Merge pull request #1226 from andrew-bierman/feat/preview-version-of-api #411
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: 'Backend Production Deployment' | |
| on: | |
| workflow_dispatch: | |
| push: | |
| branches: | |
| - main | |
| - andrew_testing | |
| paths: | |
| - '.github/workflows/backend.yml' | |
| - 'packages/validations/**' | |
| - 'packages/shared-types/**' | |
| - 'server/**' | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.ref }} | |
| cancel-in-progress: true | |
| jobs: | |
| deploy: | |
| name: Deploy to Cloudflare Workers | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 10 | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v3 | |
| with: | |
| fetch-depth: 1 | |
| - name: Setup JS Runtime environment | |
| uses: ./.github/actions/setup-js-runtime | |
| - name: Generate wrangler.toml | |
| uses: ./.github/actions/setup-wrangler-toml | |
| with: | |
| environment: production | |
| APP_URL: ${{ secrets.VITE_PUBLIC_APP_URL }} | |
| AWS_SIGN_ALGORITHM: ${{ secrets.AWS_SIGN_ALGORITHM }} | |
| BUCKET_ENDPOINT: ${{ secrets.BUCKET_ENDPOINT }} | |
| BUCKET_NAME: ${{ secrets.BUCKET_NAME }} | |
| BUCKET_REGION: ${{ secrets.BUCKET_REGION }} | |
| BUCKET_SERVICE: ${{ secrets.BUCKET_SERVICE }} | |
| BUCKET_SESSION_TOKEN: ${{ secrets.BUCKET_SESSION_TOKEN }} | |
| CLOUDFLARE_ACCOUNT_ID: ${{ secrets.CLOUDFLARE_ACCOUNT_ID }} | |
| DB_ID: ${{ secrets.PRODUCTION_DB_ID }} | |
| GOOGLE_CLIENT_ID: ${{ secrets.GOOGLE_CLIENT_ID }} | |
| STMP_EMAIL: ${{ secrets.STMP_EMAIL }} | |
| VECTOR_INDEX_NAME: ${{ secrets.VECTOR_INDEX }} | |
| - name: Migrate database | |
| uses: cloudflare/[email protected] | |
| with: | |
| wranglerVersion: '3.75.0' | |
| apiToken: ${{ secrets.CLOUDFLARE_API_TOKEN }} | |
| accountId: ${{ secrets.CLOUDFLARE_ACCOUNT_ID}} | |
| workingDirectory: server | |
| preCommands: | | |
| echo '---Clear previous wrangler logs---' | |
| rm /home/runner/.config/.wrangler/logs/* || true | |
| command: d1 migrations apply production --remote --env production | |
| packageManager: yarn | |
| env: | |
| NO_D1_WARNING: true | |
| CI: true | |
| WRANGLER_LOG: debug | |
| WRANGLER_LOG_SANITIZE: false | |
| - name: Print wrangler extra logs on failure | |
| if: failure() | |
| run: | | |
| cat "$(ls -t /home/runner/.config/.wrangler/logs/* | head -n 1)" || true; | |
| - name: Deploy | |
| uses: cloudflare/[email protected] | |
| with: | |
| wranglerVersion: '3.75.0' | |
| apiToken: ${{ secrets.CLOUDFLARE_API_TOKEN }} | |
| accountId: ${{ secrets.CLOUDFLARE_ACCOUNT_ID}} | |
| workingDirectory: server | |
| # INFO: We need to upload secret manually because the default secrets input of this action `cloudflare/[email protected]` use the `wrangler secret put` command to upload secrets but this command will do not work non-interactive context. | |
| preCommands: > | |
| echo '---Clear previous wrangler logs file---' && | |
| rm /home/runner/.config/.wrangler/logs/* || true && | |
| echo '---Generate and upload secrets---' && | |
| echo '>> Generate secrets file' && | |
| echo '{}' | jq ' | |
| .WORKERS_AI_API_KEY="${{ secrets.WORKERS_AI_API_KEY }}" | | |
| .VECTORIZE_API_KEY="${{ secrets.VECTORIZE_API_KEY }}" | | |
| .BUCKET_ACCESS_KEY_ID="${{ secrets.BUCKET_ACCESS_KEY_ID }}" | | |
| .GOOGLE_CLIENT_SECRET="${{ secrets.GOOGLE_CLIENT_SECRET }}" | | |
| .JWT_SECRET="${{ secrets.JWT_SECRET }}" | | |
| .MAPBOX_ACCESS_TOKEN="${{ secrets.MAPBOX_ACCESS_TOKEN }}" | | |
| .OPENAI_API_KEY="${{ secrets.OPENAI_API_KEY }}" | | |
| .OPENWEATHER_KEY="${{ secrets.OPENWEATHER_KEY }}" | | |
| .SEND_GRID_API_KEY="${{ secrets.SEND_GRID_API_KEY }}" | | |
| .STMP_PASSWORD="${{ secrets.STMP_PASSWORD }}" | | |
| .VECTORIZE_API_KEY="${{ secrets.VECTORIZE_API_KEY }}" | | |
| .X_AMZ_SECURITY_TOKEN="${{ secrets.X_AMZ_SECURITY_TOKEN }}" | | |
| .JWT_VERIFICATION_KEY="${{ secrets.JWT_SECRET }}" | |
| ' > secrets.json && | |
| echo '<< Secrets file generated' && | |
| echo '>> Upload secrets' && | |
| yarn wrangler secret bulk --env production secrets.json && | |
| echo '<< Secrets uploaded' | |
| command: deploy src/index.ts --env production | |
| packageManager: yarn | |
| env: | |
| CI: true | |
| NO_D1_WARNING: true | |
| WRANGLER_LOG: debug | |
| WRANGLER_LOG_SANITIZE: false | |
| - name: Print wrangler extra logs on failure | |
| if: failure() | |
| run: | | |
| cat "$(ls -t /home/runner/.config/.wrangler/logs/* | head -n 1)" || true; | |