diff --git a/.deploy/k8s/k8s-manifest-api.dev.yaml b/.deploy/k8s/k8s-manifest-api.dev.yaml new file mode 100644 index 000000000..4c9f01c8a --- /dev/null +++ b/.deploy/k8s/k8s-manifest-api.dev.yaml @@ -0,0 +1,82 @@ +--- +kind: Service +apiVersion: v1 +metadata: + name: ever-teams-dev-api-lb + annotations: + service.beta.kubernetes.io/do-loadbalancer-name: 'apidev.ever.team' + service.beta.kubernetes.io/do-loadbalancer-protocol: 'http2' + service.beta.kubernetes.io/do-loadbalancer-http2-ports: '443' + # Replace with your Certificate Id. You can get a list of Ids with 'doctl compute certificate list' + service.beta.kubernetes.io/do-loadbalancer-certificate-id: '0c4085c5-9692-4320-86f3-34f52b775a88' + service.beta.kubernetes.io/do-loadbalancer-size-slug: 'lb-small' + service.beta.kubernetes.io/do-loadbalancer-hostname: 'apidev.ever.team' +spec: + type: LoadBalancer + selector: + app: ever-teams-dev-api + ports: + - name: http + protocol: TCP + port: 443 + targetPort: 3000 +--- +kind: Deployment +apiVersion: apps/v1 +metadata: + name: ever-teams-dev-api +spec: + replicas: 1 + selector: + matchLabels: + app: ever-teams-dev-api + template: + metadata: + labels: + app: ever-teams-dev-api + spec: + containers: + - name: ever-teams-dev-api + image: registry.digitalocean.com/ever/gauzy-api-demo:latest + env: + - name: API_HOST + value: 0.0.0.0 + - name: DEMO + value: 'true' + - name: CLOUD_PROVIDER + value: '$CLOUD_PROVIDER' + - name: NODE_ENV + value: 'development' + - name: ADMIN_PASSWORD_RESET + value: 'true' + - name: LOG_LEVEL + value: 'info' + - name: SENTRY_DSN + value: '$SENTRY_DSN' + - name: SENTRY_HTTP_TRACING_ENABLED + value: '$SENTRY_HTTP_TRACING_ENABLED' + - name: SENTRY_PROFILING_ENABLED + value: '$SENTRY_PROFILING_ENABLED' + - name: SENTRY_POSTGRES_TRACKING_ENABLED + value: '$SENTRY_POSTGRES_TRACKING_ENABLED' + - name: API_BASE_URL + value: 'https://apidev.ever.team' + - name: CLIENT_BASE_URL + value: 'https://demo.ever.team' + - name: EXPRESS_SESSION_SECRET + value: 'gauzy' + - name: JWT_SECRET + value: 'secretKey' + - name: JWT_REFRESH_TOKEN_SECRET + value: 'refreshSecretKey' + - name: JWT_REFRESH_TOKEN_EXPIRATION_TIME + value: '86400' + - name: OTEL_ENABLED + value: '$OTEL_ENABLED' + - name: OTEL_EXPORTER_OTLP_TRACES_ENDPOINT + value: '$OTEL_EXPORTER_OTLP_TRACES_ENDPOINT' + - name: OTEL_EXPORTER_OTLP_HEADERS + value: '$OTEL_EXPORTER_OTLP_HEADERS' + ports: + - containerPort: 3000 + protocol: TCP diff --git a/.deploy/k8s/k8s-manifest-api.prod.yaml b/.deploy/k8s/k8s-manifest-api.prod.yaml new file mode 100644 index 000000000..3a82c54ae --- /dev/null +++ b/.deploy/k8s/k8s-manifest-api.prod.yaml @@ -0,0 +1,234 @@ +--- +kind: Service +apiVersion: v1 +metadata: + name: ever-teams-prod-api-lb + annotations: + service.beta.kubernetes.io/do-loadbalancer-name: 'api.ever.team' + service.beta.kubernetes.io/do-loadbalancer-protocol: 'http2' + service.beta.kubernetes.io/do-loadbalancer-http2-ports: '443' + # Replace with your Certificate Id. You can get a list of Ids with 'doctl compute certificate list' + service.beta.kubernetes.io/do-loadbalancer-certificate-id: '0c4085c5-9692-4320-86f3-34f52b775a88' + service.beta.kubernetes.io/do-loadbalancer-size-slug: 'lb-small' + service.beta.kubernetes.io/do-loadbalancer-hostname: 'api.ever.team' +spec: + type: LoadBalancer + selector: + app: ever-teams-prod-api + ports: + - name: http + protocol: TCP + port: 443 + targetPort: 3000 +--- +kind: Deployment +apiVersion: apps/v1 +metadata: + name: ever-teams-prod-api +spec: + replicas: 3 + selector: + matchLabels: + app: ever-teams-prod-api + template: + metadata: + labels: + app: ever-teams-prod-api + spec: + containers: + - name: ever-teams-prod-api + image: registry.digitalocean.com/ever/gauzy-api:latest + resources: + requests: + memory: '1536Mi' + cpu: '1000m' + limits: + memory: '2048Mi' + env: + - name: API_HOST + value: 0.0.0.0 + - name: DEMO + value: 'false' + - name: NODE_ENV + value: 'production' + - name: ADMIN_PASSWORD_RESET + value: 'true' + - name: LOG_LEVEL + value: 'info' + - name: CLOUD_PROVIDER + value: '$CLOUD_PROVIDER' + - name: SENTRY_DSN + value: '$SENTRY_DSN' + - name: SENTRY_HTTP_TRACING_ENABLED + value: '$SENTRY_HTTP_TRACING_ENABLED' + - name: SENTRY_PROFILING_ENABLED + value: '$SENTRY_PROFILING_ENABLED' + - name: SENTRY_POSTGRES_TRACKING_ENABLED + value: '$SENTRY_POSTGRES_TRACKING_ENABLED' + - name: API_BASE_URL + value: 'https://api.ever.team' + - name: CLIENT_BASE_URL + value: 'https://app.ever.team' + - name: DB_URI + value: '$DB_URI' + - name: DB_HOST + value: '$DB_HOST' + - name: DB_SSL_MODE + value: '$DB_SSL_MODE' + - name: DB_CA_CERT + value: '$DB_CA_CERT' + - name: DB_USER + value: '$DB_USER' + - name: DB_PASS + value: '$DB_PASS' + - name: DB_TYPE + value: '$DB_TYPE' + - name: DB_NAME + value: '$DB_NAME' + - name: DB_PORT + value: '$DB_PORT' + - name: REDIS_ENABLED + value: '$REDIS_ENABLED' + - name: REDIS_URL + value: '$REDIS_URL' + - name: AWS_ACCESS_KEY_ID + value: '$AWS_ACCESS_KEY_ID' + - name: AWS_SECRET_ACCESS_KEY + value: '$AWS_SECRET_ACCESS_KEY' + - name: AWS_REGION + value: '$AWS_REGION' + - name: AWS_S3_BUCKET + value: '$AWS_S3_BUCKET' + - name: WASABI_ACCESS_KEY_ID + value: '$WASABI_ACCESS_KEY_ID' + - name: WASABI_SECRET_ACCESS_KEY + value: '$WASABI_SECRET_ACCESS_KEY' + - name: WASABI_REGION + value: '$WASABI_REGION' + - name: WASABI_SERVICE_URL + value: '$WASABI_SERVICE_URL' + - name: WASABI_S3_BUCKET + value: '$WASABI_S3_BUCKET' + - name: EXPRESS_SESSION_SECRET + value: '$EXPRESS_SESSION_SECRET' + - name: JWT_SECRET + value: '$JWT_SECRET' + - name: JWT_REFRESH_TOKEN_SECRET + value: '$JWT_REFRESH_TOKEN_SECRET' + - name: JWT_REFRESH_TOKEN_EXPIRATION_TIME + value: '$JWT_REFRESH_TOKEN_EXPIRATION_TIME' + - name: CLOUDINARY_API_KEY + value: '$CLOUDINARY_API_KEY' + - name: CLOUDINARY_API_SECRET + value: '$CLOUDINARY_API_SECRET' + - name: CLOUDINARY_CLOUD_NAME + value: '$CLOUDINARY_CLOUD_NAME' + - name: DEFAULT_CURRENCY + value: 'USD' + - name: MAIL_FROM_ADDRESS + value: '$MAIL_FROM_ADDRESS' + - name: MAIL_HOST + value: '$MAIL_HOST' + - name: MAIL_PORT + value: '$MAIL_PORT' + - name: MAIL_USERNAME + value: '$MAIL_USERNAME' + - name: MAIL_PASSWORD + value: '$MAIL_PASSWORD' + - name: ALLOW_SUPER_ADMIN_ROLE + value: '$ALLOW_SUPER_ADMIN_ROLE' + - name: GOOGLE_CLIENT_ID + value: '$GOOGLE_CLIENT_ID' + - name: GOOGLE_CLIENT_SECRET + value: '$GOOGLE_CLIENT_SECRET' + - name: GOOGLE_CALLBACK_URL + value: '$GOOGLE_CALLBACK_URL' + - name: FACEBOOK_CLIENT_ID + value: '$FACEBOOK_CLIENT_ID' + - name: FACEBOOK_CLIENT_SECRET + value: '$FACEBOOK_CLIENT_SECRET' + - name: FACEBOOK_GRAPH_VERSION + value: '$FACEBOOK_GRAPH_VERSION' + - name: FACEBOOK_CALLBACK_URL + value: '$FACEBOOK_CALLBACK_URL' + - name: INTEGRATED_USER_DEFAULT_PASS + value: '$INTEGRATED_USER_DEFAULT_PASS' + - name: UPWORK_REDIRECT_URL + value: '$UPWORK_REDIRECT_URL' + - name: FILE_PROVIDER + value: '$FILE_PROVIDER' + - name: GAUZY_AI_GRAPHQL_ENDPOINT + value: '$GAUZY_AI_GRAPHQL_ENDPOINT' + - name: GAUZY_AI_REST_ENDPOINT + value: '$GAUZY_AI_REST_ENDPOINT' + - name: UNLEASH_APP_NAME + value: '$UNLEASH_APP_NAME' + - name: UNLEASH_API_URL + value: '$UNLEASH_API_URL' + - name: UNLEASH_INSTANCE_ID + value: '$UNLEASH_INSTANCE_ID' + - name: UNLEASH_REFRESH_INTERVAL + value: '$UNLEASH_REFRESH_INTERVAL' + - name: UNLEASH_METRICS_INTERVAL + value: '$UNLEASH_METRICS_INTERVAL' + - name: UNLEASH_API_KEY + value: '$UNLEASH_API_KEY' + - name: PM2_PUBLIC_KEY + value: '$PM2_PUBLIC_KEY' + - name: PM2_SECRET_KEY + value: '$PM2_SECRET_KEY' + - name: PM2_MACHINE_NAME + value: '$PM2_MACHINE_NAME' + - name: JITSU_SERVER_URL + value: '$JITSU_SERVER_URL' + - name: JITSU_SERVER_WRITE_KEY + value: '$JITSU_SERVER_WRITE_KEY' + - name: OTEL_ENABLED + value: '$OTEL_ENABLED' + - name: OTEL_EXPORTER_OTLP_TRACES_ENDPOINT + value: '$OTEL_EXPORTER_OTLP_TRACES_ENDPOINT' + - name: OTEL_EXPORTER_OTLP_HEADERS + value: '$OTEL_EXPORTER_OTLP_HEADERS' + - name: GAUZY_GITHUB_CLIENT_ID + value: '$GAUZY_GITHUB_CLIENT_ID' + - name: GAUZY_GITHUB_CLIENT_SECRET + value: '$GAUZY_GITHUB_CLIENT_SECRET' + - name: GAUZY_GITHUB_WEBHOOK_URL + value: '$GAUZY_GITHUB_WEBHOOK_URL' + - name: GAUZY_GITHUB_WEBHOOK_SECRET + value: '$GAUZY_GITHUB_WEBHOOK_SECRET' + - name: GAUZY_GITHUB_APP_PRIVATE_KEY + value: '$GAUZY_GITHUB_APP_PRIVATE_KEY' + - name: GAUZY_GITHUB_APP_ID + value: '$GAUZY_GITHUB_APP_ID' + - name: GAUZY_GITHUB_APP_NAME + value: '$GAUZY_GITHUB_APP_NAME' + - name: GAUZY_GITHUB_POST_INSTALL_URL + value: '$GAUZY_GITHUB_POST_INSTALL_URL' + - name: GAUZY_GITHUB_OAUTH_CLIENT_ID + value: '$GAUZY_GITHUB_OAUTH_CLIENT_ID' + - name: GAUZY_GITHUB_OAUTH_CLIENT_SECRET + value: '$GAUZY_GITHUB_OAUTH_CLIENT_SECRET' + - name: GAUZY_GITHUB_OAUTH_CALLBACK_URL + value: '$GAUZY_GITHUB_OAUTH_CALLBACK_URL' + - name: MAGIC_CODE_EXPIRATION_TIME + value: '$MAGIC_CODE_EXPIRATION_TIME' + - name: APP_NAME + value: '$APP_NAME' + - name: APP_LOGO + value: '$APP_LOGO' + - name: APP_SIGNATURE + value: '$APP_SIGNATURE' + - name: APP_LINK + value: '$APP_LINK' + - name: APP_EMAIL_CONFIRMATION_URL + value: '$APP_EMAIL_CONFIRMATION_URL' + - name: APP_MAGIC_SIGN_URL + value: '$APP_MAGIC_SIGN_URL' + - name: COMPANY_LINK + value: '$COMPANY_LINK' + - name: COMPANY_NAME + value: '$COMPANY_NAME' + ports: + - containerPort: 3000 + protocol: TCP diff --git a/.deploy/k8s/k8s-manifest.dev.yaml b/.deploy/k8s/k8s-manifest.dev.yaml index f7416b2ec..b1430904b 100644 --- a/.deploy/k8s/k8s-manifest.dev.yaml +++ b/.deploy/k8s/k8s-manifest.dev.yaml @@ -22,8 +22,8 @@ spec: targetPort: 3000 --- -apiVersion: apps/v1 kind: Deployment +apiVersion: apps/v1 metadata: name: ever-teams-dev-webapp spec: diff --git a/.deploy/k8s/k8s-manifest.prod.yaml b/.deploy/k8s/k8s-manifest.prod.yaml index ef23a5e55..555f85805 100644 --- a/.deploy/k8s/k8s-manifest.prod.yaml +++ b/.deploy/k8s/k8s-manifest.prod.yaml @@ -22,8 +22,8 @@ spec: targetPort: 3000 --- -apiVersion: apps/v1 kind: Deployment +apiVersion: apps/v1 metadata: name: ever-teams-prod-webapp spec: diff --git a/.github/workflows/deploy-api-do-dev.yml b/.github/workflows/deploy-api-do-dev.yml new file mode 100644 index 000000000..10c160403 --- /dev/null +++ b/.github/workflows/deploy-api-do-dev.yml @@ -0,0 +1,53 @@ +name: Deploy API to DigitalOcean Dev + +on: + push: + branches: [develop] + +concurrency: + group: ${{ github.ref }}-${{ github.workflow }} + cancel-in-progress: true + +jobs: + deploy-api-dev: + runs-on: buildjet-4vcpu-ubuntu-2204 + + environment: dev + + steps: + - name: Checkout + uses: actions/checkout@v4 + + - name: Install doctl + uses: digitalocean/action-doctl@v2 + with: + token: ${{ secrets.DIGITALOCEAN_ACCESS_TOKEN }} + + - name: Log in to DigitalOcean Container Registry with short-lived credentials + run: doctl registry login --expiry-seconds 600 + + - name: Save DigitalOcean kubeconfig with short-lived credentials + run: doctl kubernetes cluster kubeconfig save --expiry-seconds 600 k8s-gauzy + + - name: Apply k8s manifests changes in DigitalOcean k8s cluster (if any) + run: | + envsubst < $GITHUB_WORKSPACE/.deploy/k8s/k8s-manifest-api.dev.yaml | kubectl --context do-sfo2-k8s-gauzy apply -f - + env: + # below we are using GitHub secrets for both frontend and backend + CLOUD_PROVIDER: 'DO' + DB_NAME: '${{ secrets.DB_NAME }}' + SENTRY_DSN: '${{ secrets.SENTRY_DSN }}' + SENTRY_TRACES_SAMPLE_RATE: '${{ secrets.SENTRY_TRACES_SAMPLE_RATE }}' + SENTRY_PROFILE_SAMPLE_RATE: '${{ secrets.SENTRY_PROFILE_SAMPLE_RATE }}' + SENTRY_HTTP_TRACING_ENABLED: '${{ secrets.SENTRY_HTTP_TRACING_ENABLED }}' + SENTRY_POSTGRES_TRACKING_ENABLED: '${{ secrets.SENTRY_POSTGRES_TRACKING_ENABLED }}' + SENTRY_PROFILING_ENABLED: '${{ secrets.SENTRY_PROFILING_ENABLED }}' + OTEL_ENABLED: '${{ secrets.OTEL_ENABLED }}' + OTEL_EXPORTER_OTLP_TRACES_ENDPOINT: '${{ secrets.OTEL_EXPORTER_OTLP_TRACES_ENDPOINT }}' + OTEL_EXPORTER_OTLP_HEADERS: '${{ secrets.OTEL_EXPORTER_OTLP_HEADERS }}' + + # we need this step because for now we just use :latest tag + # note: for production we will use different strategy later + - name: Restart Pods to pick up :latest tag version + run: | + kubectl --context do-sfo2-k8s-gauzy rollout restart deployment/ever-teams-dev-api diff --git a/.github/workflows/deploy-api-do-prod.yml b/.github/workflows/deploy-api-do-prod.yml new file mode 100644 index 000000000..14d53ade7 --- /dev/null +++ b/.github/workflows/deploy-api-do-prod.yml @@ -0,0 +1,131 @@ +name: Deploy API to DigitalOcean Prod + +on: + push: + branches: [main] + +concurrency: + group: ${{ github.ref }}-${{ github.workflow }} + cancel-in-progress: true + +jobs: + deploy-api-dev: + runs-on: buildjet-4vcpu-ubuntu-2204 + + environment: prod + + steps: + - name: Checkout + uses: actions/checkout@v4 + + - name: Install doctl + uses: digitalocean/action-doctl@v2 + with: + token: ${{ secrets.DIGITALOCEAN_ACCESS_TOKEN }} + + - name: Log in to DigitalOcean Container Registry with short-lived credentials + run: doctl registry login --expiry-seconds 600 + + - name: Save DigitalOcean kubeconfig with short-lived credentials + run: doctl kubernetes cluster kubeconfig save --expiry-seconds 600 k8s-gauzy + + - name: Apply k8s manifests changes in DigitalOcean k8s cluster (if any) + run: | + envsubst < $GITHUB_WORKSPACE/.deploy/k8s/k8s-manifest-api.prod.yaml | kubectl --context do-sfo2-k8s-gauzy apply -f - + env: + # below we are using GitHub secrets for both frontend and backend + DB_TYPE: '${{ secrets.DB_TYPE }}' + DB_URI: '${{ secrets.DB_URI }}' + DB_HOST: '${{ secrets.DB_HOST }}' + DB_USER: '${{ secrets.DB_USER }}' + DB_PASS: '${{ secrets.DB_PASS }}' + DB_NAME: '${{ secrets.DB_NAME }}' + DB_PORT: '${{ secrets.DB_PORT }}' + DB_CA_CERT: '${{ secrets.DB_CA_CERT }}' + DB_SSL_MODE: '${{ secrets.DB_SSL_MODE }}' + REDIS_ENABLED: '${{ secrets.REDIS_ENABLED }}' + REDIS_URL: '${{ secrets.REDIS_URL }}' + CLOUD_PROVIDER: 'DO' + SENTRY_DSN: '${{ secrets.SENTRY_DSN }}' + SENTRY_TRACES_SAMPLE_RATE: '${{ secrets.SENTRY_TRACES_SAMPLE_RATE }}' + SENTRY_PROFILE_SAMPLE_RATE: '${{ secrets.SENTRY_PROFILE_SAMPLE_RATE }}' + SENTRY_HTTP_TRACING_ENABLED: '${{ secrets.SENTRY_HTTP_TRACING_ENABLED }}' + SENTRY_POSTGRES_TRACKING_ENABLED: '${{ secrets.SENTRY_POSTGRES_TRACKING_ENABLED }}' + SENTRY_PROFILING_ENABLED: '${{ secrets.SENTRY_PROFILING_ENABLED }}' + AWS_ACCESS_KEY_ID: '${{ secrets.AWS_ACCESS_KEY_ID }}' + AWS_SECRET_ACCESS_KEY: '${{ secrets.AWS_SECRET_ACCESS_KEY }}' + AWS_REGION: '${{ secrets.AWS_REGION }}' + AWS_S3_BUCKET: '${{ secrets.AWS_S3_BUCKET }}' + WASABI_ACCESS_KEY_ID: '${{ secrets.WASABI_ACCESS_KEY_ID }}' + WASABI_SECRET_ACCESS_KEY: '${{ secrets.WASABI_SECRET_ACCESS_KEY }}' + WASABI_REGION: '${{ secrets.WASABI_REGION }}' + WASABI_SERVICE_URL: '${{ secrets.WASABI_SERVICE_URL }}' + WASABI_S3_BUCKET: '${{ secrets.WASABI_S3_BUCKET }}' + EXPRESS_SESSION_SECRET: '${{ secrets.EXPRESS_SESSION_SECRET }}' + JWT_SECRET: '${{ secrets.JWT_SECRET }}' + JWT_REFRESH_TOKEN_SECRET: '${{ secrets.JWT_REFRESH_TOKEN_SECRET }}' + JWT_REFRESH_TOKEN_EXPIRATION_TIME: '${{ secrets.JWT_REFRESH_TOKEN_EXPIRATION_TIME }}' + CLOUDINARY_API_KEY: '${{ secrets.CLOUDINARY_API_KEY }}' + CLOUDINARY_API_SECRET: '${{ secrets.CLOUDINARY_API_SECRET }}' + CLOUDINARY_CLOUD_NAME: '${{ secrets.CLOUDINARY_CLOUD_NAME }}' + MAIL_FROM_ADDRESS: '${{ secrets.MAIL_FROM_ADDRESS }}' + MAIL_HOST: '${{ secrets.MAIL_HOST }}' + MAIL_PORT: '${{ secrets.MAIL_PORT }}' + MAIL_USERNAME: '${{ secrets.MAIL_USERNAME }}' + MAIL_PASSWORD: '${{ secrets.MAIL_PASSWORD }}' + ALLOW_SUPER_ADMIN_ROLE: '${{ secrets.ALLOW_SUPER_ADMIN_ROLE }}' + GOOGLE_CLIENT_ID: '${{ secrets.GOOGLE_CLIENT_ID }}' + GOOGLE_CLIENT_SECRET: '${{ secrets.GOOGLE_CLIENT_SECRET }}' + GOOGLE_CALLBACK_URL: '${{ secrets.GOOGLE_CALLBACK_URL }}' + FACEBOOK_CLIENT_ID: '${{ secrets.FACEBOOK_CLIENT_ID }}' + FACEBOOK_CLIENT_SECRET: '${{ secrets.FACEBOOK_CLIENT_SECRET }}' + FACEBOOK_GRAPH_VERSION: '${{ secrets.FACEBOOK_GRAPH_VERSION }}' + FACEBOOK_CALLBACK_URL: '${{ secrets.FACEBOOK_CALLBACK_URL }}' + INTEGRATED_USER_DEFAULT_PASS: '${{ secrets.INTEGRATED_USER_DEFAULT_PASS }}' + UPWORK_REDIRECT_URL: '${{ secrets.UPWORK_REDIRECT_URL }}' + FILE_PROVIDER: '${{ secrets.FILE_PROVIDER }}' + GAUZY_AI_GRAPHQL_ENDPOINT: '${{ secrets.GAUZY_AI_GRAPHQL_ENDPOINT }}' + GAUZY_AI_REST_ENDPOINT: '${{ secrets.GAUZY_AI_REST_ENDPOINT }}' + UNLEASH_APP_NAME: '${{ secrets.UNLEASH_APP_NAME }}' + UNLEASH_API_URL: '${{ secrets.UNLEASH_API_URL }}' + UNLEASH_INSTANCE_ID: '${{ secrets.UNLEASH_INSTANCE_ID }}' + UNLEASH_REFRESH_INTERVAL: '${{ secrets.UNLEASH_REFRESH_INTERVAL }}' + UNLEASH_METRICS_INTERVAL: '${{ secrets.UNLEASH_METRICS_INTERVAL }}' + UNLEASH_API_KEY: '${{ secrets.UNLEASH_API_KEY }}' + PM2_MACHINE_NAME: '${{ secrets.PM2_MACHINE_NAME }}' + PM2_SECRET_KEY: '${{ secrets.PM2_SECRET_KEY }}' + PM2_PUBLIC_KEY: '${{ secrets.PM2_PUBLIC_KEY }}' + JITSU_SERVER_URL: '${{ secrets.JITSU_SERVER_URL }}' + JITSU_SERVER_WRITE_KEY: '${{ secrets.JITSU_SERVER_WRITE_KEY }}' + OTEL_ENABLED: '${{ secrets.OTEL_ENABLED }}' + OTEL_EXPORTER_OTLP_TRACES_ENDPOINT: '${{ secrets.OTEL_EXPORTER_OTLP_TRACES_ENDPOINT }}' + OTEL_EXPORTER_OTLP_HEADERS: '${{ secrets.OTEL_EXPORTER_OTLP_HEADERS }}' + GAUZY_GITHUB_CLIENT_ID: '${{ secrets.GAUZY_GITHUB_CLIENT_ID }}' + GAUZY_GITHUB_CLIENT_SECRET: '${{ secrets.GAUZY_GITHUB_CLIENT_SECRET }}' + GAUZY_GITHUB_APP_PRIVATE_KEY: '${{ secrets.GAUZY_GITHUB_APP_PRIVATE_KEY }}' + GAUZY_GITHUB_WEBHOOK_URL: '${{ secrets.GAUZY_GITHUB_WEBHOOK_URL }}' + GAUZY_GITHUB_WEBHOOK_SECRET: '${{ secrets.GAUZY_GITHUB_WEBHOOK_SECRET }}' + GAUZY_GITHUB_APP_NAME: '${{ secrets.GAUZY_GITHUB_APP_NAME }}' + GAUZY_GITHUB_REDIRECT_URL: '${{ secrets.GAUZY_GITHUB_REDIRECT_URL }}' + GAUZY_GITHUB_POST_INSTALL_URL: '${{ secrets.GAUZY_GITHUB_POST_INSTALL_URL }}' + GAUZY_GITHUB_APP_ID: '${{ secrets.GAUZY_GITHUB_APP_ID }}' + GAUZY_GITHUB_OAUTH_CLIENT_ID: '${{ secrets.GAUZY_GITHUB_OAUTH_CLIENT_ID }}' + GAUZY_GITHUB_OAUTH_CLIENT_SECRET: '${{ secrets.GAUZY_GITHUB_OAUTH_CLIENT_SECRET }}' + GAUZY_GITHUB_OAUTH_CALLBACK_URL: '${{ secrets.GAUZY_GITHUB_OAUTH_CALLBACK_URL }}' + JITSU_BROWSER_URL: '${{ secrets.JITSU_BROWSER_URL }}' + JITSU_BROWSER_WRITE_KEY: '${{ secrets.JITSU_BROWSER_WRITE_KEY }}' + MAGIC_CODE_EXPIRATION_TIME: '${{ secrets.MAGIC_CODE_EXPIRATION_TIME }}' + APP_NAME: '${{ secrets.APP_NAME }}' + APP_LOGO: '${{ secrets.APP_LOGO }}' + APP_SIGNATURE: '${{ secrets.APP_SIGNATURE }}' + APP_LINK: '${{ secrets.APP_LINK }}' + APP_EMAIL_CONFIRMATION_URL: '${{ secrets.APP_EMAIL_CONFIRMATION_URL }}' + APP_MAGIC_SIGN_URL: '${{ secrets.APP_MAGIC_SIGN_URL }}' + COMPANY_LINK: '${{ secrets.COMPANY_LINK }}' + COMPANY_NAME: '${{ secrets.COMPANY_NAME }}' + + # we need this step because for now we just use :latest tag + # note: for production we will use different strategy later + - name: Restart Pods to pick up :latest tag version + run: | + kubectl --context do-sfo2-k8s-gauzy rollout restart deployment/ever-teams-prod-api diff --git a/.github/workflows/desktop.apps.yml b/.github/workflows/desktop.apps.yml index 55020a252..da9153a20 100644 --- a/.github/workflows/desktop.apps.yml +++ b/.github/workflows/desktop.apps.yml @@ -24,7 +24,7 @@ jobs: uses: actions/checkout@v4 with: repository: 'ever-co/ever-gauzy' - ref: develop + ref: master - name: Install Node.js, NPM and Yarn uses: buildjet/setup-node@v3 @@ -108,7 +108,7 @@ jobs: uses: actions/checkout@v4 with: repository: 'ever-co/ever-gauzy' - ref: develop + ref: master - name: Install Node.js, NPM and Yarn uses: actions/setup-node@v3 @@ -186,7 +186,7 @@ jobs: uses: actions/checkout@v4 with: repository: 'ever-co/ever-gauzy' - ref: develop + ref: master - name: Install Node.js, NPM and Yarn uses: actions/setup-node@v3