Add Wallet Stake Permission explanations and create guide for setting… #209
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build and deploy | |
| on: | |
| push: | |
| branches: | |
| - dev | |
| - main | |
| tags: | |
| - 'v*' | |
| workflow_dispatch: | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.ref }} | |
| cancel-in-progress: true | |
| jobs: | |
| build: | |
| if: | | |
| !contains(github.event.head_commit.message, 'skip build') | |
| permissions: write-all | |
| runs-on: ubicloud-standard-16 | |
| steps: | |
| - name: Checkout your repository using git | |
| uses: actions/checkout@v4 | |
| - name: Setup PNPM | |
| uses: pnpm/action-setup@v4 | |
| with: | |
| version: latest | |
| package_json_file: ./package.json | |
| - name: Setup Node | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: 20 | |
| cache: "pnpm" | |
| - name: Install | |
| run: pnpm install | |
| - name: Build | |
| run: pnpm run build | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Docker Login | |
| uses: docker/[email protected] | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Prepare build | |
| run: | | |
| echo "SANITIZED_REF=$(echo "${GITHUB_REF##*/}" | tr '/' '-' | tr -d '.')" >> $GITHUB_ENV | |
| - id: commit | |
| uses: prompt/actions-commit-hash@v3 | |
| - name: Build and push | |
| uses: docker/build-push-action@v6 | |
| with: | |
| context: . | |
| push: true | |
| file: Dockerfile | |
| tags: | | |
| ghcr.io/renlabs-dev/torus-docs:${{ steps.commit.outputs.short }} | |
| ghcr.io/renlabs-dev/torus-docs:${{ env.SANITIZED_REF }} | |
| clean-stale: | |
| runs-on: ubicloud-standard-2 | |
| container: | |
| image: ghcr.io/renlabs-dev/devops-ci:latest | |
| env: | |
| VAULT_ADDR: ${{ secrets.VAULT_ADDR }} | |
| VAULT_ROLE_ID: ${{ secrets.VAULT_ROLE_ID }} | |
| VAULT_SECRET_ID: ${{ secrets.VAULT_SECRET_ID }} | |
| steps: | |
| - name: Setup Kubernetes authentication | |
| run: /apps/k8s_auth_w_approle_sa.sh | |
| - name: Clean stale releases | |
| run: | | |
| /apps/clean_stale_releases.sh torus-docs | |
| deploy: | |
| needs: [build, clean-stale] | |
| runs-on: ubicloud-standard-2 | |
| environment: ${{ github.ref_name }} | |
| container: | |
| image: ghcr.io/renlabs-dev/devops-ci:latest | |
| env: | |
| VAULT_ADDR: ${{ secrets.VAULT_ADDR }} | |
| VAULT_ROLE_ID: ${{ secrets.VAULT_ROLE_ID }} | |
| VAULT_SECRET_ID: ${{ secrets.VAULT_SECRET_ID }} | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| - name: Setup Kubernetes authentication | |
| run: /apps/k8s_auth_w_approle_sa.sh | |
| - name: Add and update Helm repositories | |
| run: | | |
| helm repo add renlabs https://charts.renlabs.dev/ | |
| helm repo update | |
| - id: commit | |
| uses: prompt/actions-commit-hash@v3 | |
| - name: Set environment variables | |
| run: | | |
| echo "SANITIZED_REF=$(echo "${GITHUB_REF##*/}" | tr '/' '-' | tr -d '.' )" >> $GITHUB_ENV | |
| - name: Deploy application (Branch) | |
| if: github.ref_type == 'branch' | |
| run: | | |
| helmfile sync -e ${{ github.ref_name == 'main' && 'prod' || 'dev' }} \ | |
| --set deployment.image.tag=${{ steps.commit.outputs.short }} | |
| - name: Deploy application (Tag) | |
| if: github.ref_type == 'tag' | |
| run: | | |
| helmfile sync \ | |
| --state-values-set releaseName="${{ env.SANITIZED_REF }}-torus-docs" \ | |
| --state-values-set ingressHost="${{ env.SANITIZED_REF }}.docs.torus.network" \ | |
| --set deployment.image.tag=${{ steps.commit.outputs.short }} |