Manual Deployment #12
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Manual Deployment | |
| on: | |
| workflow_dispatch: | |
| inputs: | |
| network_name: | |
| description: "Network to deploy (e.g., devnet-cobblet, testnet)" | |
| required: true | |
| type: string | |
| deploy_tag: | |
| description: "Ansible tag to run (e.g., full_deploy, platform_update)" | |
| required: true | |
| type: string | |
| jobs: | |
| deploy: | |
| name: Deploy Dash Network | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Fail if unauthorized user | |
| if: ${{ github.actor != 'vivekgsharma' && github.actor != 'ktechmidas' }} | |
| run: | | |
| echo "Unauthorized user: ${{ github.actor }}" | |
| exit 1 | |
| - name: Checkout dash-network-deploy | |
| uses: actions/checkout@v4 | |
| # Setup SSH key to pull private dash-network-configs repo | |
| - name: Set up GitHub SSH Key | |
| run: | | |
| mkdir -p ~/.ssh | |
| echo "${{ secrets.EVO_APP_DEPLOY_KEY }}" > ~/.ssh/id_ed25519 | |
| chmod 600 ~/.ssh/id_ed25519 | |
| ssh-keyscan github.com >> ~/.ssh/known_hosts | |
| # Setup SSH key to connect to deployment servers | |
| - name: Set up Server SSH Key | |
| run: | | |
| echo "${{ secrets.DEPLOY_SERVER_KEY }}" > ~/.ssh/id_rsa_server | |
| chmod 600 ~/.ssh/id_rsa_server | |
| # Clone network configs | |
| - name: Clone dash-network-configs | |
| run: | | |
| rm -rf networks | |
| git clone [email protected]:dashpay/dash-network-configs.git networks | |
| # Create root .env file | |
| - name: Create root .env file | |
| run: | | |
| cat > .env << EOL | |
| NETWORK=${{ github.event.inputs.network_name }} | |
| COMPOSE_PROJECT_NAME=${{ github.event.inputs.network_name }} | |
| PRESET=${{ github.event.inputs.network_name }} | |
| NODE_ENV=development | |
| NETWORK_PATH=networks/${{ github.event.inputs.network_name }}.yml | |
| PRESETS_PATH=configs/presets | |
| COMPOSE_FILE=docker-compose.yml | |
| DRIVE_BRANCH=master | |
| DAPI_BRANCH=master | |
| DASHMATE_BRANCH=master | |
| EOL | |
| # Create networks/.env file | |
| - name: Create networks .env file | |
| run: | | |
| cat > networks/.env << EOL | |
| TERRAFORM_S3_BUCKET="dash-networks-deploy-state" | |
| TERRAFORM_S3_KEY="terraform/state" | |
| TERRAFORM_DYNAMODB_TABLE="dash-networks-deploy-terraform-lock" | |
| # AWS Region for both Terraform and Ansible | |
| AWS_REGION="us-west-2" | |
| EOL | |
| # Install Python and Ansible | |
| - name: Install dependencies | |
| run: | | |
| sudo apt-get update | |
| sudo apt-get install -y python3-pip python3-netaddr sshpass | |
| pip3 install ansible==7.7.0 | |
| # Install Ansible roles | |
| - name: Install Ansible roles | |
| run: | | |
| ansible-galaxy install -r ansible/requirements.yml | |
| # Configure SSH for Ansible | |
| - name: Configure SSH | |
| run: | | |
| mkdir -p ~/.ssh | |
| echo "Host *" > ~/.ssh/config | |
| echo " StrictHostKeyChecking no" >> ~/.ssh/config | |
| echo " UserKnownHostsFile=/dev/null" >> ~/.ssh/config | |
| chmod 600 ~/.ssh/config | |
| # Run deploy script exactly like on server | |
| - name: Run Deploy Script | |
| env: | |
| ANSIBLE_HOST_KEY_CHECKING: "False" | |
| ANSIBLE_DEPRECATION_WARNINGS: "False" | |
| ANSIBLE_PYTHON_INTERPRETER: /usr/bin/python3 | |
| run: | | |
| chmod +x ./bin/deploy | |
| ./bin/deploy -p ${{ github.event.inputs.network_name }} --tags=${{ github.event.inputs.deploy_tag }} |