Skip to content

exporting environment variables 🍞 #308

exporting environment variables 🍞

exporting environment variables 🍞 #308

# This is used to deploy the frontend at metagame.wtf and test.metagame.wtf
# Eventually we will switch the associated backend deployments over to Google Cloud
# as well, at which time we can just use the single gcp_deploy.yaml file
# for both PR deployments AND our stage/prod environments
name: Update Frontend Deployment on Cloud Run
on:
workflow_dispatch:
inputs:
cache_key:
description: Optional cache key component to force invalidation of the build cache.
required: false
default: ""
push:
branches:
- develop
- master
env:
PROJECT_ID: metagame-thegame
REGISTRY_REGION: us-east4
REGISTRY_REPO: thegame
DEPLOYMENT_DOMAIN: a.run.app
CLOUDRUN_SUFFIX: mjhnbmqqna-uk
DEPLOYMENT_ENV: ${{github.ref_name}}
FRONTEND_SERVICE: frontend-${{github.ref_name}}
FRONTEND_PORT: 3000
FRONTEND_TARGET: production
jobs:
start-deployment:
name: Generate Deployment Start Message
runs-on: ubuntu-latest
outputs:
deployment_id: ${{steps.create-message.outputs.deployment_id}}
steps:
- name: Start Deployment
uses: bobheadxi/deployments@v1
id: create-message
with:
step: start
token: ${{github.token}}
env: ${{env.DEPLOYMENT_ENV}}
desc: "Frontend deployment for #${{github.ref_name}} by ${{github.event.pusher.login}}"
ref: ${{github.head_ref}}
auto_inactive: false
logs: https://github.com/${{github.repository}}/commit/${{github.event.after}}/checks
cancel-previous:
name: Cancel Existing Runs
runs-on: ubuntu-latest
steps:
- name: Cancel Existing Runs
uses: styfle/cancel-workflow-action@0.12.0
with:
access_token: ${{github.token}}
env:
name: Environment Variables
runs-on: ubuntu-latest
needs: [cancel-previous]
outputs:
PROJECT_ID: ${{env.PROJECT_ID}}
REGISTRY_REGION: ${{env.REGISTRY_REGION}}
REGISTRY_REPO: ${{env.REGISTRY_REPO}}
DEPLOYMENT_DOMAIN: ${{env.DEPLOYMENT_DOMAIN}}
CLOUDRUN_SUFFIX: ${{env.CLOUDRUN_SUFFIX}}
FRONTEND_SERVICE: ${{env.FRONTEND_SERVICE}}
FRONTEND_PORT: ${{env.FRONTEND_PORT}}
CLOUDRUN_REGION: ${{env.CLOUDRUN_REGION}}
DOCKER_REGISTRY: ${{env.DOCKER_REGISTRY}}
FRONTEND_URL: ${{env.FRONTEND_URL}}
DOCKER_PATH: ${{env.DOCKER_PATH}}
GRAPHQL_URL: ${{env.GRAPHQL_URL}}
FRONTEND_TAG: ${{env.FRONTEND_TAG}}
APP_ENV: ${{env.APP_ENV}}
GOOGLE_CAL_PROJECT_NUMBER: ${{env.GOOGLE_CAL_PROJECT_NUMBER}}
GOOGLE_CAL_CLIENT_EMAIL: ${{env.GOOGLE_CAL_CLIENT_EMAIL}}
GOOGLE_CAL_CALENDAR_ID: ${{env.GOOGLE_CAL_CALENDAR_ID}}
HASURA_HOST: ${{env.HASURA_HOST}}
HASURA_ADMIN_SECRET: ${{env.HASURA_ADMIN_SECRET}}
steps:
- name: First Interpolation of Variables
id: first
run: |
echo "CLOUDRUN_REGION=${{env.REGISTRY_REGION}}" >> $GITHUB_ENV
echo "DOCKER_REGISTRY=${{env.REGISTRY_REGION}}-docker.pkg.dev" >> $GITHUB_ENV
if [[ ${{github.ref_name}} == 'master' ]]; then
echo "APP_ENV=production" >> $GITHUB_ENV
echo "HASURA_HOST=api.metagame.wtf" >> $GITHUB_ENV
echo "FRONTEND_URL=https://metagame.wtf" >> $GITHUB_ENV
echo "HASURA_ADMIN_SECRET=${{secrets.HASURA_PROD_SECRET}}" >> $GITHUB_ENV
else
echo "APP_ENV=test" >> $GITHUB_ENV
echo "HASURA_HOST=api-staging.metagame.wtf" >> $GITHUB_ENV
echo "FRONTEND_URL=https://test.metagame.wtf" >> $GITHUB_ENV
echo "HASURA_ADMIN_SECRET=${{secrets.HASURA_DEV_SECRET}}" >> $GITHUB_ENV
fi
- name: Those Variables May Now Be Interpolated
id: second
run: |
echo "DOCKER_PATH=\
${{env.DOCKER_REGISTRY}}/${{env.PROJECT_ID}}/${{env.REGISTRY_REPO}}" >> $GITHUB_ENV
echo "GRAPHQL_URL=\
https://${{env.HASURA_HOST}}/v1/graphql" >> $GITHUB_ENV
- name: And That Result Again In Another Step
id: third
run: |
echo "FRONTEND_TAG=\
${{env.DOCKER_PATH}}/frontend:${{github.ref_name}}" >> $GITHUB_ENV
hasura-metadata:
name: Update Hasura Metadata
runs-on: ubuntu-latest
needs: [env]
steps:
- name: Checkout Repository
uses: actions/checkout@v4
- name: Testing ENV
run: echo "Hasura Host = ${{needs.env.outputs.HASURA_HOST}}"
- name: Run `hasura metadata reload`
uses: browniefed/hasura-runner@master
with:
args: metadata reload
env:
HASURA_ENDPOINT: https://${{needs.env.outputs.HASURA_HOST}}
HASURA_ADMIN_SECRET: ${{needs.env.outputs.HASURA_ADMIN_SECRET}}
PATH_TO_HASURA_PROJECT_ROOT: ./hasura
build-frontend:
name: Build Frontend Container Image
runs-on: ubuntu-latest
needs: [env, hasura-metadata]
steps:
- name: Set Up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: "Login to Registry: ${{needs.env.outputs.DOCKER_REGISTRY}}"
uses: docker/login-action@v3
with:
registry: ${{needs.env.outputs.DOCKER_REGISTRY}}
username: _json_key
password: ${{secrets.GCP_SA_KEY}}
- name: "Build & Push Container Image: ${{needs.env.outputs.FRONTEND_TAG}}"
uses: docker/build-push-action@v5
with:
file: docker/frontend/Dockerfile
tags: ${{needs.env.outputs.FRONTEND_TAG}}
build-args: |
TARGET=${{env.FRONTEND_TARGET}}
APP_ENV=${{env.APP_ENV}}
GRAPHQL_URL=${{needs.env.outputs.GRAPHQL_URL}}
FRONTEND_URL=${{needs.env.outputs.FRONTEND_URL}}
YOUTUBE_API_KEY=${{secrets.YOUTUBE_API_KEY}}
IMGIX_TOKEN=${{secrets.IMGIX_TOKEN}}
HONEYBADGER_API_KEY=${{secrets.HONEYBADGER_API_KEY}}
GOOGLE_ANALYTICS_ID=${{secrets.GOOGLE_ANALYTICS_ID}}
USERBACK_TOKEN=${{secrets.USERBACK_TOKEN}}
WEB3_STORAGE_TOKEN=${{secrets.WEB3_STORAGE_TOKEN}}
OPENSEA_API_KEY=${{secrets.OPENSEA_API_KEY}}
GCAL_PRIVATE_KEY=${{secrets.GCAL_PRIVATE_KEY}}
GCAL_CLIENT_EMAIL=${{secrets.GCAL_CLIENT_EMAIL}}
GCAL_PROJECT_NUMBER=${{secrets.GCAL_PROJECT_NUMBER}}
GCAL_CALENDAR_ID=${{secrets.GCAL_CALENDAR_ID}}
WEB3_STORAGE_DID=${{secrets.WEB3_STORAGE_DID}}
WEB3_STORAGE_PROOF=${{secrets.WEB3_STORAGE_PROOF}}
WEB3_STORAGE_KEY=${{secrets.WEB3_STORAGE_KEY}}
ALCHEMY_MAINNET=${{secrets.ALCHEMY_MAINNET}}
ALCHEMY_OPTIMISM=${{secrets.ALCHEMY_OPTIMISM}}
ALCHEMY_POLYGON=${{secrets.ALCHEMY_POLYGON}}
ALCHEMY_API_KEY=${{secrets.ALCHEMY_API_KEY}}
WALLET_CONNECT_V2_KEY=${{secrets.WALLET_CONNECT_V2_KEY}}
push: true
deploy-frontend:
name: Deploy Frontend
runs-on: ubuntu-latest
needs: [env, build-frontend]
steps:
- name: Set Up gcloud CLI
uses: google-github-actions/setup-gcloud@v0.6.0
with:
project_id: ${{needs.env.outputs.PROJECT_ID}}
service_account_key: ${{secrets.GCP_SA_KEY}}
export_default_credentials: true
- name: "Deploy Container Image: ${{needs.env.outputs.FRONTEND_SERVICE}}"
run: |
gcloud -q run deploy ${{needs.env.outputs.FRONTEND_SERVICE}} \
--image ${{needs.env.outputs.FRONTEND_TAG}} \
--region ${{needs.env.outputs.CLOUDRUN_REGION}} \
--port ${{needs.env.outputs.FRONTEND_PORT}} \
--cpu 1 \
--memory 1Gi \
--ingress all \
--min-instances 1 \
--allow-unauthenticated \
--set-env-vars GCAL_PRIVATE_KEY="${{secrets.GCAL_PRIVATE_KEY}}" \
--set-env-vars GCAL_PROJECT_NUMBER="${{secrets.GCAL_PROJECT_NUMBER}}" \
--set-env-vars GCAL_CLIENT_EMAIL="${{secrets.GCAL_CLIENT_EMAIL}}" \
--set-env-vars OPENSEA_API_KEY="${{secrets.OPENSEA_API_KEY}}" \
--set-env-vars NEXT_PUBLIC_GCAL_CALENDAR_ID="${{secrets.GCAL_CALENDAR_ID}}" \
--set-env-vars NEXT_PUBLIC_GOOGLE_ANALYTICS_ID="${{secrets.GOOGLE_ANALYTICS_ID}}" \
--set-env-vars NEXT_PUBLIC_YOUTUBE_API_KEY="${{secrets.YOUTUBE_API_KEY}}" \
--set-env-vars NEXT_PUBLIC_WEB3_STORAGE_DID="${{secrets.WEB3_STORAGE_DID}}" \
--set-env-vars NEXT_PUBLIC_WEB3_STORAGE_PROOF="${{secrets.WEB3_STORAGE_PROOF}}" \
--set-env-vars NEXT_PUBLIC_WEB3_STORAGE_KEY="${{secrets.WEB3_STORAGE_KEY}}" \
--set-env-vars NEXT_PUBLIC_ALCHEMY_MAINNET="${{secrets.ALCHEMY_MAINNET}}" \
--set-env-vars NEXT_PUBLIC_ALCHEMY_OPTIMISM="${{secrets.ALCHEMY_OPTIMISM}}" \
--set-env-vars NEXT_PUBLIC_ALCHEMY_POLYGON="${{secrets.ALCHEMY_POLYGON}}" \
--set-env-vars NEXT_PUBLIC_ALCHEMY_API_KEY="${{secrets.ALCHEMY_API_KEY}}" \
--set-env-vars NEXT_PUBLIC_WALLETCONNECT_PROJECT_ID="${{secrets.WALLET_CONNECT_V2_KEY}}" \
finish-deployment:
name: Finish Deployment
runs-on: ubuntu-latest
needs: [env, start-deployment, deploy-frontend]
if: always()
env:
result: ${{needs.deploy-frontend.result}}
steps:
- name: Finish Deployment
uses: bobheadxi/deployments@v1
with:
step: finish
token: ${{github.token}}
env: ${{env.DEPLOYMENT_ENV}}
env_url: ${{needs.env.outputs.FRONTEND_URL}}
status: ${{env.result == 'skipped' && 'cancelled' || env.result}}
deployment_id: ${{needs.start-deployment.outputs.deployment_id}}