp secret (dev)
-        env:
-          DEPLOY_ENVIRONMENT: dapp-dev
-          WALLET_PRIVATE_KEY_DEV: ${{ secrets.WEB3MAIL_DAPP_OWNER_DEV_PRIVATEKEY }}
-          MJ_APIKEY_PUBLIC: ${{ secrets.MJ_APIKEY_PUBLIC }}
-          MJ_APIKEY_PRIVATE: ${{ secrets.MJ_APIKEY_PRIVATE }}
-          MJ_SENDER: ${{ secrets.MJ_SENDER }}
-          MAILGUN_APIKEY: ${{ secrets.MAILGUN_APIKEY }}
-          WEB3MAIL_WHITELISTED_APPS_DEV: ${{ secrets.WEB3MAIL_WHITELISTED_APPS_DEV }}
-        run: |
-          cd deployment-dapp
-          npm run push-dapp-secret
-
-      - name: Publish free sell order (dev)
-        env:
-          DEPLOY_ENVIRONMENT: dapp-dev
-          WALLET_PRIVATE_KEY_DEV: ${{ secrets.WEB3MAIL_DAPP_OWNER_DEV_PRIVATEKEY }}
-          PRICE: '0'
-          VOLUME: '1000000000'
-        run: |
-          cd deployment-dapp
-          npm run publish-sell-order
-
-      - name: Add resource to whitelist (dev)
-        env:
-          WALLET_PRIVATE_KEY: ${{ secrets.WEB3MAIL_DAPP_OWNER_DEV_PRIVATEKEY }}
-          CONTRACT_ADDRESS: ${{ secrets.WEB3MAIL_WHITELIST_DEV_ADDRESS }}
-        run: |
-          cd node_modules/whitelist-smart-contract
-          export ADDRESS_TO_ADD=$(cat ../../deployment-dapp/.app-address) && npm run addResourceToWhitelist
-
-      - name: Configure ENS (dev)
-        env:
-          DEPLOY_ENVIRONMENT: dapp-dev
-          WALLET_PRIVATE_KEY_DEV: ${{ secrets.WEB3MAIL_DAPP_OWNER_DEV_PRIVATEKEY }}
-        run: |
-          cd deployment-dapp
-          npm run configure-ens
-
-      - name: Upload deployment artifacts (dev)
-        uses: actions/upload-artifact@v4
-        with:
-          name: deployment-artifacts-dev
-          path: |
-            deployment-dapp/.app-address
-            deployment-dapp/.scone-fingerprint
-
-  # Deploy to Prod Environment
   deploy-dapp-prod:
     runs-on: ubuntu-latest
     needs: sconify
@@ -169,6 +91,7 @@ jobs:
           DEPLOY_ENVIRONMENT: dapp-prod
           WALLET_PRIVATE_KEY_PROD: ${{ secrets.WEB3MAIL_DAPP_OWNER_PROD_PRIVATEKEY }}
           DOCKER_IMAGE_CHECKSUM_PROD: ${{ needs.sconify.outputs.prod-checksum }}
+          DOCKER_IMAGE_PROD_TAG: ${{ needs.sconify.outputs.prod-image-tag }}
         run: |
           cd deployment-dapp
           npm run deploy-dapp