ci: Fix functions deploy variables for prod #179

# to view logs

Workflow file for this run

.github/workflows/prod-deploy.yml at d3a6948

	name: Promote staging to PROD
	on:
	pull_request:
	paths:
	- .github/workflows/prod-deploy.yml # For testing changes, won't deploy to prod
	release:
	types:
	- released
	workflow_dispatch:
	inputs:
	tag:
	description: 'The release tag to promote (e.g. v1.2.3) do not append centrifuge-app to the tag'
	required: true
	type: string
	concurrency:
	group: production-deployment
	cancel-in-progress: false

	jobs:
	get-release-artifacts:
	name: download-${{ matrix.artifact.name }}
	runs-on: ubuntu-latest
	permissions:
	contents: 'read'
	id-token: 'write'
	strategy:
	matrix:
	artifact:
	- name: webpack
	path: centrifuge-app/build/
	- name: pinning-api
	path: pinning-api/dist/
	- name: onboarding-api
	path: onboarding-api/dist/
	steps:
	- name: Determine release version
	id: version
	run: \|
	if [[ "${{ github.event_name }}" == "release" ]]; then
	echo "version=${{ github.event.release.id }}" >> $GITHUB_OUTPUT
	elif [[ "${{ github.event_name }}" == "workflow_dispatch" ]]; then
	echo "version=tags/centrifuge-app/${{ inputs.tag }}" >> $GITHUB_OUTPUT
	else
	# For PR events, get the latest release tag
	LATEST_TAG=$(curl -s -H "Accept: application/vnd.github.v3+json" \
	"https://api.github.com/repos/centrifuge/apps/releases/latest" \| \
	jq -r '.tag_name')
	echo "version=tags/${LATEST_TAG}" >> $GITHUB_OUTPUT
	fi

	- uses: dsaltares/fetch-gh-release-asset@aa2ab1243d6e0d5b405b973c89fa4d06a2d0fff7 # v1.1.2
	with:
	repo: 'centrifuge/apps'
	version: ${{ steps.version.outputs.version }}
	file: "${{ matrix.artifact.name }}.zip"
	target: "${{ matrix.artifact.name }}.zip"

	- name: Unzip release files
	env:
	ZIPFILE: ${{ matrix.artifact.name }}
	run: \|
	ls -la
	unzip $ZIPFILE 1> /dev/null
	ls -la

	- name: Upload webpack files
	uses: actions/upload-artifact@v4
	with:
	name: ${{ matrix.artifact.name }}
	path: ${{ matrix.artifact.path }}

	deploy-app:
	name: app-prod-deploy
	needs: get-release-artifacts
	permissions:
	contents: 'read'
	id-token: 'write'
	runs-on: ubuntu-latest
	environment: production
	if: ${{ github.event_name != 'pull_request' }}
	steps:

	- name: Checkout
	uses: actions/checkout@v4
	with:
	path: apps
	sparse-checkout: \|
	.github/actions/deploy-gcs

	- name: Deploy to GCS
	uses: ./apps/.github/actions/deploy-gcs
	with:
	GWIP: ${{ secrets.GWIP }}
	GSA: ${{ secrets.GSA }}
	bucket_url: 'app.centrifuge.io'
	artifact_name: webpack


	deploy-functions:
	name: ${{ matrix.function.name }}-prod-deploy
	needs: get-release-artifacts
	runs-on: ubuntu-latest
	environment: production
	permissions:
	contents: 'read'
	id-token: 'write'
	strategy:
	fail-fast: false
	matrix:
	function:
	- name: pinning-api
	handler: pinningApi
	- name: onboarding-api
	handler: onboarding
	steps:

	- name: Set service account
	id: set-sa
	run: \|
	if [ "${{ matrix.function.name }}" = "pinning-api" ]; then
	echo "SERVICE_ACCOUNT=${{ vars.PINNING_API_FUNCT_SA }}" >> $GITHUB_ENV
	elif [ "${{ matrix.function.name }}" = "onboarding-api" ]; then
	echo "SERVICE_ACCOUNT=${{ vars.ONBOARDING_FUNCT_SA }}" >> $GITHUB_ENV
	fi

	- name: Checkout
	uses: actions/checkout@v4
	with:
	path: apps
	sparse-checkout: \|
	.github/actions/deploy-gfunction

	- name: Debug deployment variables
	if: ${{ github.event_name == 'pull_request' }}
	run: \|
	echo "App Name: ${{ matrix.function.name }}-production"
	echo "Artifact Name: ${{ matrix.function.name }}"
	echo "GWIP: ${{ secrets.GWIP }}"
	echo "GSA: ${{ secrets.GSA }}"
	echo "Target: ${{ matrix.function.handler }}"
	echo "Gcloud Region: ${{ vars.GCLOUD_REGION }}"
	echo "Service Account: ${{ env.SERVICE_ACCOUNT }}"
	echo "Deploy Environment: production"

	- name: Deploy Gfunction
	id: functionsdeploy
	uses: ./apps/.github/actions/deploy-gfunction
	if: ${{ github.event_name != 'pull_request' }}
	with:
	app_name: "${{ matrix.function.name }}-production"
	artifact_name: ${{ matrix.function.name }}
	GWIP: ${{ secrets.GWIP }}
	GSA: ${{ secrets.GSA }}
	target: ${{ matrix.function.handler }}
	gcloud_region: ${{ vars.GCLOUD_REGION }}
	service_account: ${{ env.SERVICE_ACCOUNT }}
	deploy_env: production

	slack-notify-success:
	needs: [deploy-app, deploy-functions]
	if: success()
	runs-on: ubuntu-latest
	steps:
	- name: Notify prod deploy success
	uses: rtCamp/action-slack-notify@c33737706dea87cd7784c687dadc9adf1be59990 # v2.3.2
	env:
	SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }}
	SLACK_MESSAGE: \|
	✅ Production deployment successful!
	app.staging.centrifuge.io has been promoted to app.centrifuge.io and is now LIVE!
	Check out the new release -> https://github.com/centrifuge/apps/releases/
	SLACK_USERNAME: 'Centrifuge GHA Bot'
	SLACK_ICON: 'https://centrifuge.io/favicon.ico'
	SLACK_TITLE: 'Centrifuge app has been promoted to prod.'
	SLACK_FOOTER: 'Automatic message from centrifuge/apps repository Actions'
	MSG_MINIMAL: true
	SLACK_COLOR: 'good'

	slack-notify-failure:
	needs: [deploy-app, deploy-functions]
	if: failure() && ${{ github.event_name != 'pull_request' }}
	runs-on: ubuntu-latest
	steps:
	- name: Notify prod deploy failure
	uses: rtCamp/action-slack-notify@c33737706dea87cd7784c687dadc9adf1be59990 # v2.3.2
	env:
	SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }}
	SLACK_MESSAGE: \|
	❌ Production deployment failed!
	One or more jobs failed during the promotion to production.
	Please check the workflow run for details -> ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}
	SLACK_USERNAME: 'Centrifuge GHA Bot'
	SLACK_ICON: 'https://centrifuge.io/favicon.ico'
	SLACK_TITLE: '⚠️ Production Deployment Failed'
	SLACK_FOOTER: 'Automatic message from centrifuge/apps repository Actions'
	MSG_MINIMAL: true
	SLACK_COLOR: 'danger'

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

ci: Fix functions deploy variables for prod #179

Workflow file

ci: Fix functions deploy variables for prod #179

Jobs

Run details

Workflow file for this run