Deploy to Mainnet #10
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| name: Deploy to Mainnet | |
| on: | |
| workflow_dispatch: | |
| inputs: | |
| force: | |
| description: Set to 'true' to skip checking if deployed image is already on Testnet | |
| required: false | |
| type: boolean | |
| default: false | |
| # there might be only one deployment to the Mainnet at a time | |
| concurrency: | |
| group: ${{ github.workflow }} | |
| cancel-in-progress: false | |
| jobs: | |
| check-vars-and-secrets: | |
| name: Check vars and secrets | |
| uses: ./.github/workflows/_check-vars-and-secrets.yml | |
| secrets: inherit | |
| check-if-image-deployed-to-testnet: | |
| needs: [check-vars-and-secrets] | |
| runs-on: ubuntu-20.04 | |
| steps: | |
| - name: Checkout aleph-node sources | |
| uses: actions/checkout@v4 | |
| - name: Get Testnet node commit SHA | |
| id: get-testnet-node-commit-sha | |
| uses: Cardinal-Cryptography/github-actions/get-node-system-version@v4 | |
| with: | |
| env: testnet | |
| - name: Call action get-ref-properties | |
| id: get-ref-properties | |
| # yamllint disable-line rule:line-length | |
| uses: Cardinal-Cryptography/github-actions/get-ref-properties@v5 | |
| - name: Compare Testnet node SHA version with currently deployed SHA | |
| if: inputs.force != true | |
| shell: bash | |
| run: | | |
| testnet_sha='${{ steps.get-testnet-node-commit-sha.outputs.sha }}' | |
| current_sha='${{ steps.get-ref-properties.outputs.sha }}' | |
| if [[ "${testnet_sha}" != "${current_sha}" ]]; then | |
| echo "Error: Testnet RPC system.version sha ${testnet_sha} is different from the" | |
| echo "node you're trying to deploy: ${current_sha}. If you know what you're doing" | |
| echo "and you want to deploy ${current_sha} to Mainnet, re-run this workflow with force" | |
| exit 1 | |
| fi | |
| deploy-to-mainnet: | |
| needs: [check-if-image-deployed-to-testnet] | |
| name: Deploy new aleph-node image to Mainnet EKS | |
| uses: ./.github/workflows/_update-node-image-infra.yml | |
| with: | |
| env: mainnet | |
| secrets: inherit | |
| push-dockerhub-image-mainnet: | |
| needs: [deploy-to-mainnet] | |
| runs-on: ubuntu-20.04 | |
| steps: | |
| - name: Checkout aleph-node sources | |
| uses: actions/checkout@v4 | |
| - name: Get docker image names | |
| id: get-docker-image-names | |
| uses: ./.github/actions/get-docker-image-names | |
| with: | |
| ecr-repo: ${{ vars.ECR_ALEPH_NODE_REPO }} | |
| dockerhub-repo: ${{ vars.DOCKERHUB_ALEPH_NODE_REPO }} | |
| - name: Build and push Docker Hub image for Mainnet | |
| uses: ./.github/actions/build-and-push-dockerhub-image | |
| with: | |
| source-image: ${{ steps.get-docker-image-names.outputs.ecr-deploy-image }} | |
| target-image: ${{ steps.get-docker-image-names.outputs.dockerhub-mainnet-image }} | |
| additional-image: | |
| ${{ steps.get-docker-image-names.outputs.dockerhub-mainnet-latest-image }} | |
| dockerhub-username: ${{ secrets.DOCKERHUB_USERNAME }} | |
| dockerhub-password: ${{ secrets.DOCKERHUB_PASSWORD }} | |
| slack: | |
| name: Slack notification | |
| runs-on: ubuntu-20.04 | |
| needs: [push-dockerhub-image-mainnet] | |
| if: always() | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| - name: Send Slack message | |
| uses: ./.github/actions/slack-notification | |
| with: | |
| notify-on: "always" | |
| env: | |
| SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK_DEV_ONDUTY }} |