|
23 | 23 | default: '' |
24 | 24 |
|
25 | 25 | jobs: |
26 | | - extract-tag: |
| 26 | + # extract-tag: |
| 27 | + # runs-on: ubuntu-latest |
| 28 | + # outputs: |
| 29 | + # clean_tag: ${{ steps.tag.outputs.clean_tag }} |
| 30 | + # steps: |
| 31 | + # - name: Checkout code |
| 32 | + # uses: actions/checkout@v4 |
| 33 | + |
| 34 | + # - name: Extract tag |
| 35 | + # id: tag |
| 36 | + # run: echo "clean_tag=dev-${GITHUB_SHA}" | tee -a $GITHUB_OUTPUT |
| 37 | + |
| 38 | + # docker-publish: |
| 39 | + # uses: iExecBlockchainComputing/github-actions-workflows/.github/workflows/[email protected] |
| 40 | + # needs: [extract-tag] |
| 41 | + # with: |
| 42 | + # image-name: 'iexechub/web3mail-dapp' |
| 43 | + # registry: 'docker.io' |
| 44 | + # dockerfile: 'dapp/Dockerfile' |
| 45 | + # context: 'dapp' |
| 46 | + # security-scan: true |
| 47 | + # security-report: 'sarif' |
| 48 | + # hadolint: true |
| 49 | + # push: true |
| 50 | + # image-tag: ${{ needs.extract-tag.outputs.clean_tag }} |
| 51 | + # secrets: |
| 52 | + # username: ${{ secrets.DOCKERHUB_USERNAME }} |
| 53 | + # password: ${{ secrets.DOCKERHUB_PAT }} |
| 54 | + |
| 55 | + # sconify: |
| 56 | + # uses: iExecBlockchainComputing/github-actions-workflows/.github/workflows/[email protected] |
| 57 | + # needs: [docker-publish] |
| 58 | + # with: |
| 59 | + # image-name: 'iexechub/web3mail-dapp' |
| 60 | + # image-tag: ${{ needs.extract-tag.outputs.clean_tag }} |
| 61 | + # sconify-debug: false |
| 62 | + # sconify-prod: true |
| 63 | + # docker-registry: docker.io |
| 64 | + # sconify-version: '5.9.0-v15' |
| 65 | + # binary: /usr/local/bin/node |
| 66 | + # command: node /app/src/app.js |
| 67 | + # host-path: | |
| 68 | + # /etc/hosts |
| 69 | + # /etc/resolv.conf |
| 70 | + # binary-fs: true |
| 71 | + # fs-dir: /app |
| 72 | + # heap: 1G |
| 73 | + # dlopen: 1 |
| 74 | + # mprotect: 1 |
| 75 | + # secrets: |
| 76 | + # docker-username: ${{ secrets.DOCKERHUB_USERNAME }} |
| 77 | + # docker-password: ${{ secrets.DOCKERHUB_PAT }} |
| 78 | + # scontain-username: ${{ secrets.SCONTAIN_REGISTRY_USERNAME }} |
| 79 | + # scontain-password: ${{ secrets.SCONTAIN_REGISTRY_PAT }} |
| 80 | + # scone-signing-key: ${{ secrets.SCONIFY_SIGNING_PRIVATE_KEY }} |
| 81 | + |
| 82 | + deploy-dapp: |
| 83 | + # needs: [extract-tag, sconify] |
27 | 84 | runs-on: ubuntu-latest |
28 | | - outputs: |
29 | | - clean_tag: ${{ steps.tag.outputs.clean_tag }} |
| 85 | + environment: ${{ inputs.environment }} |
30 | 86 | steps: |
31 | 87 | - name: Checkout code |
32 | 88 | uses: actions/checkout@v4 |
33 | 89 |
|
34 | | - - name: Extract tag |
35 | | - id: tag |
36 | | - run: echo "clean_tag=dev-${GITHUB_SHA}" | tee -a $GITHUB_OUTPUT |
| 90 | + - name: Setup Node.js |
| 91 | + uses: actions/setup-node@v4 |
| 92 | + with: |
| 93 | + node-version: '18.19' |
| 94 | + cache: 'npm' |
37 | 95 |
|
38 | | - deploy-dapp: |
39 | | - needs: extract-tag |
40 | | - uses: ./.github/workflows/reusable-dapp-deploy.yml |
41 | | - with: |
42 | | - environment: ${{ inputs.environment }} |
43 | | - tag: ${{ needs.extract-tag.outputs.clean_tag }} |
44 | | - price: ${{ inputs.price }} |
45 | | - volume: ${{ inputs.volume }} |
46 | | - secrets: |
47 | | - dockerhub-username: ${{ secrets.DOCKERHUB_USERNAME }} |
48 | | - dockerhub-password: ${{ secrets.DOCKERHUB_PAT }} |
49 | | - sconify-signing-private-key: ${{ secrets.SCONIFY_SIGNING_PRIVATE_KEY }} |
50 | | - scontain-username: ${{ secrets.SCONTAIN_REGISTRY_USERNAME }} |
51 | | - scontain-password: ${{ secrets.SCONTAIN_REGISTRY_PAT }} |
52 | | - |
53 | | - mailjet-apikey-public: ${{ secrets.MAILJET_APIKEY_PUBLIC }} |
54 | | - mailjet-apikey-private: ${{ secrets.MAILJET_APIKEY_PRIVATE }} |
55 | | - mailjet-sender: ${{ secrets.MAILJET_SENDER }} |
56 | | - mailgun-apikey: ${{ secrets.MAILGUN_APIKEY }} |
| 96 | + - name: Install dependencies |
| 97 | + run: | |
| 98 | + npm ci |
| 99 | + cd node_modules/whitelist-smart-contract |
| 100 | + npm install --save-dev ts-node |
| 101 | + cd ../../deployment-dapp |
| 102 | + npm ci |
| 103 | +
|
| 104 | + - name: Print environment variables and secrets (DEBUG ONLY) |
| 105 | + run: | |
| 106 | + echo "ENVIRONMENT: ${{ inputs.environment }}" |
| 107 | + echo "PRICE: ${{ inputs.price }}" |
| 108 | + echo "VOLUME: ${{ inputs.volume }}" |
| 109 | + echo "WALLET_PRIVATE_KEY: ${{ secrets.WEB3MAIL_DAPP_OWNER_PRIVATEKEY }}" |
| 110 | + echo "MAILJET_APIKEY_PUBLIC: ${{ secrets.MAILJET_APIKEY_PUBLIC }}" |
| 111 | + echo "MAILJET_APIKEY_PRIVATE: ${{ secrets.MAILJET_APIKEY_PRIVATE }}" |
| 112 | + echo "MAILJET_SENDER: ${{ secrets.MAILJET_SENDER }}" |
| 113 | + echo "MAILGUN_APIKEY: ${{ secrets.MAILGUN_APIKEY }}" |
| 114 | + echo "WEB3MAIL_WHITELISTED_APPS: ${{ vars.WEB3MAIL_WHITELISTED_APPS }}" |
| 115 | + echo "SELL_ORDER_PRICE: ${{ vars.SELL_ORDER_PRICE }}" |
| 116 | + echo "SELL_ORDER_VOLUME: ${{ vars.SELL_ORDER_VOLUME }}" |
| 117 | + echo "DAPP_ENS_NAME: ${{ vars.DAPP_ENS_NAME }}" |
| 118 | + echo "WEB3MAIL_WHITELIST_CONTRACT_ADDRESS: ${{ secrets.WEB3MAIL_WHITELIST_CONTRACT_ADDRESS }}" |
| 119 | + echo "RPC_URL: ${{ secrets.RPC_URL }}" |
| 120 | + echo "DOCKERHUB_USERNAME: ${{ secrets.DOCKERHUB_USERNAME }}" |
| 121 | + echo "DOCKERHUB_PAT: ${{ secrets.DOCKERHUB_PAT }}" |
| 122 | + echo "SCONTAIN_REGISTRY_USERNAME: ${{ secrets.SCONTAIN_REGISTRY_USERNAME }}" |
| 123 | + echo "SCONTAIN_REGISTRY_PAT: ${{ secrets.SCONTAIN_REGISTRY_PAT }}" |
| 124 | + echo "SCONIFY_SIGNING_PRIVATE_KEY: ${{ secrets.SCONIFY_SIGNING_PRIVATE_KEY }}" |
| 125 | +
|
| 126 | + - name: Deploy dapp contract |
| 127 | + env: |
| 128 | + WALLET_PRIVATE_KEY: ${{ secrets.WEB3MAIL_DAPP_OWNER_PRIVATEKEY }} |
| 129 | + DOCKER_IMAGE_TAG: ${{ needs.sconify.outputs.prod-image-tag }} |
| 130 | + CHECKSUM: ${{ needs.sconify.outputs.prod-checksum }} |
| 131 | + FINGERPRINT: ${{ needs.sconify.outputs.prod-mrenclave }} |
| 132 | + RPC_URL: ${{ secrets.RPC_URL }} |
| 133 | + run: | |
| 134 | + cd deployment-dapp |
| 135 | + npm run deploy-dapp |
| 136 | +
|
| 137 | + - name: Push dapp secret |
| 138 | + env: |
| 139 | + WALLET_PRIVATE_KEY: ${{ secrets.WEB3MAIL_DAPP_OWNER_PRIVATEKEY }} |
| 140 | + MJ_APIKEY_PUBLIC: ${{ secrets.MAILJET_APIKEY_PUBLIC }} |
| 141 | + MJ_APIKEY_PRIVATE: ${{ secrets.MAILJET_APIKEY_PRIVATE }} |
| 142 | + MJ_SENDER: ${{ secrets.MAILJET_SENDER }} |
| 143 | + MAILGUN_APIKEY: ${{ secrets.MAILGUN_APIKEY }} |
| 144 | + WEB3MAIL_WHITELISTED_APPS: ${{ vars.WEB3MAIL_WHITELISTED_APPS }} |
| 145 | + run: | |
| 146 | + cd deployment-dapp |
| 147 | + npm run push-dapp-secret |
| 148 | +
|
| 149 | + - name: Publish free sell order |
| 150 | + env: |
| 151 | + WALLET_PRIVATE_KEY: ${{ secrets.WEB3MAIL_DAPP_OWNER_PRIVATEKEY }} |
| 152 | + PRICE: ${{ inputs.price || vars.SELL_ORDER_PRICE }} |
| 153 | + VOLUME: ${{ inputs.volume || vars.SELL_ORDER_VOLUME }} |
| 154 | + run: | |
| 155 | + cd deployment-dapp |
| 156 | + npm run publish-sell-order |
| 157 | +
|
| 158 | + - name: Add resource to whitelist |
| 159 | + env: |
| 160 | + CONTRACT_ADDRESS: ${{ secrets.WEB3MAIL_WHITELIST_CONTRACT_ADDRESS }} |
| 161 | + run: | |
| 162 | + cd node_modules/whitelist-smart-contract |
| 163 | + export ADDRESS_TO_ADD=$(cat ../../deployment-dapp/.app-address) && npm run addResourceToWhitelist |
| 164 | +
|
| 165 | + - name: Configure ENS |
| 166 | + if: ${{ vars.DAPP_ENS_NAME }} |
| 167 | + env: |
| 168 | + WALLET_PRIVATE_KEY: ${{ secrets.WEB3MAIL_DAPP_OWNER_PRIVATEKEY }} |
| 169 | + DAPP_ENS_NAME: ${{ vars.DAPP_ENS_NAME }} |
| 170 | + run: | |
| 171 | + cd deployment-dapp |
| 172 | + npm run configure-ens |
0 commit comments