WIP add upload to storj flow #83
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: deploy preview | |
on: | |
pull_request: | |
types: [opened, reopened, synchronize, closed] | |
env: | |
FLY_API_TOKEN: ${{ secrets.HOT_OR_NOT_OFF_CHAIN_AGENT_FLY_IO_GITHUB_ACTION }} | |
FLY_ORG: gobazzinga-inc-584 | |
jobs: | |
build_check: | |
uses: ./.github/workflows/build-check.yml | |
with: | |
publish-artifact: true | |
preview: | |
needs: build_check | |
runs-on: ubuntu-latest | |
# Only run one deployment at a time per PR. | |
concurrency: | |
group: pr-${{ github.event.number }} | |
# Create a GitHub deployment environment per staging app so it shows up | |
# in the pull request UI. | |
environment: | |
name: pr-${{ github.event.number }} | |
url: ${{ steps.deploy.outputs.url }} | |
steps: | |
- uses: actions/checkout@v3 | |
- name: Download build | |
uses: actions/download-artifact@v4 | |
with: | |
name: build-musl | |
- run: chmod +x target/x86_64-unknown-linux-musl/release/icp-off-chain-agent | |
- name: Deploy | |
id: deploy | |
uses: superfly/fly-pr-review-apps@1.2.1 | |
- uses: superfly/flyctl-actions/setup-flyctl@master | |
- name: Set secret tokens | |
if: ${{ github.event.pull_request.merged == false}} | |
run: | | |
APP_NAME="pr-${{github.event.number}}-yral-dapp-off-chain-agent" | |
flyctl secrets set "CF_R2_ACCESS_KEY_TEMP=$CF_R2_ACCESS_KEY_TEMP" --app "$APP_NAME" --stage | |
flyctl secrets set "CF_R2_SECRET_ACCESS_KEY_TEMP=$CF_R2_SECRET_ACCESS_KEY_TEMP" --app "$APP_NAME" --stage | |
flyctl secrets set "CF_WORKER_ACCESS_OFF_CHAIN_AGENT_KEY=$CF_WORKER_ACCESS_OFF_CHAIN_AGENT_KEY" --app "$APP_NAME" --stage | |
flyctl secrets set "RECLAIM_CANISTER_PEM=$RECLAIM_CANISTER_PEM" --app "$APP_NAME" --stage | |
flyctl secrets set "GOOGLE_SA_KEY=$GOOGLE_SA_KEY" --app "$APP_NAME" --stage | |
flyctl secrets set "GRPC_AUTH_TOKEN=$GRPC_AUTH_TOKEN" --app "$APP_NAME" --stage | |
flyctl secrets set "YRAL_METADATA_TOKEN=$YRAL_METADATA_TOKEN" --app "$APP_NAME" --stage | |
flyctl secrets set "UPSTASH_VECTOR_READ_WRITE_TOKEN=$UPSTASH_VECTOR_READ_WRITE_TOKEN" --app "$APP_NAME" --stage | |
flyctl secrets set "ML_SERVER_JWT_TOKEN=$ML_SERVER_JWT_TOKEN" --app "$APP_NAME" --stage | |
flyctl secrets set "CLOUDFLARE_STREAM_READ_AND_LIST_ACCESS_TOKEN=$CLOUDFLARE_STREAM_READ_AND_LIST_ACCESS_TOKEN" --app "$APP_NAME" --stage | |
flyctl secrets set HOTORNOT_CF_ACCOUNT_ID="a209c523d2d9646cc56227dbe6ce3ede" --app "$APP_NAME" --stage | |
flyctl secrets set MLFEED_JWT_PUBLIC_KEY="MCowBQYDK2VwAyEA1Lpv21H9dsqetmqzeNunPvCNLZM4XpsZPSquHSO7OYw=" --app "$APP_NAME" --stage | |
flyctl secrets set QSTASH_CURRENT_SIGNING_KEY="$QSTASH_CURRENT_SIGNING_KEY" --app "$APP_NAME" --stage | |
flyctl secrets set CF_IMAGES_API_TOKEN="$CF_IMAGES_API_TOKEN" --app "$APP_NAME" --stage | |
flyctl secrets set NSFW_GRPC_TOKEN="$NSFW_GRPC_TOKEN" --app "$APP_NAME" --stage | |
flyctl secrets set QSTASH_AUTH_TOKEN="$QSTASH_AUTH_TOKEN" --app "$APP_NAME" --stage | |
flyctl secrets set STORJ_ACCESS_KEY_ID="jwkzsq4yw45hm4mokb4ofacygflq" --app "$APP_NAME" --stage | |
flyctl secrets set STORJ_SECRET_KEY="j3vdqqdx47igl3lglfdlhxwdr6smgaqggfui4etegsc5c7q5ik7fa" --app "$APP_NAME" --stage | |
flyctl deploy --app $APP_NAME | |
env: | |
FLY_API_TOKEN: ${{ secrets.HOT_OR_NOT_OFF_CHAIN_AGENT_FLY_IO_GITHUB_ACTION }} | |
CF_R2_ACCESS_KEY_TEMP: ${{ secrets.HOT_OR_NOT_OFF_CHAIN_AGENT_CLOUDFLARE_R2_ACCESS_KEY_ID }} | |
CF_R2_SECRET_ACCESS_KEY_TEMP: ${{ secrets.HOT_OR_NOT_OFF_CHAIN_AGENT_CLOUDFLARE_R2_SECRET_ACCESS_KEY }} | |
CF_WORKER_ACCESS_OFF_CHAIN_AGENT_KEY: ${{ secrets.CF_WORKER_ACCESS_OFF_CHAIN_AGENT_KEY }} | |
RECLAIM_CANISTER_PEM: ${{ secrets.HOT_OR_NOT_OFF_CHAIN_AGENT_CANISTER_PRIVILEGED_IDENTITY_SECRET_KEY }} | |
GOOGLE_SA_KEY: ${{ secrets.YRAL_OFF_CHAIN_AGENT_GOOGLE_CLOUD_SERVICE_ACCOUNT_JSON_KEY }} | |
GRPC_AUTH_TOKEN: ${{ secrets.OFF_CHAIN_AGENT_GRPC_AUTH_TOKEN }} | |
YRAL_METADATA_TOKEN: ${{ secrets.YRAL_AUTH_METADATA_SERVICE_ACCESS_JWT_TOKEN_FOR_OFFCHAIN_AGENT }} | |
UPSTASH_VECTOR_READ_WRITE_TOKEN: ${{ secrets.UPSTASH_VECTOR_READ_WRITE_TOKEN }} | |
ML_SERVER_JWT_TOKEN: ${{ secrets.ML_SERVER_JWT_TOKEN }} | |
CLOUDFLARE_STREAM_READ_AND_LIST_ACCESS_TOKEN: ${{ secrets.CLOUDFLARE_STREAM_READ_AND_LIST_ACCESS_TOKEN }} | |
QSTASH_CURRENT_SIGNING_KEY: ${{ secrets.QSTASH_CURRENT_SIGNING_KEY }} | |
CF_IMAGES_API_TOKEN: ${{ secrets.CLOUDFLARE_IMAGES_READ_AND_WRITE_API_TOKEN }} | |
NSFW_GRPC_TOKEN: ${{ secrets.TOKEN_TO_SIGN_OUTGOING_CALLS_TO_NSFW_DETECT_SERVICE }} | |
QSTASH_AUTH_TOKEN: ${{ secrets.QSTASH_TOKEN }} |