name: Deploy to Rinkeby network # Run on pushes to dev/master or PR on: # Pull request hook without any config. Launches for every pull request pull_request: # Launches for pushes to master or development push: branches: - master - development # Launches build when release is published release: types: [published] workflow_dispatch: env: REPO_NAME_ALPHANUMERIC: safereact REACT_APP_NETWORK: 'rinkeby' STAGING_BUCKET_NAME: ${{ secrets.STAGING_RINKEBY_BUCKET_NAME }} REACT_APP_SENTRY_DSN: ${{ secrets.SENTRY_DSN_RINKEBY }} REACT_APP_GOOGLE_ANALYTICS: ${{ secrets.REACT_APP_GOOGLE_ANALYTICS_ID_RINKEBY }} REACT_APP_GNOSIS_APPS_URL: ${{ secrets.REACT_APP_GNOSIS_APPS_URL_PROD }} jobs: debug: name: Debug runs-on: ubuntu-latest steps: - name: Dump env run: env | sort - name: Dump GitHub context env: GITHUB_CONTEXT: ${{ toJson(github) }} run: echo "$GITHUB_CONTEXT" deploy: name: Deployment runs-on: ubuntu-latest steps: - name: Remove broken apt repos [Ubuntu] if: matrix.os == 'ubuntu-latest' run: | for apt_file in `grep -lr microsoft /etc/apt/sources.list.d/`; do sudo rm $apt_file; done - uses: actions/checkout@v2 - name: Setup Node.js uses: actions/setup-node@v2 with: node-version: 14 - uses: actions/cache@v2 with: path: '**/node_modules' key: ${{ runner.os }}-modules-${{ hashFiles('**/yarn.lock') }} - run: | sudo apt-get update sudo apt-get -y install python3-pip python3-dev libusb-1.0-0-dev libudev-dev pip install awscli --upgrade --user # Due to some dependencies yarn may randomly throw an error about invalid cache # This approach is taken from https://github.com/yarnpkg/yarn/issues/7212#issuecomment-506155894 to fix the issue # Another approach is to install with flag --network-concurrency 1, but this will make the installation pretty slow (default value is 8) mkdir .yarncache yarn install --cache-folder ./.yarncache --frozen-lockfile rm -rf .yarncache yarn cache clean # Set production flag - name: Set production flag for tag build run: echo "REACT_APP_ENV='production'" >> $GITHUB_ENV if: startsWith(github.ref, 'refs/tags/v') - name: Build ${{ env.REACT_APP_NETWORK }} app ${{ env.REACT_APP_ENV }} run: yarn build env: PUBLIC_URL: './' REACT_APP_FORTMATIC_KEY: ${{ secrets.REACT_APP_FORTMATIC_KEY }} REACT_APP_INFURA_TOKEN: ${{ secrets.REACT_APP_INFURA_TOKEN }} REACT_APP_PORTIS_ID: ${{ secrets.REACT_APP_PORTIS_ID }} REACT_APP_INTERCOM_ID: ${{ secrets.REACT_APP_INTERCOM_ID }} REACT_APP_IPFS_GATEWAY: ${{ secrets.REACT_APP_IPFS_GATEWAY }} # Script to deploy Pull Requests - run: bash ./scripts/github/deploy_pull_request.sh if: success() && github.event.number env: AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} PR_NUMBER: ${{ github.event.number }} REVIEW_BUCKET_NAME: ${{ secrets.AWS_REVIEW_BUCKET_NAME }} REACT_APP_NETWORK: ${{ env.REACT_APP_NETWORK }} TRAVIS_TAG: ${{ github.event.release.tag_name }} - name: 'PRaul: Comment PR with app URLs' uses: mshick/add-pr-comment@v1 with: message: | * [Safe Multisig app ${{ env.REACT_APP_NETWORK }}](${{ env.REVIEW_FEATURE_URL }}/${{ env.REACT_APP_NETWORK }}/app/) repo-token: ${{ secrets.GITHUB_TOKEN }} repo-token-user-login: 'github-actions[bot]' allow-repeats: true if: success() && github.event.number env: REVIEW_FEATURE_URL: https://pr${{ github.event.number }}--${{ env.REPO_NAME_ALPHANUMERIC }}.review.gnosisdev.com # Script to deploy to development environment - name: 'Deploy to S3: Develop' run: bash ./scripts/github/deploy_to_s3_bucket.sh if: github.ref == 'refs/heads/development' env: AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} BUCKET_NAME: ${{ secrets.AWS_DEV_BUCKET_NAME }} # Script to deploy to staging environment - name: 'Deploy to S3: Staging' run: bash ./scripts/github/deploy_to_s3_bucket.sh if: github.ref == 'refs/heads/master' env: AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} BUCKET_NAME: ${{ env.STAGING_BUCKET_NAME }} # Script to upload release files - run: bash ./scripts/github/deploy_release.sh if: startsWith(github.ref, 'refs/tags/v') env: AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} PR_NUMBER: ${{ github.event.number }} REVIEW_BUCKET_NAME: ${{ secrets.AWS_REVIEW_BUCKET_NAME }} REACT_APP_NETWORK: ${{ env.REACT_APP_NETWORK }} VERSION_TAG: ${{ github.event.release.tag_name }} # Script to prepare production deployments - run: bash ./scripts/github/prepare_production_deployment.sh if: success() && startsWith(github.ref, 'refs/tags/v') env: PROD_DEPLOYMENT_HOOK_TOKEN: ${{ secrets.PROD_DEPLOYMENT_HOOK_TOKEN }} PROD_DEPLOYMENT_HOOK_URL: ${{ secrets.PROD_DEPLOYMENT_HOOK_URL }} VERSION_TAG: ${{ github.event.release.tag_name }} # Upload Sentry source maps when sending to staging or production - run: yarn sentry-upload-sourcemaps if: success() && (github.ref == 'refs/heads/master' || startsWith(github.ref, 'refs/tags/v')) env: SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }} SENTRY_ORG: ${{ secrets.SENTRY_ORG}} SENTRY_PROJECT: gnosis-safe-multisig-${{ env.REACT_APP_NETWORK }}