chore(release): v5.5.4 #2511

Workflow file for this run

	name: Deployment

	on:
	pull_request:
	branches:
	- master
	- develop
	- stage
	types:
	- closed

	concurrency:
	group: ${{ github.workflow }}-${{ github.base_ref }}
	cancel-in-progress: true

	env:
	AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
	AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
	SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }}

	jobs:
	build_and_deploy:
	if: github.event.pull_request.merged == true

	runs-on: ubuntu-latest

	services:
	redis:
	image: redis
	ports:
	- 6379:6379
	ipfs:
	image: ipfs/go-ipfs:v0.14.0
	ports:
	- 5001:5001
	stripe:
	image: stripemock/stripe-mock:latest
	ports:
	- 12111:12111
	- 12112:12112
	postgres:
	image: postgres:12-alpine
	ports:
	- 5432:5432
	env:
	POSTGRES_DB: matters-test
	POSTGRES_USER: postgres
	POSTGRES_PASSWORD: postgres

	steps:
	- name: Checkout Repo
	uses: actions/checkout@master

	- name: Setup Node.js
	uses: actions/setup-node@v2
	with:
	node-version: '18'

	- name: Cache NPM dependencies
	uses: actions/cache@v3
	id: node_modules_cache
	with:
	path: node_modules
	key: ${{ runner.os }}-v18-npm-v3-${{ hashFiles('package-lock.json') }}

	- name: Install Dependencies
	if: steps.node_modules_cache.outputs.cache-hit != 'true'
	run: npm ci

	- name: Lint
	run: \|
	npm run lint \
	&& npm run format:check

	- name: Test
	run: npm run test
	env:
	CODECOV_TOKEN: de5ab681-0837-4a24-b614-0a29225a7e4c
	MATTERS_ENV: test
	MATTERS_PG_HOST: localhost
	MATTERS_PG_USER: postgres
	MATTERS_PG_PASSWORD: postgres
	MATTERS_PG_DATABASE: matters-test
	MATTERS_QUEUE_HOST: localhost
	MATTERS_CACHE_HOST: localhost
	MATTERS_MATTY_ID: 6
	MATTERS_JWT_SECRET: QsNmu9
	MATTERS_ELASTICSEARCH_HOST: localhost
	MATTERS_ELASTICSEARCH_PORT: 9200
	MATTERS_IPFS_SERVERS: 'http://localhost:5001'
	MATTERS_OICD_PRIVATE_KEY: .ebextensions/oicd_rsa_private_local.pem
	MATTERS_STRIPE_SECRET: sk_test_foobar
	MATTERS_SENDGRID_API_KEY: SG.0-_abcabcabc.
	MATTERS_OPENSEA_API_BASE: 'https://rinkeby-api.opensea.io/api/v1'

	- name: Build
	run: npm run build

	# === predeploy ===
	- name: Docker Configuration (develop)
	if: github.base_ref == 'develop'
	run: \|
	cat docker/Dockerrun.aws.json.example \| sed "s/{{IMAGE_TAG}}/develop/" > Dockerrun.aws.json

	- name: Docker Configuration (stage)
	if: github.base_ref == 'stage'
	run: \|
	cat docker/Dockerrun.aws.json.example \| sed "s/{{IMAGE_TAG}}/stage/" > Dockerrun.aws.json

	- name: Docker Configuration (production)
	if: github.base_ref == 'master'
	run: \|
	cat docker/Dockerrun.aws.json.example \| sed "s/{{IMAGE_TAG}}/prod/" > Dockerrun.aws.json

	- name: Generate deployment package
	if: github.base_ref == 'develop' \|\| github.base_ref == 'stage' \|\| github.base_ref == 'master'
	run: zip -r deploy.zip . -x node_modules/\* .git/\*

	- name: Setup AWS
	if: github.base_ref == 'develop' \|\| github.base_ref == 'stage' \|\| github.base_ref == 'master'
	uses: aws-actions/configure-aws-credentials@v1
	with:
	aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
	aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
	aws-region: ap-southeast-1

	- name: Login to Amazon ECR
	if: github.base_ref == 'develop' \|\| github.base_ref == 'stage' \|\| github.base_ref == 'master'
	id: login-ecr
	uses: aws-actions/amazon-ecr-login@v1
	# === [END] predeploy ===

	# === `develop` branch ===
	- name: Start VPN (develop)
	if: github.base_ref == 'develop'
	run: \|
	sudo apt-get update \
	&& sudo apt-get install openvpn \
	&& echo $VPN_AUTH \| base64 -d > $VPN_AUTH_PATH \
	&& echo $VPN_CONFIG \| base64 -d > $VPN_CONFIG_PATH \
	&& sudo openvpn --config $VPN_CONFIG_PATH --auth-user-pass $VPN_AUTH_PATH --daemon \
	&& sleep 15s
	env:
	VPN_CONFIG: ${{ secrets.DEVELOP_VPN_CONFIG }}
	VPN_CONFIG_PATH: '.github/config.ovpn'
	VPN_AUTH: ${{ secrets.DEVELOP_VPN_AUTH }}
	VPN_AUTH_PATH: '.github/auth.txt'

	- name: Check DB Connection
	if: github.base_ref == 'develop'
	run: nc -zv -w 5 $MATTERS_PG_HOST 5432
	env:
	MATTERS_PG_HOST: ${{ secrets.DEVELOP_PG_HOST }}

	- name: DB Migration (develop)
	if: github.base_ref == 'develop'
	run: npm run db:migrate
	env:
	MATTERS_ENV: development
	MATTERS_PG_HOST: ${{ secrets.DEVELOP_PG_HOST }}
	MATTERS_PG_DATABASE: ${{ secrets.DEVELOP_PG_DATABASE }}
	MATTERS_PG_USER: ${{ secrets.DEVELOP_PG_USER }}
	MATTERS_PG_PASSWORD: ${{ secrets.DEVELOP_PG_PASSWORD }}
	MATTERS_STRIPE_SECRET: ${{ secrets.DEVELOP_STRIPE_SECRET }}

	- name: Build, tag, and push image to Amazon ECR (develop)
	if: github.base_ref == 'develop'
	run: \|
	docker build -t $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG -f docker/Dockerfile .
	docker push $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG
	env:
	ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }}
	ECR_REPOSITORY: matters-server
	IMAGE_TAG: develop

	- name: Deploy to EB (develop)
	if: github.base_ref == 'develop'
	uses: einaregilsson/beanstalk-deploy@v19
	with:
	aws_access_key: ${{ secrets.AWS_ACCESS_KEY_ID }}
	aws_secret_key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
	application_name: matters-stage
	environment_name: matters-server-develop
	version_label: matters-server-develop-${{ hashFiles('deploy.zip') }}
	version_description: ${{ github.SHA }}
	region: ap-southeast-1
	deployment_package: deploy.zip
	use_existing_version_if_available: true
	wait_for_deployment: true
	# === [END] `develop` branch ===

	# === `stage` branch ===
	- name: DB Migration (stage)
	if: github.base_ref == 'stage'
	run: npm run db:migrate
	env:
	MATTERS_ENV: stage
	MATTERS_PG_HOST: ${{ secrets.STAGE_PG_HOST }}
	MATTERS_PG_DATABASE: ${{ secrets.STAGE_PG_DATABASE }}
	MATTERS_PG_USER: ${{ secrets.STAGE_PG_USER }}
	MATTERS_PG_PASSWORD: ${{ secrets.STAGE_PG_PASSWORD }}
	MATTERS_STRIPE_SECRET: ${{ secrets.STAGE_STRIPE_SECRET }}

	- name: Build, tag, and push image to Amazon ECR (stage)
	if: github.base_ref == 'stage'
	run: \|
	docker build -t $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG -f docker/Dockerfile .
	docker push $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG
	env:
	ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }}
	ECR_REPOSITORY: matters-server
	IMAGE_TAG: stage

	- name: Deploy to EB (stage)
	if: github.base_ref == 'stage'
	uses: einaregilsson/beanstalk-deploy@v19
	with:
	aws_access_key: ${{ secrets.AWS_ACCESS_KEY_ID }}
	aws_secret_key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
	application_name: matters-eb-stage
	environment_name: matters-server-stage
	version_label: matters-server-stage-${{ hashFiles('deploy.zip') }}
	version_description: ${{ github.SHA }}
	region: ap-southeast-1
	deployment_package: deploy.zip
	use_existing_version_if_available: true
	wait_for_deployment: true
	# === [END] `stage` branch ===

	# === `master` branch ===
	- name: Start VPN
	if: github.base_ref == 'master'
	run: \|
	sudo apt-get update \
	&& sudo apt-get install openvpn \
	&& echo $VPN_CONFIG \| base64 -d >> $VPN_CONFIG_PATH \
	&& echo $VPN_AUTH \| base64 -d >> $VPN_AUTH_PATH \
	&& sudo openvpn --config $VPN_CONFIG_PATH --auth-user-pass $VPN_AUTH_PATH --daemon \
	&& sleep 15s
	env:
	VPN_CONFIG: ${{ secrets.VPN_CONFIG }}
	VPN_CONFIG_PATH: '.github/config.ovpn'
	VPN_AUTH: ${{ secrets.VPN_AUTH }}
	VPN_AUTH_PATH: '.github/auth.txt'

	- name: Check DB Connection
	if: github.base_ref == 'master'
	run: nc -zv -w 5 $MATTERS_PG_HOST 5432
	env:
	MATTERS_PG_HOST: ${{ secrets.PROD_PG_HOST }}

	- name: DB Migration (production)
	if: github.base_ref == 'master'
	run: npm run db:migrate
	env:
	MATTERS_ENV: production
	MATTERS_PG_HOST: ${{ secrets.PROD_PG_HOST }}
	MATTERS_PG_DATABASE: ${{ secrets.PROD_PG_DATABASE }}
	MATTERS_PG_USER: ${{ secrets.PROD_PG_USER }}
	MATTERS_PG_PASSWORD: ${{ secrets.PROD_PG_PASSWORD }}
	MATTERS_STRIPE_SECRET: ${{ secrets.PROD_STRIPE_SECRET }}

	- name: Kill VPN
	if: always()
	run: sudo killall openvpn \|\| true

	- name: Build, tag, and push image to Amazon ECR (production)
	if: github.base_ref == 'master'
	env:
	ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }}
	ECR_REPOSITORY: matters-server
	IMAGE_TAG: prod
	run: \|
	docker build -t $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG -f docker/Dockerfile .
	docker push $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG

	- name: Deploy to EB (production)
	if: github.base_ref == 'master'
	uses: einaregilsson/beanstalk-deploy@v19
	with:
	aws_access_key: ${{ secrets.AWS_ACCESS_KEY_ID }}
	aws_secret_key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
	application_name: matters-prod
	environment_name: matters-server-prod
	version_label: matters-server-prod-${{ hashFiles('deploy.zip') }}
	version_description: ${{ github.SHA }}
	region: ap-southeast-1
	deployment_package: deploy.zip
	use_existing_version_if_available: true
	wait_for_deployment: true
	# === [END] `master` branch ===

	- name: Logout of Amazon ECR
	if: github.base_ref == 'develop' \|\| 'refs/heads/stage' \|\| github.base_ref == 'master'
	run: docker logout ${{ steps.login-ecr.outputs.registry }}

	- name: Slack Notification
	if: always()
	uses: 8398a7/action-slack@v3
	with:
	status: ${{ job.status }}
	author_name: matters-server
	fields: repo,message,commit,author,action,eventName,ref,workflow,job,took

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

chore(release): v5.5.4 #2511

Workflow file

chore(release): v5.5.4 #2511

Jobs

Run details

Workflow file for this run