-
Notifications
You must be signed in to change notification settings - Fork 39
120 lines (107 loc) · 4.51 KB
/
backend.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
name: 'Backend Production Deployment'
on:
workflow_dispatch:
push:
branches:
- main
- andrew_testing
paths:
- '.github/workflows/backend.yml'
- 'packages/validations/**'
- 'packages/shared-types/**'
- 'server/**'
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
jobs:
deploy:
name: Deploy to Cloudflare Workers
runs-on: ubuntu-latest
timeout-minutes: 10
steps:
- name: Checkout code
uses: actions/checkout@v3
with:
fetch-depth: 1
- name: Setup JS Runtime environment
uses: ./.github/actions/setup-js-runtime
- name: Generate wrangler.toml
uses: ./.github/actions/setup-wrangler-toml
with:
environment: production
APP_URL: ${{ secrets.VITE_PUBLIC_APP_URL }}
AWS_SIGN_ALGORITHM: ${{ secrets.AWS_SIGN_ALGORITHM }}
BUCKET_ENDPOINT: ${{ secrets.BUCKET_ENDPOINT }}
BUCKET_NAME: ${{ secrets.BUCKET_NAME }}
BUCKET_REGION: ${{ secrets.BUCKET_REGION }}
BUCKET_SERVICE: ${{ secrets.BUCKET_SERVICE }}
BUCKET_SESSION_TOKEN: ${{ secrets.BUCKET_SESSION_TOKEN }}
CLOUDFLARE_ACCOUNT_ID: ${{ secrets.CLOUDFLARE_ACCOUNT_ID }}
DB_ID: ${{ secrets.PRODUCTION_DB_ID }}
GOOGLE_CLIENT_ID: ${{ secrets.GOOGLE_CLIENT_ID }}
STMP_EMAIL: ${{ secrets.STMP_EMAIL }}
VECTOR_INDEX_NAME: ${{ secrets.VECTOR_INDEX }}
- name: Migrate database
uses: cloudflare/[email protected]
with:
wranglerVersion: '3.75.0'
apiToken: ${{ secrets.CLOUDFLARE_API_TOKEN }}
accountId: ${{ secrets.CLOUDFLARE_ACCOUNT_ID}}
workingDirectory: server
preCommands: |
echo '---Clear previous wrangler logs---'
rm /home/runner/.config/.wrangler/logs/* || true
command: d1 migrations apply production --remote --env production
packageManager: yarn
env:
NO_D1_WARNING: true
CI: true
WRANGLER_LOG: debug
WRANGLER_LOG_SANITIZE: false
- name: Print wrangler extra logs on failure
if: failure()
run: |
cat "$(ls -t /home/runner/.config/.wrangler/logs/* | head -n 1)" || true;
- name: Deploy
uses: cloudflare/[email protected]
with:
wranglerVersion: '3.75.0'
apiToken: ${{ secrets.CLOUDFLARE_API_TOKEN }}
accountId: ${{ secrets.CLOUDFLARE_ACCOUNT_ID}}
workingDirectory: server
# INFO: We need to upload secret manually because the default secrets input of this action `cloudflare/[email protected]` use the `wrangler secret put` command to upload secrets but this command will do not work non-interactive context.
preCommands: >
echo '---Clear previous wrangler logs file---' &&
rm /home/runner/.config/.wrangler/logs/* || true &&
echo '---Generate and upload secrets---' &&
echo '>> Generate secrets file' &&
echo '{}' | jq '
.WORKERS_AI_API_KEY="${{ secrets.WORKERS_AI_API_KEY }}" |
.VECTORIZE_API_KEY="${{ secrets.VECTORIZE_API_KEY }}" |
.BUCKET_ACCESS_KEY_ID="${{ secrets.BUCKET_ACCESS_KEY_ID }}" |
.GOOGLE_CLIENT_SECRET="${{ secrets.GOOGLE_CLIENT_SECRET }}" |
.JWT_SECRET="${{ secrets.JWT_SECRET }}" |
.MAPBOX_ACCESS_TOKEN="${{ secrets.MAPBOX_ACCESS_TOKEN }}" |
.OPENAI_API_KEY="${{ secrets.OPENAI_API_KEY }}" |
.OPENWEATHER_KEY="${{ secrets.OPENWEATHER_KEY }}" |
.SEND_GRID_API_KEY="${{ secrets.SEND_GRID_API_KEY }}" |
.STMP_PASSWORD="${{ secrets.STMP_PASSWORD }}" |
.VECTORIZE_API_KEY="${{ secrets.VECTORIZE_API_KEY }}" |
.X_AMZ_SECURITY_TOKEN="${{ secrets.X_AMZ_SECURITY_TOKEN }}" |
.JWT_VERIFICATION_KEY="${{ secrets.JWT_SECRET }}"
' > secrets.json &&
echo '<< Secrets file generated' &&
echo '>> Upload secrets' &&
yarn wrangler secret bulk --env production secrets.json &&
echo '<< Secrets uploaded'
command: deploy src/index.ts --env production
packageManager: yarn
env:
CI: true
NO_D1_WARNING: true
WRANGLER_LOG: debug
WRANGLER_LOG_SANITIZE: false
- name: Print wrangler extra logs on failure
if: failure()
run: |
cat "$(ls -t /home/runner/.config/.wrangler/logs/* | head -n 1)" || true;