[buck2]REFECTOR: Refactorising and Integrating a Generic API model an… #330
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Mono Engine deploy | |
| on: | |
| push: | |
| branches: | |
| - main | |
| paths: | |
| - ".github/workflows/mono-engine-deploy.yml" | |
| - "api-model/**" | |
| - "ceres/**" | |
| - "common/**" | |
| - "context/**" | |
| - "io-orbit/**" | |
| - "jupiter/**" | |
| - "mono/**" | |
| - "saturn/**" | |
| - "vault/**" | |
| - "Cargo.toml" | |
| env: | |
| REGISTRY_ALIAS: m8q5m4u3 | |
| REPOSITORY: mega | |
| GCP_PROJECT_ID: infra-20250121-20260121-0235 | |
| GCP_REPOSITORY: mega | |
| IMAGE_TAG_BASE: mono-0.1.0-pre-release | |
| # Using AWS access key for authentication | |
| permissions: | |
| id-token: write | |
| contents: read | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.ref }} | |
| cancel-in-progress: true | |
| jobs: | |
| build-push-single-arch: | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 30 | |
| permissions: | |
| id-token: write | |
| contents: read | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| # ----------------------------- | |
| # AWS / ECR Public | |
| # ----------------------------- | |
| - name: Configure AWS Credentials | |
| uses: aws-actions/configure-aws-credentials@v4 | |
| with: | |
| aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| aws-region: us-east-1 | |
| - name: Login to Amazon ECR Public | |
| id: login-ecr-public | |
| uses: aws-actions/amazon-ecr-login@v2 | |
| with: | |
| registry-type: public | |
| # ----------------------------- | |
| # GCP / Artifact Registry | |
| # ----------------------------- | |
| - name: Auth to GCP | |
| uses: google-github-actions/auth@v2 | |
| with: | |
| credentials_json: ${{ secrets.GCP_SA_KEY }} | |
| - name: Configure docker for GCP | |
| run: | | |
| gcloud auth configure-docker us-central1-docker.pkg.dev | |
| # ----------------------------- | |
| # Build once, push to both | |
| # ----------------------------- | |
| - name: Build & push image to ECR + GCP (amd64) | |
| env: | |
| ECR_REGISTRY: ${{ steps.login-ecr-public.outputs.registry }} | |
| IMAGE_TAG_BASE: ${{ env.IMAGE_TAG_BASE }} | |
| run: | | |
| set -euo pipefail | |
| ARCH_SUFFIX=amd64 | |
| IMAGE_TAG="${IMAGE_TAG_BASE}-${ARCH_SUFFIX}" | |
| ECR_IMAGE="$ECR_REGISTRY/${{ env.REGISTRY_ALIAS }}/${{ env.REPOSITORY }}:$IMAGE_TAG" | |
| GCP_IMAGE="us-central1-docker.pkg.dev/${{ env.GCP_PROJECT_ID }}/${{ env.GCP_REPOSITORY }}/${{ env.REPOSITORY }}:$IMAGE_TAG" | |
| echo "ECR_IMAGE=$ECR_IMAGE" | |
| echo "GCP_IMAGE=$GCP_IMAGE" | |
| docker buildx build \ | |
| --provenance=false \ | |
| --sbom=false \ | |
| -f ./mono/Dockerfile \ | |
| -t "$ECR_IMAGE" \ | |
| -t "$GCP_IMAGE" \ | |
| --push . | |
| manifest: | |
| needs: build-push-single-arch | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: read | |
| steps: | |
| - name: Configure AWS Credentials | |
| uses: aws-actions/configure-aws-credentials@v4 | |
| with: | |
| aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| aws-region: us-east-1 | |
| - name: Login to Amazon ECR Public | |
| id: login-ecr-public | |
| uses: aws-actions/amazon-ecr-login@v2 | |
| with: | |
| registry-type: public | |
| - name: Create & push manifest | |
| env: | |
| REGISTRY: ${{ steps.login-ecr-public.outputs.registry }} | |
| run: | | |
| IMAGE_BASE="$REGISTRY/${{ env.REGISTRY_ALIAS }}/${{ env.REPOSITORY }}" | |
| docker manifest create "$IMAGE_BASE:${{ env.IMAGE_TAG_BASE }}" \ | |
| "$IMAGE_BASE:${{ env.IMAGE_TAG_BASE }}-amd64" \ | |
| "$IMAGE_BASE:${{ env.IMAGE_TAG_BASE }}-arm64" | |
| docker manifest push "$IMAGE_BASE:${{ env.IMAGE_TAG_BASE }}" | |
| deploy: | |
| needs: manifest | |
| if: ${{ github.repository == 'web3infra-foundation/mega' }} | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: read | |
| strategy: | |
| matrix: | |
| include: | |
| - cluster: gitmega-com | |
| service: mono-engine-dev-service-xnmoxhxb | |
| - cluster: gitmono-com-mega-app | |
| service: mono-engine | |
| steps: | |
| - name: Force ECS redeploy | |
| run: | | |
| aws ecs update-service \ | |
| --cluster ${{ matrix.cluster }} \ | |
| --service ${{ matrix.service }} \ | |
| --force-new-deployment | |
| env: | |
| AWS_REGION: ap-southeast-2 | |
| AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} |