Change action

rumblefishdev · Dec 19, 2023 · 26af6f1 · 26af6f1
1 parent 7f8fff1
commit 26af6f1
Show file tree

Hide file tree

Showing 6 changed files with 87 additions and 82 deletions.
diff --git a/.github/workflows/deploy-prod.yml b/.github/workflows/deploy-prod.yml
@@ -1,9 +1,10 @@
 name: 'Deploy to prod'
 
 on:
-  release:
-    types:
-      - created
+  push:
+#  release:
+#    types:
+#      - created
 
 env:
   NODE_VERSION: 18.16.0
@@ -15,12 +16,12 @@ jobs:
     runs-on: ubuntu-20.04
     timeout-minutes: 15
     env:
-      BUCKET_NAME: www.rumblefish.dev.evmdebugger
+      BUCKET_NAME: www.rumblefish.dev.evm-debugger
       PREFIX: evm-debugger
 
-    if: |
-      startsWith(github.ref, 'refs/tags/@evm-debuger/frontend') &&
-      !contains(github.ref, '-alpha.')
+#    if: |
+#      startsWith(github.ref, 'refs/tags/@evm-debuger/frontend') &&
+#      !contains(github.ref, '-alpha.')
 
     permissions:
       id-token: write
@@ -54,64 +55,69 @@ jobs:
           npm run analyzer:build
           npm run frontend:build:prod
 
-      - name: Configure AWS Credentials
-        uses: aws-actions/configure-aws-credentials@v2
-        with:
-          role-to-assume: arn:aws:iam::045028348791:role/www.rumblefish.dev.evmdebugger-github-workflow
-          aws-region: us-east-1
-          role-session-name: ${{ github.event.repository.name }}-${{ github.job }}
-
       - name: 'Deploy'
         run: |
           aws s3 sync packages/frontend/build s3://${BUCKET_NAME}/${PREFIX} --delete --exact-timestamps
-          aws cloudfront create-invalidation --distribution-id ${DISTRIBUTION_ID} --paths "/${PREFIX}/*"
-        env:
-          DISTRIBUTION_ID: E3IK5XITYN78AJ
-
-  transaction_trace_deploy_prod:
-    runs-on: ubuntu-20.04
-
-    if: |
-      startsWith(github.ref, 'refs/tags/@evm-debuger/transaction-trace') &&
-      !contains(github.ref, '-alpha.')
-
-    permissions:
-      id-token: write
-      contents: read
-    steps:
-      - name: 'Checkout'
-        uses: actions/[email protected]
-
-      - uses: actions/setup-node@master
-        with:
-          node-version: ${{ env.NODE_VERSION }}
 
-      - name: 'Cache NPM dependencies'
-        uses: pat-s/[email protected]
-        with:
-          path: |
-            **/node_modules
-          key: ${{ runner.OS }}-npm-cache-${{ hashFiles('packages/*/package-lock.json') }}
-          restore-keys: |
-            ${{ runner.OS }}-npm-cache-
-
-      - name: Install dependencies
+      - name: Assume role on main AWS account
         run: |
-          npm i
-          npm install jq.node -g
-          lerna bootstrap
+          role_name=$(aws cloudformation describe-stacks --stack-name evm-transaction-trace-prod | jq -r '.Stacks[0].Parameters | map(select(.ParameterKey == "CloudfrontInvalidationRoleArn"))[0].ParameterValue')
+          output=$(aws sts assume-role --role-arn "$role_name" --role-session-name github-stage-frontend-Session)
 
-      - name: Build
-        run: |
-          npm run types:build
-      - name: Configure AWS Credentials
-        uses: aws-actions/configure-aws-credentials@v2
-        with:
-          role-to-assume: arn:aws:iam::045028348791:role/evm-debugger-github-workflow-prod
-          aws-region: us-east-1
-          role-session-name: ${{ github.event.repository.name }}-${{ github.job }}
+          echo "AWS_ACCESS_KEY_ID=$(echo $output | jq -r '.Credentials.AccessKeyId')" >> $GITHUB_ENV
+          echo "AWS_SECRET_ACCESS_KEY=$(echo $output | jq -r '.Credentials.SecretAccessKey')" >> $GITHUB_ENV
+          echo "AWS_SESSION_TOKEN=$(echo $output | jq -r '.Credentials.SessionToken')" >> $GITHUB_ENV
 
-      - name: Deploy stack
-        working-directory: ./packages/infra
+      - name: Invalidate CloudFront
         run: |
-          make prod-deploy
+          aws cloudfront create-invalidation --distribution-id ${DISTRIBUTION_ID} --paths "/${PREFIX}/*"
+        env:
+          DISTRIBUTION_ID: E1TRXMZGQSBIBH
+
+#  transaction_trace_deploy_prod:
+#    runs-on: ubuntu-20.04
+#
+#    if: |
+#      startsWith(github.ref, 'refs/tags/@evm-debuger/transaction-trace') &&
+#      !contains(github.ref, '-alpha.')
+#
+#    permissions:
+#      id-token: write
+#      contents: read
+#    steps:
+#      - name: 'Checkout'
+#        uses: actions/[email protected]
+#
+#      - uses: actions/setup-node@master
+#        with:
+#          node-version: ${{ env.NODE_VERSION }}
+#
+#      - name: 'Cache NPM dependencies'
+#        uses: pat-s/[email protected]
+#        with:
+#          path: |
+#            **/node_modules
+#          key: ${{ runner.OS }}-npm-cache-${{ hashFiles('packages/*/package-lock.json') }}
+#          restore-keys: |
+#            ${{ runner.OS }}-npm-cache-
+#
+#      - name: Install dependencies
+#        run: |
+#          npm i
+#          npm install jq.node -g
+#          lerna bootstrap
+#
+#      - name: Build
+#        run: |
+#          npm run types:build
+#      - name: Configure AWS Credentials
+#        uses: aws-actions/configure-aws-credentials@v2
+#        with:
+#          role-to-assume: arn:aws:iam::428196107266:role/evm-debugger-transaction-trace-deploy-prod
+#          aws-region: us-east-1
+#          role-session-name: ${{ github.event.repository.name }}-${{ github.job }}
+#
+#      - name: Deploy stack
+#        working-directory: ./packages/infra
+#        run: |
+#          make prod-deploy
diff --git a/.github/workflows/deploy-stage.yml b/.github/workflows/deploy-stage.yml
@@ -64,8 +64,6 @@ jobs:
       - name: 'Deploy'
         run: |
           aws s3 sync packages/frontend/build s3://${BUCKET_NAME}/${PREFIX} --delete --exact-timestamps
-        env:
-          DISTRIBUTION_ID: E1TRXMZGQSBIBH
 
       - name: Assume role on main AWS account
         run: |

diff --git a/packages/frontend/src/pages/StartingScreen/DebuggerFormSection/DebuggerFormSection.tsx b/packages/frontend/src/pages/StartingScreen/DebuggerFormSection/DebuggerFormSection.tsx
@@ -48,7 +48,7 @@ export const DebuggerFormSection = React.forwardRef(function Ref({ ...props }: S
           <StyledTextSpace>
             <StyledHeading>
               Debugging EVM <br />
-              smart contracts made easy!
+              smart contracts made easy from new AWS prod account!
             </StyledHeading>
             <StyledDescription>
               <span>EVM Debugger</span> is a unique, free tool for EVM & Defi developers. It enables really easy and user-friendly analysis

diff --git a/packages/infra/ci-roles.yml b/packages/infra/ci-roles.yml
@@ -49,10 +49,10 @@ Resources:
                   - cloudformation:DescribeStacks
                 Resource:
                   - !Sub arn:aws:cloudformation:${AWS::Region}:${AWS::AccountId}:stack/evm-transaction-trace-stage/*
-              - Effect: Allow
-                Action:
-                  - sts:AssumeRole
-                Resource: !Ref CloudfrontInvalidationRoleArn
+#              - Effect: Allow
+#                Action:
+#                  - sts:AssumeRole
+#                Resource: !Ref CloudfrontInvalidationRoleArn
 
   CITranasctionTraceDeployRole:
     Type: AWS::IAM::Role

diff --git a/packages/infra/template-config.prod.json b/packages/infra/template-config.prod.json
@@ -14,6 +14,7 @@
     "AlchemyKey": "Hqhq4Kmez9e1D8TqzQJUXgHf-BT_doUO",
     "SentryDsn": "https://7cdf7302bff6da74fda9c81b1d73835b@o4505804639895552.ingest.sentry.io/4505804718538752",
     "FrontendExternalCloudFrontOriginAccessIdentity": "E3RYCXCTS68PZZ",
-    "FrontendBucketName": "www.rumblefish.dev.evm-debugger"
+    "FrontendBucketName": "www.rumblefish.dev.evm-debugger",
+    "CloudfrontInvalidationRoleArn": "arn:aws:iam::045028348791:role/rumblefish-website-prod-C-EvmDebuggerCrossAccountRo-jDA6muMPN1qL"
   }
 }
diff --git a/packages/infra/template.yml b/packages/infra/template.yml
@@ -30,8 +30,8 @@ Parameters:
     Type: String
   FrontendDomainName:
     Type: String
-#  CloudfrontInvalidationRoleArn:
-#    Type: String
+  CloudfrontInvalidationRoleArn:
+    Type: String
 
 Resources:
   TraceBucket:
@@ -68,15 +68,15 @@ Resources:
         ApiGatewayAllowOrigin: !Ref ApiGatewayAllowOrigin
         AlchemyKey: !Ref AlchemyKey
         SentryDsn: !Ref SentryDsn
-#
-#  CIRoles:
-#    Type: AWS::Serverless::Application
-#    Properties:
-#      Location: ./ci-roles.yml
-#      Parameters:
-#        RepositoryName: !Ref RepositoryName
-#        Environment: !Ref Environment
-#        StackArtifactsBucketName: !Ref StackArtifactsBucketName
-#        FrontendBucketName: !Ref FrontendBucketName
-#        GhOIDCProviderArn: !Ref GhOIDCProviderArn
-#        CloudfrontInvalidationRoleArn: !Ref CloudfrontInvalidationRoleArn
+
+  CIRoles:
+    Type: AWS::Serverless::Application
+    Properties:
+      Location: ./ci-roles.yml
+      Parameters:
+        RepositoryName: !Ref RepositoryName
+        Environment: !Ref Environment
+        StackArtifactsBucketName: !Ref StackArtifactsBucketName
+        FrontendBucketName: !Ref FrontendBucketName
+        GhOIDCProviderArn: !Ref GhOIDCProviderArn
+        CloudfrontInvalidationRoleArn: !Ref CloudfrontInvalidationRoleArn