deploy pipeline

2026-01-09 01:17:58 -05:00 · 2025-02-18 14:55:55 -08:00
parent 8ae370005a
commit c976e67672
10 changed files with 352 additions and 0 deletions
--- a/.github/workflows/relayer.yml
+++ b/.github/workflows/relayer.yml
@@ -67,3 +67,73 @@ jobs:

      - name: Run tests with coverage
        run: yarn test:cov
+  push-staging:
+    if: github.ref == 'refs/heads/main'
+    name: Push Image to Staging
+    runs-on: ubuntu-latest
+    permissions: 
+      id-token: write
+      contents: read
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+      - name: Google Auth
+        id: auth
+        uses: 'google-github-actions/auth@v2'
+        with:
+          token_format: 'access_token'
+          workload_identity_provider: '${{ vars.WIF_PROVIDER_ID }}'
+          service_account: '${{ vars.SERVICE_ACCOUNT_EMAIL }}'
+      - name: Docker Auth
+        id: docker-auth
+        uses: 'docker/login-action@v3'
+        with:
+          username: 'oauth2accesstoken'
+          password: '${{ steps.auth.outputs.access_token }}'
+          registry: 'us-central1-docker.pkg.dev'
+      - name: Build, tag and push container
+        id: build-image
+        uses: docker/build-push-action@v5
+        with:
+          context: ./requests
+          file: ./requests/Dockerfile
+          push: true
+          cache-from: type=gha
+          cache-to: type=gha,mode=max
+          tags: |
+            us-central1-docker.pkg.dev/${{ vars.GCP_PROJECT }}/privacy-pools-core/staging/relayer:${{ github.sha }}
+            us-central1-docker.pkg.dev/${{ vars.GCP_PROJECT }}/privacy-pools-core/staging/relayer:latest
+  deploy-staging:
+    if: github.ref == 'refs/heads/main'
+    name: Deploy to Staging 
+    runs-on: ubuntu-latest
+    needs: [push-dw, unit]
+    permissions: 
+      id-token: write
+      contents: read
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+      - name: Set up Helm
+        uses: azure/setup-helm@v4.1.0
+        with:
+          version: v3.16.1
+      - name: Google Auth
+        id: auth
+        uses: 'google-github-actions/auth@v2'
+        with:
+          token_format: 'access_token'
+          workload_identity_provider: '${{ vars.WIF_PROVIDER_ID }}'
+          service_account: '${{ vars.SERVICE_ACCOUNT_EMAIL }}'
+      - name: 'Set up Cloud SDK'
+        uses: 'google-github-actions/setup-gcloud@v2'
+        with:
+          version: '>= 494.0.0'
+      - name: 'Install kubectl'
+        run: 'gcloud components install kubectl'
+      - name: 'Get cluster credentials'
+        run: 'gcloud container clusters get-credentials ${{ vars.CLUSTER_NAME }} --region ${{ vars.REGION }}'
+      - name: 'Deploy'
+        run: 'helm upgrade --install ${{ vars.SERVICE_NAME }}-requests ./chart --set version=${{ github.sha }} --values ./chart/values.requests.yaml'