-
Notifications
You must be signed in to change notification settings - Fork 4
128 lines (120 loc) · 5.66 KB
/
main.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
name: Works on NineChronicles.IAP
on:
push:
branches:
- development
- internal
- release/*
- main
pull_request:
branches:
- development
- release/*
- main
jobs:
test:
uses: ./.github/workflows/test.yml
with:
environment: ${{ github.ref == 'refs/heads/main' && 'mainnet' || ((github.ref == 'refs/heads/internal' || startsWith(github.ref, 'refs/heads/release')) && 'internal' || 'development') }}
secrets:
APPLE_CREDENTIAL: ${{ secrets.APPLE_CREDENTIAL }}
APPLE_KEY_ID: ${{ secrets.APPLE_KEY_ID }}
APPLE_ISSUER_ID: ${{ secrets.APPLE_ISSUER_ID }}
GOOGLE_CREDENTIAL: ${{ secrets.GOOGLE_CREDENTIAL }}
SEASON_PASS_JWT_SECRET: ${{ secrets.SEASON_PASS_JWT_SECRET }}
HEADLESS_GQL_JWT_SECRET: ${{ secrets.HEADLESS_GQL_JWT_SECRET }}
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
build_frontend:
uses: ./.github/workflows/build_frontend.yml
with:
environment: ${{ github.ref == 'refs/heads/main' && 'mainnet' || ((github.ref == 'refs/heads/internal' || startsWith(github.ref, 'refs/heads/release')) && 'internal' || 'development') }}
secrets:
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
synth:
uses: ./.github/workflows/synth.yml
with:
environment: ${{ github.ref == 'refs/heads/main' && 'mainnet' || ((github.ref == 'refs/heads/internal' || startsWith(github.ref, 'refs/heads/release')) && 'internal' || 'development') }}
secrets:
ACCOUNT_ID: ${{ secrets.ACCOUNT_ID }}
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
KMS_KEY_ID: ${{ secrets.KMS_KEY_ID }}
GOOGLE_CREDENTIAL: ${{ secrets.GOOGLE_CREDENTIAL }}
APPLE_CREDENTIAL: ${{ secrets.APPLE_CREDENTIAL }}
APPLE_KEY_ID: ${{ secrets.APPLE_KEY_ID }}
APPLE_ISSUER_ID: ${{ secrets.APPLE_ISSUER_ID }}
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
IAP_GARAGE_WEBHOOK_URL: ${{ secrets.IAP_GARAGE_WEBHOOK_URL }}
IAP_ALERT_WEBHOOK_URL: ${{ secrets.IAP_ALERT_WEBHOOK_URL }}
GOLDEN_DUST_REQUEST_SHEET_ID: ${{ secrets.GOLDEN_DUST_REQUEST_SHEET_ID }}
GOLDEN_DUST_WORK_SHEET_ID: ${{ secrets.GOLDEN_DUST_WORK_SHEET_ID }}
SEASON_PASS_JWT_SECRET: ${{ secrets.SEASON_PASS_JWT_SECRET }}
VOUCHER_URL: ${{ secrets.VOUCHER_URL }}
VOUCHER_JWT_SECRET: ${{ secrets.VOUCHER_JWT_SECRET }}
BRIDGE_DATA: ${{ secrets.BRIDGE_DATA }}
REFUND_SHEET_ID : ${{ secrets.REFUND_SHEET_ID }}
HEADLESS_GQL_JWT_SECRET: ${{ secrets.HEADLESS_GQL_JWT_SECRET }}
deploy_without_approval:
# This is for internal deployment
if: ${{ github.ref == 'refs/heads/internal' || startsWith(github.ref, 'refs/heads/release') }}
needs: [ "test", "build_frontend", "synth" ]
uses: ./.github/workflows/deploy.yml
with:
environment: ${{ (github.ref == 'refs/heads/internal' || startsWith(github.ref, 'refs/heads/release')) && 'internal' || 'development' }}
secrets:
ACCOUNT_ID: ${{ secrets.ACCOUNT_ID }}
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
KMS_KEY_ID: ${{ secrets.KMS_KEY_ID }}
GOOGLE_CREDENTIAL: ${{ secrets.GOOGLE_CREDENTIAL }}
APPLE_CREDENTIAL: ${{ secrets.APPLE_CREDENTIAL }}
APPLE_KEY_ID: ${{ secrets.APPLE_KEY_ID }}
APPLE_ISSUER_ID: ${{ secrets.APPLE_ISSUER_ID }}
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
IAP_GARAGE_WEBHOOK_URL: ${{ secrets.IAP_GARAGE_WEBHOOK_URL }}
IAP_ALERT_WEBHOOK_URL: ${{ secrets.IAP_ALERT_WEBHOOK_URL }}
GOLDEN_DUST_REQUEST_SHEET_ID: ${{ secrets.GOLDEN_DUST_REQUEST_SHEET_ID }}
GOLDEN_DUST_WORK_SHEET_ID: ${{ secrets.GOLDEN_DUST_WORK_SHEET_ID }}
SEASON_PASS_JWT_SECRET: ${{ secrets.SEASON_PASS_JWT_SECRET }}
VOUCHER_URL: ${{ secrets.VOUCHER_URL }}
VOUCHER_JWT_SECRET: ${{ secrets.VOUCHER_JWT_SECRET }}
BRIDGE_DATA: ${{ secrets.BRIDGE_DATA }}
REFUND_SHEET_ID : ${{ secrets.REFUND_SHEET_ID }}
HEADLESS_GQL_JWT_SECRET: ${{ secrets.HEADLESS_GQL_JWT_SECRET }}
approval:
runs-on: ubuntu-latest
if: ${{ github.ref == 'refs/heads/main' }}
needs: [ "test", "build_frontend", "synth" ]
environment: approval
steps:
- uses: actions/checkout@v3
- name: Echo
run: |
echo "Manual Approval"
deploy_with_approval:
# This is for mainnet deployment. It needs user approval
if: ${{ github.ref == 'refs/heads/main' }}
needs: approval
uses: ./.github/workflows/deploy.yml
with:
environment: mainnet
secrets:
ACCOUNT_ID: ${{ secrets.ACCOUNT_ID }}
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
KMS_KEY_ID: ${{ secrets.KMS_KEY_ID }}
GOOGLE_CREDENTIAL: ${{ secrets.GOOGLE_CREDENTIAL }}
APPLE_CREDENTIAL: ${{ secrets.APPLE_CREDENTIAL }}
APPLE_KEY_ID: ${{ secrets.APPLE_KEY_ID }}
APPLE_ISSUER_ID: ${{ secrets.APPLE_ISSUER_ID }}
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
IAP_GARAGE_WEBHOOK_URL: ${{ secrets.IAP_GARAGE_WEBHOOK_URL }}
IAP_ALERT_WEBHOOK_URL: ${{ secrets.IAP_ALERT_WEBHOOK_URL }}
GOLDEN_DUST_REQUEST_SHEET_ID: ${{ secrets.GOLDEN_DUST_REQUEST_SHEET_ID }}
GOLDEN_DUST_WORK_SHEET_ID: ${{ secrets.GOLDEN_DUST_WORK_SHEET_ID }}
SEASON_PASS_JWT_SECRET: ${{ secrets.SEASON_PASS_JWT_SECRET }}
VOUCHER_URL: ${{ secrets.VOUCHER_URL }}
VOUCHER_JWT_SECRET: ${{ secrets.VOUCHER_JWT_SECRET }}
BRIDGE_DATA: ${{ secrets.BRIDGE_DATA }}
REFUND_SHEET_ID : ${{ secrets.REFUND_SHEET_ID }}
HEADLESS_GQL_JWT_SECRET: ${{ secrets.HEADLESS_GQL_JWT_SECRET }}