Skip to content
Deploy IAM Server to Review

feat(infra): modify stack outputs (#2665) #616

Sign in to view logs

feat(infra): modify stack outputs (#2665)

feat(infra): modify stack outputs (#2665) #616

Workflow file for this run

.github/workflows/iam-cd-review.yml at 8a37840
name: Deploy IAM Server to Review
# trigger: on push to `main` branch, AND only on changes to `iam/*` and `infra/aws/**` files
on:
push:
branches: [main]
workflow_dispatch:
jobs:
build-and-test:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
# run tests
- name: Use Node.js 20
uses: actions/setup-node@v3
with:
node-version: 20.8
cache: "yarn"
- name: Install Packages
run: yarn install
- name: Run Tests
run: |
yarn test:iam
yarn test:identity
- name: Run Linter
run: |
yarn lint:iam
yarn lint:identity
# get sha shorthand
- name: Declare some variables
id: vars
shell: bash
run: echo "::set-output name=sha_short::$(git rev-parse --short HEAD)"
# configure AWS credentials
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v1
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID_REVIEW }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY_REVIEW }}
aws-region: us-west-2
# login to docker for AWS
- name: Login to Amazon ECR
id: login-ecr
uses: aws-actions/amazon-ecr-login@v1
# build, tag, and push to ECR
- name: Build, tag, and push image to Amazon ECR
env:
ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }}
ECR_REPOSITORY: passport
IMAGE_TAG: ${{ steps.vars.outputs.sha_short }}
run: |
docker build -t $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG -f iam/Dockerfile .
docker push $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG
outputs:
dockerTag: ${{ steps.vars.outputs.sha_short }}
deploy-review:
needs: build-and-test
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: Use Node.js
uses: actions/setup-node@v3
with:
cache: "yarn"
cache-dependency-path: infra/yarn.lock
# Update the pulumi stack with new image
- run: |
cd aws
yarn install
pulumi stack select -c gitcoin/passport/review
pulumi config -s gitcoin/passport/review set aws:region us-west-2 --non-interactive
working-directory: infra
env:
PULUMI_ACCESS_TOKEN: ${{ secrets.PULUMI_ACCESS_TOKEN }}
- uses: pulumi/actions@v3
id: pulumi
with:
command: up
stack-name: gitcoin/passport/review
upsert: false
work-dir: infra/aws
env:
PULUMI_ACCESS_TOKEN: ${{ secrets.PULUMI_ACCESS_TOKEN }}
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID_REVIEW }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY_REVIEW }}
DOCKER_GTC_PASSPORT_IAM_IMAGE: ${{secrets.ECR_URL_REVIEW}}:${{ needs.build-and-test.outputs.dockerTag }}
ROUTE_53_ZONE: ${{ secrets.ROUTE53_ZONE_ID_REVIEW }}
ROUTE_53_DOMAIN: ${{ secrets.DOMAIN_REVIEW }}
IAM_SERVER_SSM_ARN: ${{ secrets.IAM_SERVER_SSM_ARN_REVIEW }}
PASSPORT_VC_SECRETS_ARN: ${{ secrets.PASSPORT_VC_SECRETS_ARN_REVIEW }}
STAKING_APP_GITHUB_URL: ${{ vars.STAKING_APP_GITHUB_URL_REVIEW }}
STAKING_APP_GITHUB_ACCESS_TOKEN_FOR_AMPLIFY: ${{ secrets.STAKING_APP_GITHUB_ACCESS_TOKEN_FOR_AMPLIFY_REVIEW }}
STAKING_APP_ENABLE_AUTH: ${{ vars.STAKING_APP_ENABLE_AUTH_REVIEW }}
STAKING_APP_BASIC_AUTH_USERNAME: ${{ vars.STAKING_APP_BASIC_AUTH_USERNAME_REVIEW }}
STAKING_APP_BASIC_AUTH_PASSWORD: ${{ secrets.STAKING_APP_BASIC_AUTH_PASSWORD_REVIEW }}
STAKING_DATADOG_CLIENT_TOKEN_REVIEW: ${{ secrets.STAKING_DATADOG_CLIENT_TOKEN_REVIEW }}
STAKING_MAINNET_RPC_URL: ${{ secrets.STAKING_MAINNET_RPC_URL }}
STAKING_OP_SEPOLIA_RPC_URL: ${{ secrets.STAKING_OP_SEPOLIA_RPC_URL }}
STAKING_OP_RPC_URL: ${{ secrets.STAKING_OP_RPC_URL }}
STAKING_WALLET_CONNECT_PROJECT_ID: ${{ secrets.STAKING_APP_WALLET_CONNECT_PROJECT_ID_REVIEW }}
STAKING_INTERCOM_APP_ID: ${{ secrets.STAKING_APP_INTERCOM_APP_ID_REVIEW }}
STAKING_ARBITRUM_RPC_URL: ${{ secrets.STAKING_ARBITRUM_RPC_URL }}