-
Notifications
You must be signed in to change notification settings - Fork 16
95 lines (81 loc) · 4.07 KB
/
deploy_ensnode_yellow.yml
File metadata and controls
95 lines (81 loc) · 4.07 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
name: "Deploy: ENSNode to Yellow Environment on Render platform"
on:
workflow_dispatch:
inputs:
tag:
description: "Docker Image Tag (also used for schema name generation)"
required: true
type: string
permissions:
id-token: write
contents: read
jobs:
deploy-environment:
runs-on: blacksmith-4vcpu-ubuntu-2204
env:
TARGET_ENVIRONMENT: "yellow"
ENSINDEXER_DOCKER_IMAGE: "ghcr.io/namehash/ensnode/ensindexer:${{ inputs.tag }}"
ENSAPI_DOCKER_IMAGE: "ghcr.io/namehash/ensnode/ensapi:${{ inputs.tag }}"
ENSRAINBOW_DOCKER_IMAGE: "ghcr.io/namehash/ensnode/ensrainbow:${{ inputs.tag }}"
ENSADMIN_DOCKER_IMAGE: "ghcr.io/namehash/ensnode/ensadmin:${{ inputs.tag }}"
# Terraform related envs
# AWS_REGION is required for aws-actions/configure-aws-credentials@v6
# Terraform keeps it's state inside S3 bucket. This bucket needs to be created before running Terraform apply.
# AWS_REGION should be the same as Terraform S3 bucket state region.
AWS_REGION: us-east-1
TF_VAR_ensnode_version: ${{ inputs.tag }}
# ENSRainbow Searchlight instance allows setting label set version only,
# while the label set ID is fixed to "searchlight".
# ENSRainbow Subgraph has both label set ID and label set version fixed.
TF_VAR_ensrainbow_searchlight_label_set_version: ${{ vars.ENSRAINBOW_SEARCHLIGHT_LABEL_SET_VERSION }}
TF_VAR_db_schema_version: ${{ vars.DB_SCHEMA_VERSION }}
TF_VAR_anthropic_api_key: ${{ secrets.ANTHROPIC_API_KEY }}
# ENSAdmin needs to know the list of ENSNode API endpoints to connect to.
TF_VAR_next_public_server_connection_library: ${{ vars.NEXT_PUBLIC_SERVER_CONNECTION_LIBRARY }}
# For now only one Terraform environment is active. In future this will be calculated based on workflow input.
TF_VAR_render_environment: "yellow"
TF_VAR_render_api_key: ${{ secrets.RENDER_API_KEY }}
TF_VAR_render_owner_id: ${{ secrets.RENDER_OWNER_ID }}
TF_VAR_alchemy_api_key: ${{ secrets.ALCHEMY_API_KEY }}
TF_VAR_quicknode_api_key: ${{ secrets.QUICKNODE_API_KEY }}
TF_VAR_quicknode_endpoint_name: ${{ secrets.QUICKNODE_ENDPOINT_NAME}}
steps:
- name: Checkout repository
uses: actions/checkout@v6
with:
fetch-depth: 1
- name: Check if Docker images exists
run: |
docker manifest inspect ${{ env.ENSINDEXER_DOCKER_IMAGE }} || { echo "Given docker image does not exist: ${{ env.ENSINDEXER_DOCKER_IMAGE }}"; exit 1; }
docker manifest inspect ${{ env.ENSAPI_DOCKER_IMAGE }} || { echo "Given docker image does not exist: ${{ env.ENSAPI_DOCKER_IMAGE }}"; exit 1; }
docker manifest inspect ${{ env.ENSRAINBOW_DOCKER_IMAGE }} || { echo "Given docker image does not exist: ${{ env.ENSRAINBOW_DOCKER_IMAGE }}"; exit 1; }
docker manifest inspect ${{ env.ENSADMIN_DOCKER_IMAGE }} || { echo "Given docker image does not exist: ${{ env.ENSADMIN_DOCKER_IMAGE }}"; exit 1; }
- name: Setup Terraform
uses: hashicorp/setup-terraform@v4
with:
terraform_version: 1.6.6
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v6
with:
role-to-assume: ${{ secrets.AWS_ROLE}}
aws-region: ${{ env.AWS_REGION }}
- name: Terraform Init
run: terraform init
working-directory: terraform
- name: Terraform workspace
run: terraform workspace select ${{env.TF_VAR_render_environment}}
working-directory: terraform
- name: Terraform Validate
run: terraform validate
working-directory: terraform
- name: Terraform Plan
run: terraform plan -out=tfplan
working-directory: terraform
- name: Terraform Apply
run: terraform apply -auto-approve tfplan
working-directory: terraform
- uses: ./.github/actions/send_slack_notification
with:
slack_webhook: ${{ secrets.SLACK_WEBHOOK_URL }}
slack_title: ${{ env.SLACK_TITLE }}
slack_message: "✅ Deploy ENSNode completed"