ENG-5260 fix(portal): add arg to dockerfile (#1004) #307
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Deploy Portal to Dev | |
| on: | |
| push: | |
| branches: | |
| - main | |
| jobs: | |
| deploy-dev: | |
| name: Deploy to Dev | |
| runs-on: ubuntu-latest | |
| env: | |
| CLUSTER_NAME: systems-intuition-dev-cluster | |
| SERVICE_NAME: portal-intuition-dev | |
| ECR_IMAGE: ${{ secrets.AWS_ACCOUNT }}.dkr.ecr.${{ secrets.AWS_REGION }}.amazonaws.com/portal-dev:latest | |
| steps: | |
| - name: Check if important variables are set | |
| shell: bash | |
| run: | | |
| if [[ ${{ secrets.AWS_ACCESS_KEY_ID }} == '' ]]; then | |
| echo "secret AWS_ACCESS_KEY_ID not set" | |
| exit 1 | |
| fi | |
| if [[ ${{ secrets.AWS_SECRET_ACCESS_KEY }} == '' ]]; then | |
| echo "secret AWS_SECRET_ACCESS_KEY not set" | |
| exit 1 | |
| fi | |
| if [[ ${{ secrets.AWS_ACCOUNT }} == '' ]]; then | |
| echo "secret AWS_ACCOUNT not set" | |
| exit 1 | |
| fi | |
| - name: Print variables | |
| shell: bash | |
| run: | | |
| echo "ENV=$ENV" | |
| echo "CLUSTER_NAME=$CLUSTER_NAME" | |
| echo "SERVICE_NAME=$SERVICE_NAME" | |
| echo "ECR_IMAGE=$ECR_IMAGE" | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Setup Node.js | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: 20 | |
| - name: Setup pnpm | |
| uses: pnpm/action-setup@v3 | |
| with: | |
| version: 9.0.6 | |
| - name: Install dependencies | |
| run: pnpm install | |
| - name: Run codegen for API package | |
| run: API_URL=https://dev.api.intuition.systems pnpm run codegen | |
| - name: Configure AWS credentials | |
| uses: aws-actions/configure-aws-credentials@v2 | |
| with: | |
| aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| aws-region: ${{ secrets.AWS_REGION }} | |
| - name: Login to Amazon ECR | |
| uses: aws-actions/amazon-ecr-login@v1 | |
| with: | |
| mask-password: true | |
| - name: Build, tag, and push image to AWS ECR | |
| run: | | |
| echo "${{ secrets.PRIVY_VERIFICATION_KEY_DEV }}" > privy_verification_key.pem | |
| docker build \ | |
| --platform linux/x86_64 \ | |
| -t portal \ | |
| -f apps/portal/Dockerfile \ | |
| . \ | |
| --build-arg ALCHEMY_MAINNET_API_KEY=${{ secrets.ALCHEMY_MAINNET_API_KEY }} \ | |
| --build-arg ALCHEMY_API_KEY=${{ secrets.ALCHEMY_API_KEY }} \ | |
| --build-arg ALCHEMY_MAINNET_RPC_URL=${{ secrets.ALCHEMY_MAINNET_RPC_URL }} \ | |
| --build-arg ALCHEMY_BASE_SEPOLIA_RPC_URL=${{ secrets.ALCHEMY_BASE_SEPOLIA_RPC_URL }} \ | |
| --build-arg ALCHEMY_BASE_RPC_URL=${{ secrets.ALCHEMY_BASE_RPC_URL }} \ | |
| --build-arg WALLETCONNECT_PROJECT_ID=${{ secrets.WALLETCONNECT_PROJECT_ID }} \ | |
| --build-arg SESSION_SECRET=${{ secrets.SESSION_SECRET }} \ | |
| --build-arg API_URL=${{ secrets.API_URL }} \ | |
| --build-arg API_KEY=${{ secrets.API_KEY }} \ | |
| --build-arg PRIVY_APP_ID=${{ secrets.PRIVY_APP_ID }} \ | |
| --build-arg PRIVY_APP_SECRET=${{ secrets.PRIVY_APP_SECRET }} \ | |
| --build-arg PRIVY_VERIFICATION_KEY="$(cat privy_verification_key.pem)" \ | |
| --build-arg CLOUDINARY_CLOUD_NAME=${{ secrets.CLOUDINARY_CLOUD_NAME }} \ | |
| --build-arg CLOUDINARY_API_KEY=${{ secrets.CLOUDINARY_API_KEY }} \ | |
| --build-arg CLOUDINARY_API_SECRET=${{ secrets.CLOUDINARY_API_SECRET }} \ | |
| --build-arg SENTRY_DSN=${{ secrets.SENTRY_DSN }} \ | |
| --build-arg SENTRY_AUTH_TOKEN=${{ secrets.SENTRY_AUTH_TOKEN }} \ | |
| --build-arg SENTRY_ORG=${{ secrets.SENTRY_ORG }} \ | |
| --build-arg SENTRY_PROJECT=${{ secrets.SENTRY_PROJECT }} \ | |
| --build-arg VITE_DEPLOY_ENV=development \ | |
| --build-arg ORIGIN_URL=${{ secrets.ORIGIN_URL_DEVELOPMENT }} \ | |
| --build-arg PHOSPHOR_API_KEY=${{ secrets.PHOSPHOR_API_KEY }} \ | |
| --build-arg PHOSPHOR_ADMIN_API_URL=${{ secrets.PHOSPHOR_ADMIN_API_URL }} \ | |
| --build-arg PHOSPHOR_COLLECTION_ID=${{ secrets.PHOSPHOR_COLLECTION_ID }} \ | |
| --build-arg GTM_TRACKING_ID=${{ secrets.GTM_TRACKING_ID }} \ | |
| --build-arg RELIC_GRAPHQL_ENDPOINT=${{ secrets.RELIC_GRAPHQL_ENDPOINT }} \ | |
| --build-arg FF_FULL_LOCKDOWN_ENABLED=false \ | |
| --build-arg FF_GENERIC_BANNER_ENABLED=true \ | |
| --build-arg FF_INCIDENT_BANNER_ENABLED=false | |
| docker tag portal ${{ env.ECR_IMAGE }} | |
| docker push ${{ env.ECR_IMAGE }} | |
| rm privy_verification_key.pem | |
| - name: Download task definition | |
| shell: bash | |
| run: | | |
| aws ecs describe-task-definition --task-definition ${{ env.SERVICE_NAME }} --query taskDefinition > task-definition.json | |
| - name: Render Amazon ECS task definition | |
| id: render-container | |
| uses: aws-actions/amazon-ecs-render-task-definition@v1 | |
| with: | |
| task-definition: task-definition.json | |
| container-name: portal | |
| image: ${{ env.ECR_IMAGE }} | |
| environment-variables: | | |
| AWS_REGION=${{ secrets.AWS_REGION }} | |
| AWS_ACCOUNT=${{ secrets.AWS_ACCOUNT }} | |
| - name: Deploy task definition to Amazon ECS | |
| uses: aws-actions/amazon-ecs-deploy-task-definition@v1 | |
| with: | |
| task-definition: ${{ steps.render-container.outputs.task-definition }} | |
| service: ${{ env.SERVICE_NAME }} | |
| cluster: ${{ env.CLUSTER_NAME }} | |
| wait-for-service-stability: true |