name: Deploy to Mainnet network # Run on pushes to master or PRs on: # Pull request hook without any config. Launches for every pull request pull_request: push: branches: - master # Launches build when release is published release: types: [published] env: REPO_NAME_ALPHANUMERIC: safereact REACT_APP_NETWORK: 'mainnet' STAGING_BUCKET_NAME: ${{ secrets.STAGING_MAINNET_BUCKET_NAME }} REACT_APP_SENTRY_DSN: ${{ secrets.SENTRY_DSN_MAINNET }} REACT_APP_GOOGLE_ANALYTICS: ${{ secrets.REACT_APP_GOOGLE_ANALYTICS_ID_MAINNET }} REACT_APP_GNOSIS_APPS_URL: ${{ secrets.REACT_APP_GNOSIS_APPS_URL_PROD }} jobs: debug: name: Debug runs-on: ubuntu-latest steps: - name: Dump env run: env | sort - name: Dump GitHub context env: GITHUB_CONTEXT: ${{ toJson(github) }} run: echo "$GITHUB_CONTEXT" deploy: name: Deployment runs-on: ubuntu-latest steps: - name: Remove broken apt repos [Ubuntu] if: matrix.os == 'ubuntu-latest' run: | for apt_file in `grep -lr microsoft /etc/apt/sources.list.d/`; do sudo rm $apt_file; done - uses: actions/checkout@v2 - name: Setup Node.js uses: actions/setup-node@v2 with: node-version: 14 - uses: actions/cache@v2 with: path: '**/node_modules' key: ${{ runner.os }}-modules-${{ hashFiles('**/yarn.lock') }} - run: | sudo apt-get update sudo apt-get -y install python3-pip python3-dev libusb-1.0-0-dev libudev-dev pip install awscli --upgrade --user # Due to some dependencies yarn may randomly throw an error about invalid cache # This approach is taken from https://github.com/yarnpkg/yarn/issues/7212#issuecomment-506155894 to fix the issue # Another approach is to install with flag --network-concurrency 1, but this will make the installation pretty slow (default value is 8) mkdir .yarncache yarn install --cache-folder ./.yarncache --frozen-lockfile rm -rf .yarncache yarn cache clean # Set production flag - name: Set production flag for tag build run: echo "REACT_APP_ENV=production" >> $GITHUB_ENV if: startsWith(github.ref, 'refs/tags/v') - name: Build ${{ env.REACT_APP_NETWORK }} app run: yarn build env: PUBLIC_URL: './' REACT_APP_FORTMATIC_KEY: ${{ secrets.REACT_APP_FORTMATIC_KEY }} REACT_APP_INFURA_TOKEN: ${{ secrets.REACT_APP_INFURA_TOKEN }} REACT_APP_PORTIS_ID: ${{ secrets.REACT_APP_PORTIS_ID }} REACT_APP_INTERCOM_ID: ${{ secrets.REACT_APP_INTERCOM_ID }} REACT_APP_IPFS_GATEWAY: ${{ secrets.REACT_APP_IPFS_GATEWAY }} - name: Configure AWS credentials uses: aws-actions/configure-aws-credentials@v1 with: aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} aws-region: ${{ secrets.AWS_DEFAULT_REGION }} # Script to deploy Pull Requests - run: bash ./scripts/github/deploy_pull_request.sh if: success() && github.event.number env: AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} PR_NUMBER: ${{ github.event.number }} REVIEW_BUCKET_NAME: ${{ secrets.AWS_REVIEW_BUCKET_NAME }} REACT_APP_NETWORK: ${{ env.REACT_APP_NETWORK }} TRAVIS_TAG: ${{ github.event.release.tag_name }} - name: 'PRaul: Comment PR with app URLs' uses: mshick/add-pr-comment@v1 with: message: | * [Safe Multisig app ${{ env.REACT_APP_NETWORK }}](${{ env.REVIEW_FEATURE_URL }}/${{ env.REACT_APP_NETWORK }}/app/) repo-token: ${{ secrets.GITHUB_TOKEN }} repo-token-user-login: 'github-actions[bot]' allow-repeats: true if: success() && github.event.number env: REVIEW_FEATURE_URL: https://pr${{ github.event.number }}--${{ env.REPO_NAME_ALPHANUMERIC }}.review.gnosisdev.com # Script to deploy to development environment # Mainnet build is never created in development branch # Script to deploy to staging environment - name: 'Deploy to S3: Staging' if: github.ref == 'refs/heads/master' # Or refs/heads/main run: aws s3 sync build s3://${{ env.STAGING_BUCKET_NAME }}/current/app --delete # Script to upload release files - name: 'Upload release build files for production' if: startsWith(github.ref, 'refs/tags/v') run: aws s3 sync build s3://${{ env.STAGING_BUCKET_NAME }}/releases/${{ github.event.release.tag_name }} --delete # - run: bash ./scripts/github/deploy_release.sh # if: startsWith(github.ref, 'refs/tags/v') # env: # AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} # AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} # PR_NUMBER: ${{ github.event.number }} # REVIEW_BUCKET_NAME: ${{ secrets.AWS_REVIEW_BUCKET_NAME }} # REACT_APP_NETWORK: ${{ env.REACT_APP_NETWORK }} # VERSION_TAG: ${{ github.event.release.tag_name }} # Script to prepare production deployments - run: bash ./scripts/github/prepare_production_deployment.sh if: success() && startsWith(github.ref, 'refs/tags/v') env: PROD_DEPLOYMENT_HOOK_TOKEN: ${{ secrets.PROD_DEPLOYMENT_HOOK_TOKEN }} PROD_DEPLOYMENT_HOOK_URL: ${{ secrets.PROD_DEPLOYMENT_HOOK_URL }} VERSION_TAG: ${{ github.event.release.tag_name }} # Upload Sentry source maps when sending to staging or production - run: yarn sentry-upload-sourcemaps if: success() && (github.ref == 'refs/heads/master' || startsWith(github.ref, 'refs/tags/v')) env: SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }} SENTRY_ORG: ${{ secrets.SENTRY_ORG}} SENTRY_PROJECT: gnosis-safe-multisig-${{ env.REACT_APP_NETWORK }}