feat: reactivate docker-publish and sconify jobs, remove debug secrets step

abbesBenayache · abbesBenayache · commit 4c93c03e1d6d · 2025-07-17T23:19:58.000+02:00
diff --git a/.github/workflows/dapp-deploy.yml b/.github/workflows/dapp-deploy.yml
@@ -23,64 +23,64 @@ on:
         default: ''
 
 jobs:
-  # extract-tag:
-  #   runs-on: ubuntu-latest
-  #   outputs:
-  #     clean_tag: ${{ steps.tag.outputs.clean_tag }}
-  #   steps:
-  #     - name: Checkout code
-  #       uses: actions/checkout@v4
+  extract-tag:
+    runs-on: ubuntu-latest
+    outputs:
+      clean_tag: ${{ steps.tag.outputs.clean_tag }}
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
 
-  #     - name: Extract tag
-  #       id: tag
-  #       run: echo "clean_tag=dev-${GITHUB_SHA}" | tee -a $GITHUB_OUTPUT
+      - name: Extract tag
+        id: tag
+        run: echo "clean_tag=dev-${GITHUB_SHA}" | tee -a $GITHUB_OUTPUT
 
-  # docker-publish:
-  #   uses: iExecBlockchainComputing/github-actions-workflows/.github/workflows/docker-build.yml@docker-build-v2.3.1
-  #   needs: [extract-tag]
-  #   with:
-  #     image-name: 'iexechub/web3mail-dapp'
-  #     registry: 'docker.io'
-  #     dockerfile: 'dapp/Dockerfile'
-  #     context: 'dapp'
-  #     security-scan: true
-  #     security-report: 'sarif'
-  #     hadolint: true
-  #     push: true
-  #     image-tag: ${{ needs.extract-tag.outputs.clean_tag }}
-  #   secrets:
-  #     username: ${{ secrets.DOCKERHUB_USERNAME }}
-  #     password: ${{ secrets.DOCKERHUB_PAT }}
+  docker-publish:
+    uses: iExecBlockchainComputing/github-actions-workflows/.github/workflows/docker-build.yml@docker-build-v2.3.1
+    needs: [extract-tag]
+    with:
+      image-name: 'iexechub/web3mail-dapp'
+      registry: 'docker.io'
+      dockerfile: 'dapp/Dockerfile'
+      context: 'dapp'
+      security-scan: true
+      security-report: 'sarif'
+      hadolint: true
+      push: true
+      image-tag: ${{ needs.extract-tag.outputs.clean_tag }}
+    secrets:
+      username: ${{ secrets.DOCKERHUB_USERNAME }}
+      password: ${{ secrets.DOCKERHUB_PAT }}
 
-  # sconify:
-  #   uses: iExecBlockchainComputing/github-actions-workflows/.github/workflows/sconify.yml@sconify-v2.0.0
-  #   needs: [docker-publish]
-  #   with:
-  #     image-name: 'iexechub/web3mail-dapp'
-  #     image-tag: ${{ needs.extract-tag.outputs.clean_tag }}
-  #     sconify-debug: false
-  #     sconify-prod: true
-  #     docker-registry: docker.io
-  #     sconify-version: '5.9.0-v15'
-  #     binary: /usr/local/bin/node
-  #     command: node /app/src/app.js
-  #     host-path: |
-  #       /etc/hosts
-  #       /etc/resolv.conf
-  #     binary-fs: true
-  #     fs-dir: /app
-  #     heap: 1G
-  #     dlopen: 1
-  #     mprotect: 1
-  #   secrets:
-  #     docker-username: ${{ secrets.DOCKERHUB_USERNAME }}
-  #     docker-password: ${{ secrets.DOCKERHUB_PAT }}
-  #     scontain-username: ${{ secrets.SCONTAIN_REGISTRY_USERNAME }}
-  #     scontain-password: ${{ secrets.SCONTAIN_REGISTRY_PAT }}
-  #     scone-signing-key: ${{ secrets.SCONIFY_SIGNING_PRIVATE_KEY }}
+  sconify:
+    uses: iExecBlockchainComputing/github-actions-workflows/.github/workflows/sconify.yml@sconify-v2.0.0
+    needs: [docker-publish]
+    with:
+      image-name: 'iexechub/web3mail-dapp'
+      image-tag: ${{ needs.extract-tag.outputs.clean_tag }}
+      sconify-debug: false
+      sconify-prod: true
+      docker-registry: docker.io
+      sconify-version: '5.9.0-v15'
+      binary: /usr/local/bin/node
+      command: node /app/src/app.js
+      host-path: |
+        /etc/hosts
+        /etc/resolv.conf
+      binary-fs: true
+      fs-dir: /app
+      heap: 1G
+      dlopen: 1
+      mprotect: 1
+    secrets:
+      docker-username: ${{ secrets.DOCKERHUB_USERNAME }}
+      docker-password: ${{ secrets.DOCKERHUB_PAT }}
+      scontain-username: ${{ secrets.SCONTAIN_REGISTRY_USERNAME }}
+      scontain-password: ${{ secrets.SCONTAIN_REGISTRY_PAT }}
+      scone-signing-key: ${{ secrets.SCONIFY_SIGNING_PRIVATE_KEY }}
 
   deploy-dapp:
-    # needs: [extract-tag, sconify]
+    needs: [extract-tag, sconify]
     runs-on: ubuntu-latest
     environment: ${{ inputs.environment }}
     steps:
@@ -101,28 +101,6 @@ jobs:
           cd ../../deployment-dapp
           npm ci
 
-      - name: Print environment variables and secrets (DEBUG ONLY)
-        run: |
-          echo "ENVIRONMENT: ${{ inputs.environment }}"
-          echo "PRICE: ${{ inputs.price }}"
-          echo "VOLUME: ${{ inputs.volume }}"
-          echo "WALLET_PRIVATE_KEY: ${{ secrets.WEB3MAIL_DAPP_OWNER_PRIVATEKEY }}"
-          echo "MAILJET_APIKEY_PUBLIC: ${{ secrets.MAILJET_APIKEY_PUBLIC }}"
-          echo "MAILJET_APIKEY_PRIVATE: ${{ secrets.MAILJET_APIKEY_PRIVATE }}"
-          echo "MAILJET_SENDER: ${{ secrets.MAILJET_SENDER }}"
-          echo "MAILGUN_APIKEY: ${{ secrets.MAILGUN_APIKEY }}"
-          echo "WEB3MAIL_WHITELISTED_APPS: ${{ vars.WEB3MAIL_WHITELISTED_APPS }}"
-          echo "SELL_ORDER_PRICE: ${{ vars.SELL_ORDER_PRICE }}"
-          echo "SELL_ORDER_VOLUME: ${{ vars.SELL_ORDER_VOLUME }}"
-          echo "DAPP_ENS_NAME: ${{ vars.DAPP_ENS_NAME }}"
-          echo "WEB3MAIL_WHITELIST_CONTRACT_ADDRESS: ${{ secrets.WEB3MAIL_WHITELIST_CONTRACT_ADDRESS }}"
-          echo "RPC_URL: ${{ secrets.RPC_URL }}"
-          echo "DOCKERHUB_USERNAME: ${{ secrets.DOCKERHUB_USERNAME }}"
-          echo "DOCKERHUB_PAT: ${{ secrets.DOCKERHUB_PAT }}"
-          echo "SCONTAIN_REGISTRY_USERNAME: ${{ secrets.SCONTAIN_REGISTRY_USERNAME }}"
-          echo "SCONTAIN_REGISTRY_PAT: ${{ secrets.SCONTAIN_REGISTRY_PAT }}"
-          echo "SCONIFY_SIGNING_PRIVATE_KEY: ${{ secrets.SCONIFY_SIGNING_PRIVATE_KEY }}"
-
       - name: Deploy dapp contract
         env:
           WALLET_PRIVATE_KEY: ${{ secrets.WEB3MAIL_DAPP_OWNER_PRIVATEKEY }}
