fix Workflow file for production deployment

thibauld · thibauld · commit 2ba7e2d08e7f · 2025-06-18T13:20:11.000-04:00
diff --git a/.github/workflows/deploy.prod.yaml b/.github/workflows/deploy.prod.yaml
@@ -1,133 +1,127 @@
 name: Deployment (Prod)
 
 on:
-    push:
-        branches:
-            - main
+  push:
+    branches:
+      - main
 
 jobs:
-    build:
-        name: Build, Test, and Deploy
-        environment: prod
-        runs-on: ubuntu-latest
-        steps:
-            - name: Checkout code
-              uses: actions/checkout@v2
-              with:
-                  submodules: true
-                  fetch-depth: 0
-
-            # Setup and cache dependencies
-            - name: Setup Node.js
-              uses: actions/setup-node@v3
-              with:
-                  node-version: "18"
-                  cache: "yarn"
-
-            - name: Install Node Dependencies
-              run: yarn install --frozen-lockfile
-
-            - name: Install Foundry
-              uses: foundry-rs/foundry-toolchain@v1
-              with:
-                  version: stable
-
-            - name: Run Forge Install Script
-              run: chmod +x setup.sh && ./setup.sh
-
-            # Run all tests and checks
-            - name: Run Forge Tests
-              run: cd chain && forge test --summary
-
-            - name: Run ESLint
-              run: yarn lint:check
-
-            - name: Check Formatting
-              run: yarn format:check
-
-            - name: Deploy
-              shell: bash
-              env:
-                  SSH_PRIVATE_KEY: ${{ secrets.SSH_PRIVATE_KEY }}
-                  HOST: ${{ secrets.LIGHTSAIL_INSTANCE_PUBLIC_IP_PROD }}
-                  PRIVATE_KEY: ${{ secrets.PRIVATE_KEY }}
-                  ETHERSCAN_L2_API_KEY: ${{ secrets.ETHERSCAN_L2_API_KEY }}
-                  SENTRY_DSN: ${{ secrets.SENTRY_DSN }}
-                  DATABASE_URL: ${{ secrets.DATABASE_URL }}
-                  RPC_URL: ${{ secrets.RPC_URL }}
-
-              run: |
-                  # Generate timestamp for deployment
-                  DEPLOY_TIME=$(date +%s)
-                  echo "DEPLOY_TIME: $DEPLOY_TIME"
-
-                  # Save SSH key and set permissions
-                  echo "$SSH_PRIVATE_KEY" > deploy_key
-                  chmod 600 deploy_key
-
-                  # Create a temp directory for deployment
-                  DEPLOY_DIR="/tmp/deploy-${DEPLOY_TIME}"
-                  mkdir -p $DEPLOY_DIR
-
-                  # Copy necessary files to temp directory
-                  echo "Preparing deployment files..."
-                  cp -r . $DEPLOY_DIR/
-
-                  # Sync files to server
-                  echo "Syncing files to server..."
-                  rsync -az --delete \
-                    --exclude='node_modules' \
-                    --exclude='.git' \
-                    --exclude='deploy_key' \
-                    --include='chain/out' \
-                    --include='chain/out/**' \
-                    -e "ssh -i deploy_key -o StrictHostKeyChecking=no" \
-                    $DEPLOY_DIR/ \
-                    ubuntu@"$HOST":/home/ubuntu/app-${DEPLOY_TIME}
-
-                  # Execute deployment on server
-                  ssh -i deploy_key -o StrictHostKeyChecking=no ubuntu@"$HOST" "
-                      sudo su && \
-                      cd /home/ubuntu/app-${DEPLOY_TIME} && \
-                      echo 'Building image on host...' && \
-                      # Source the functions
-                      source ./scripts/docker_container_utils.sh && \
-                      docker build -t ocp-prod:${DEPLOY_TIME} -f Dockerfile.prod . && \
-
-                      # Initial cleanup
-                      echo 'Cleaning up old resources...' && \
-                      docker ps -q --filter 'publish=8081' | xargs -r docker rm -f && \
-                      docker ps -q --filter 'publish=8082' | xargs -r docker rm -f && \
-                      docker container prune -f && \
-                      docker image prune -f && \
-
-                      # Start new container
-                      echo 'Starting new container...' && \
-                      CONTAINER_NAME=ocp-prod-${DEPLOY_TIME} && \
-
-                      # Run container
-                      docker run --name \$CONTAINER_NAME -d \
-                      --health-cmd='curl -f http://localhost:8080/health || exit 1' \
-                      --health-interval='2s' \
-                      --health-retries='3' \
-                      --health-timeout='5s' \
-                      --restart always \
-                      -e DOCKER_ENV='true' \
-                      -e NODE_ENV='production' \
-                      -e SENTRY_DSN='${SENTRY_DSN}' \
-                      -e DATABASE_URL='${DATABASE_URL}' \
-                      -e RPC_URL='${RPC_URL}' \
-                      -e PORT=8080 \
-                      -e PRIVATE_KEY='${PRIVATE_KEY}' \
-                      -e ETHERSCAN_L2_API_KEY='${ETHERSCAN_L2_API_KEY}' \
-                      -v '/home/ubuntu/global-bundle.pem:/global-bundle.pem' \
-                      ocp-prod:${DEPLOY_TIME} && \
-
-                      # Wait for container to be healthy
-                      wait_for_health \"\$CONTAINER_NAME\" && \
-                      if [ \$? -eq 0 ]; then
-                          handle_container_switch \"\$CONTAINER_NAME\" \"${DEPLOY_TIME}\" \"prod\"
-                      else
-                          handle_failed_deployment \"\$CONTAINER_NAME\" \"${DEPLOY_TIME}\" \"prod\"
-                      fi
-                  "
+  build:
+    name: Build, Test, and Deploy
+    environment: prod
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v2
+        with:
+          submodules: true
+          fetch-depth: 0
+
+      - name: Setup Node.js
+        uses: actions/setup-node@v3
+        with:
+          node-version: "18"
+          cache: "yarn"
+
+      - name: Cache Yarn files (manual fallback)
+        uses: actions/cache@v3
+        with:
+          path: ~/.cache/yarn
+          key: ${{ runner.os }}-yarn-${{ hashFiles('**/yarn.lock') }}
+          restore-keys: |
+            ${{ runner.os }}-yarn-
+
+      - name: Install Node Dependencies
+        run: yarn install --frozen-lockfile --network-concurrency 5 --no-progress --verbose
+
+      - name: Install Foundry
+        uses: foundry-rs/foundry-toolchain@v1
+        with:
+          version: stable
+
+      - name: Run Forge Install Script
+        run: chmod +x setup.sh && ./setup.sh
+
+      - name: Run Forge Tests
+        run: cd chain && forge test --summary
+
+      - name: Run ESLint
+        run: yarn lint:check
+
+      - name: Check Formatting
+        run: yarn format:check
+
+      - name: Deploy
+        shell: bash
+        env:
+          SSH_PRIVATE_KEY: ${{ secrets.SSH_PRIVATE_KEY }}
+          HOST: ${{ secrets.LIGHTSAIL_INSTANCE_PUBLIC_IP_PROD }}
+          PRIVATE_KEY: ${{ secrets.PRIVATE_KEY }}
+          ETHERSCAN_L2_API_KEY: ${{ secrets.ETHERSCAN_L2_API_KEY }}
+          SENTRY_DSN: ${{ secrets.SENTRY_DSN }}
+          DATABASE_URL: ${{ secrets.DATABASE_URL }}
+          RPC_URL: ${{ secrets.RPC_URL }}
+        run: |
+          DEPLOY_TIME=$(date +%s)
+          echo "DEPLOY_TIME: $DEPLOY_TIME"
+
+          echo "$SSH_PRIVATE_KEY" > deploy_key
+          chmod 600 deploy_key
+
+          DEPLOY_DIR="/tmp/deploy-${DEPLOY_TIME}"
+          mkdir -p $DEPLOY_DIR
+
+          echo "Preparing deployment files..."
+          cp -r . $DEPLOY_DIR/
+
+          echo "Syncing files to server..."
+          rsync -az --delete \
+            --exclude='node_modules' \
+            --exclude='.git' \
+            --exclude='deploy_key' \
+            --include='chain/out' \
+            --include='chain/out/**' \
+            -e "ssh -i deploy_key -o StrictHostKeyChecking=no" \
+            $DEPLOY_DIR/ \
+            ubuntu@"$HOST":/home/ubuntu/app-${DEPLOY_TIME}
+
+          ssh -i deploy_key -o StrictHostKeyChecking=no ubuntu@"$HOST" "
+            sudo su && \
+            cd /home/ubuntu/app-${DEPLOY_TIME} && \
+            echo 'Building image on host...' && \
+            source ./scripts/docker_container_utils.sh && \
+            docker build -t ocp-prod:${DEPLOY_TIME} -f Dockerfile.prod . && \
+
+            echo 'Cleaning up old resources...' && \
+            docker ps -q --filter 'publish=8081' | xargs -r docker rm -f && \
+            docker ps -q --filter 'publish=8082' | xargs -r docker rm -f && \
+            docker container prune -f && \
+            docker image prune -f && \
+
+            echo 'Starting new container...' && \
+            CONTAINER_NAME=ocp-prod-${DEPLOY_TIME} && \
+            docker run --name \$CONTAINER_NAME -d \
+              --health-cmd='curl -f http://localhost:8080/health || exit 1' \
+              --health-interval='2s' \
+              --health-retries='3' \
+              --health-timeout='5s' \
+              --restart always \
+              -e DOCKER_ENV='true' \
+              -e NODE_ENV='production' \
+              -e SENTRY_DSN='${SENTRY_DSN}' \
+              -e DATABASE_URL='${DATABASE_URL}' \
+              -e RPC_URL='${RPC_URL}' \
+              -e PORT=8080 \
+              -e PRIVATE_KEY='${PRIVATE_KEY}' \
+              -e ETHERSCAN_L2_API_KEY='${ETHERSCAN_L2_API_KEY}' \
+              -v '/home/ubuntu/global-bundle.pem:/global-bundle.pem' \
+              ocp-prod:${DEPLOY_TIME} && \
+
+            wait_for_health \"\$CONTAINER_NAME\" && \
+            if [ \$? -eq 0 ]; then
+              handle_container_switch \"\$CONTAINER_NAME\" \"${DEPLOY_TIME}\" \"prod\"
+            else
+              handle_failed_deployment \"\$CONTAINER_NAME\" \"${DEPLOY_TIME}\" \"prod\"
+            fi
+          "
