Skip to content

Merge pull request #358 from planetarium/bugfix/put-nonce-first #819

Merge pull request #358 from planetarium/bugfix/put-nonce-first

Merge pull request #358 from planetarium/bugfix/put-nonce-first #819

Workflow file for this run

name: Works on NineChronicles.IAP
on:
push:
branches:
- development
- internal
- release/*
- main
- preview
pull_request:
branches:
- development
- internal
- release/*
- main
jobs:
test:
uses: ./.github/workflows/test.yml
with:
environment: ${{ github.ref == 'refs/heads/main' && 'mainnet' || ((startsWith(github.ref, 'refs/heads/release') || github.ref == 'refs/heads/internal' || github.ref == 'refs/heads/preview') && 'internal' || 'development') }}
secrets:
APPLE_CREDENTIAL: ${{ secrets.APPLE_CREDENTIAL }}
APPLE_KEY_ID: ${{ secrets.APPLE_KEY_ID }}
APPLE_ISSUER_ID: ${{ secrets.APPLE_ISSUER_ID }}
GOOGLE_CREDENTIAL: ${{ secrets.GOOGLE_CREDENTIAL }}
SEASON_PASS_JWT_SECRET: ${{ secrets.SEASON_PASS_JWT_SECRET }}
HEADLESS_GQL_JWT_SECRET: ${{ secrets.HEADLESS_GQL_JWT_SECRET }}
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
build_frontend:
uses: ./.github/workflows/build_frontend.yml
with:
environment: ${{ github.ref == 'refs/heads/main' && 'mainnet' || ((startsWith(github.ref, 'refs/heads/release') || github.ref == 'refs/heads/internal' || github.ref == 'refs/heads/preview') && 'internal' || 'development') }}
secrets:
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
synth:
uses: ./.github/workflows/synth.yml
with:
environment: ${{ (startsWith(github.ref, 'refs/heads/release') || github.ref == 'refs/heads/internal' || github.ref == 'refs/heads/preview') && 'internal' || 'development' }}
secrets:
ACCOUNT_ID: ${{ secrets.ACCOUNT_ID }}
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
KMS_KEY_ID: ${{ secrets.KMS_KEY_ID }}
ADHOC_KMS_KEY_ID: ${{ secrets.ADHOC_KMS_KEY_ID }}
GOOGLE_CREDENTIAL: ${{ secrets.GOOGLE_CREDENTIAL }}
APPLE_CREDENTIAL: ${{ secrets.APPLE_CREDENTIAL }}
APPLE_KEY_ID: ${{ secrets.APPLE_KEY_ID }}
APPLE_ISSUER_ID: ${{ secrets.APPLE_ISSUER_ID }}
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
IAP_GARAGE_WEBHOOK_URL: ${{ secrets.IAP_GARAGE_WEBHOOK_URL }}
IAP_ALERT_WEBHOOK_URL: ${{ secrets.IAP_ALERT_WEBHOOK_URL }}
GOLDEN_DUST_REQUEST_SHEET_ID: ${{ secrets.GOLDEN_DUST_REQUEST_SHEET_ID }}
GOLDEN_DUST_WORK_SHEET_ID: ${{ secrets.GOLDEN_DUST_WORK_SHEET_ID }}
SEASON_PASS_JWT_SECRET: ${{ secrets.SEASON_PASS_JWT_SECRET }}
VOUCHER_URL: ${{ secrets.VOUCHER_URL }}
VOUCHER_JWT_SECRET: ${{ secrets.VOUCHER_JWT_SECRET }}
BRIDGE_DATA: ${{ secrets.BRIDGE_DATA }}
REFUND_SHEET_ID : ${{ secrets.REFUND_SHEET_ID }}
HEADLESS_GQL_JWT_SECRET: ${{ secrets.HEADLESS_GQL_JWT_SECRET }}
deploy_without_approval:
# This is for preview / internal deployment
if: ${{ github.ref == 'refs/heads/preview' || github.ref == 'refs/heads/internal' || startsWith(github.ref, 'refs/heads/release') }}
needs: [ "test", "build_frontend", "synth" ]
uses: ./.github/workflows/deploy.yml
with:
environment: ${{ (startsWith(github.ref, 'refs/heads/release') || github.ref == 'refs/heads/internal' || github.ref == 'refs/heads/preview') && 'internal' || 'development' }}
secrets:
ACCOUNT_ID: ${{ secrets.ACCOUNT_ID }}
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
KMS_KEY_ID: ${{ secrets.KMS_KEY_ID }}
ADHOC_KMS_KEY_ID: ${{ secrets.ADHOC_KMS_KEY_ID }}
GOOGLE_CREDENTIAL: ${{ secrets.GOOGLE_CREDENTIAL }}
APPLE_CREDENTIAL: ${{ secrets.APPLE_CREDENTIAL }}
APPLE_KEY_ID: ${{ secrets.APPLE_KEY_ID }}
APPLE_ISSUER_ID: ${{ secrets.APPLE_ISSUER_ID }}
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
IAP_GARAGE_WEBHOOK_URL: ${{ secrets.IAP_GARAGE_WEBHOOK_URL }}
IAP_ALERT_WEBHOOK_URL: ${{ secrets.IAP_ALERT_WEBHOOK_URL }}
GOLDEN_DUST_REQUEST_SHEET_ID: ${{ secrets.GOLDEN_DUST_REQUEST_SHEET_ID }}
GOLDEN_DUST_WORK_SHEET_ID: ${{ secrets.GOLDEN_DUST_WORK_SHEET_ID }}
SEASON_PASS_JWT_SECRET: ${{ secrets.SEASON_PASS_JWT_SECRET }}
VOUCHER_URL: ${{ secrets.VOUCHER_URL }}
VOUCHER_JWT_SECRET: ${{ secrets.VOUCHER_JWT_SECRET }}
BRIDGE_DATA: ${{ secrets.BRIDGE_DATA }}
REFUND_SHEET_ID : ${{ secrets.REFUND_SHEET_ID }}
HEADLESS_GQL_JWT_SECRET: ${{ secrets.HEADLESS_GQL_JWT_SECRET }}
approval:
runs-on: ubuntu-latest
if: ${{ github.ref == 'refs/heads/main' }}
needs: [ "test", "build_frontend", "synth" ]
environment: approval
steps:
- uses: actions/checkout@v3
- name: Echo
run: |
echo "Manual Approval"
deploy_with_approval:
# This is for mainnet deployment. It needs user approval
if: ${{ github.ref == 'refs/heads/main' }}
needs: approval
uses: ./.github/workflows/deploy.yml
with:
environment: mainnet
secrets:
ACCOUNT_ID: ${{ secrets.ACCOUNT_ID }}
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
KMS_KEY_ID: ${{ secrets.KMS_KEY_ID }}
ADHOC_KMS_KEY_ID: ${{ secrets.ADHOC_KMS_KEY_ID }}
GOOGLE_CREDENTIAL: ${{ secrets.GOOGLE_CREDENTIAL }}
APPLE_CREDENTIAL: ${{ secrets.APPLE_CREDENTIAL }}
APPLE_KEY_ID: ${{ secrets.APPLE_KEY_ID }}
APPLE_ISSUER_ID: ${{ secrets.APPLE_ISSUER_ID }}
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
IAP_GARAGE_WEBHOOK_URL: ${{ secrets.IAP_GARAGE_WEBHOOK_URL }}
IAP_ALERT_WEBHOOK_URL: ${{ secrets.IAP_ALERT_WEBHOOK_URL }}
GOLDEN_DUST_REQUEST_SHEET_ID: ${{ secrets.GOLDEN_DUST_REQUEST_SHEET_ID }}
GOLDEN_DUST_WORK_SHEET_ID: ${{ secrets.GOLDEN_DUST_WORK_SHEET_ID }}
SEASON_PASS_JWT_SECRET: ${{ secrets.SEASON_PASS_JWT_SECRET }}
VOUCHER_URL: ${{ secrets.VOUCHER_URL }}
VOUCHER_JWT_SECRET: ${{ secrets.VOUCHER_JWT_SECRET }}
BRIDGE_DATA: ${{ secrets.BRIDGE_DATA }}
REFUND_SHEET_ID : ${{ secrets.REFUND_SHEET_ID }}
HEADLESS_GQL_JWT_SECRET: ${{ secrets.HEADLESS_GQL_JWT_SECRET }}