@@ -356,3 +356,105 @@ jobs:
356356 prerelease : true
357357 title : Unstable Development Builds
358358 files : package/*
359+
360+ deploy-testing :
361+ strategy :
362+ fail-fast : false
363+ matrix :
364+ environment : [ release-preprod ]
365+ include :
366+ - environment : release-preprod
367+ environment_prefix : release
368+ cardano_network : preprod
369+ mithril_api_domain : api.mithril.network
370+ mithril_protocol_parameters : |
371+ {
372+ k = 5
373+ m = 100
374+ phi_f = 0.65
375+ }
376+ mithril_signers : |
377+ {
378+ "1" = {
379+ pool_id = "pool1zr907nmfsq5kalxdjju349nwg6f03lyfmcjfqcz52jf45gcgh03",
380+ },
381+ }
382+ terraform_backend_bucket : hydra-terraform-admin
383+ google_region : europe-west1
384+ google_zone : europe-west1-b
385+ google_machine_type : e2-highmem-2
386+
387+ runs-on : ubuntu-22.04
388+
389+ needs :
390+ - docker-mithril
391+
392+ environment : ${{ matrix.environment }}
393+
394+ env :
395+ GOOGLE_APPLICATION_CREDENTIALS : ${{ secrets.GOOGLE_APPLICATION_CREDENTIALS }}
396+ GENESIS_SECRET_KEY : ${{ secrets.GENESIS_SECRET_KEY }}
397+ GENESIS_VERIFICATION_KEY_URL : ${{ secrets.GENESIS_VERIFICATION_KEY_URL }}
398+
399+ defaults :
400+ run :
401+ working-directory : mithril-infra
402+
403+ steps :
404+
405+ - name : Checkout sources
406+ uses : actions/checkout@v3
407+
408+ - name : Get Docker image id
409+ run : echo "DOCKER_IMAGE_ID=${{ github.head_ref || github.ref_name }}-$(echo ${{ github.sha }} | cut -c1-7)" >> $GITHUB_ENV
410+
411+ - name : Prepare service account credentials
412+ run : |
413+ echo '${{ env.GOOGLE_APPLICATION_CREDENTIALS}}' > ./google-application-credentials.json
414+ chmod u+x ./assets/tools/google-credentials-public-key.sh
415+ ./assets/tools/google-credentials-public-key.sh ./google-application-credentials.json ./assets/ssh_keys curry
416+
417+ name : Prepare terraform variables
418+ run : |
419+ cat > ./env.variables.tfvars << EOF
420+ environment_prefix = "${{ matrix.environment_prefix }}"
421+ cardano_network = "${{ matrix.cardano_network }}"
422+ google_region = "${{ matrix.google_region }}"
423+ google_zone = "${{ matrix.google_zone }}"
424+ google_machine_type = "${{ matrix.google_machine_type }}"
425+ google_service_credentials_json_file = "./google-application-credentials.json"
426+ mithril_api_domain = "${{ matrix.mithril_api_domain }}"
427+ mithril_image_id = "${{ env.DOCKER_IMAGE_ID }}"
428+ mithril_genesis_verification_key_url = "${{ env.GENESIS_VERIFICATION_KEY_URL }}"
429+ mithril_genesis_secret_key = "${{ env.GENESIS_SECRET_KEY }}"
430+ mithril_protocol_parameters = ${{ matrix.mithril_protocol_parameters }}
431+ mithril_signers = ${{ matrix.mithril_signers }}
432+ EOF
433+ terraform fmt ./env.variables.tfvars
434+ cat ./env.variables.tfvars
435+
436+ name : Setup Terraform
437+ uses : hashicorp/setup-terraform@v2
438+ with :
439+ terraform_wrapper : false
440+
441+ - name : Init Terraform
442+ run : |
443+ GOOGLE_APPLICATION_CREDENTIALS=./google-application-credentials.json terraform init -backend-config="bucket=${{ matrix.terraform_backend_bucket }}" -backend-config="prefix=terraform/mithril-${{ matrix.environment }}"
444+
445+ name : Check Terraform
446+ run : terraform fmt -check
447+
448+ - name : Terraform Plan
449+ run : |
450+ GOOGLE_APPLICATION_CREDENTIALS=./google-application-credentials.json terraform plan --var-file=./env.variables.tfvars
451+
452+ name : Terraform Apply
453+ if : github.ref == 'refs/heads/main'
454+ run : |
455+ GOOGLE_APPLICATION_CREDENTIALS=./google-application-credentials.json terraform apply -auto-approve --var-file=./env.variables.tfvars
456+
457+ name : Cleanup
458+ run : |
459+ rm -f ./env.variables.tfvars
460+ rm -f ./google-application-credentials.json
0 commit comments