-
Notifications
You must be signed in to change notification settings - Fork 3
121 lines (114 loc) · 4.11 KB
/
Copy pathdeploy-workers.yml
File metadata and controls
121 lines (114 loc) · 4.11 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
name: Deploy Workers
# Fully automated production deploy. Runs after "Static Checks" succeeds on main —
# no manual step required. `workflow_dispatch` is kept only as a manual fallback.
# This deploys the all-Cloudflare backend worker chain (gateway → agent → webhooks
# → preview-proxy). The web frontend is NOT deployed here: it lives on a Vercel
# project that auto-deploys via Vercel's GitHub integration on push to main.
on:
workflow_run:
workflows: ["Static Checks"]
types: [completed]
workflow_dispatch: {}
permissions:
contents: read
concurrency:
group: production-deploy
cancel-in-progress: false
jobs:
# Gateway MUST deploy first: it DEFINES the QuotaTracker Durable Object that the
# agent worker cross-script binds to (CF requires the defining script to exist
# before a consumer can bind its class). Gateway's own service binding to
# cheatcode-agent resolves lazily, so gateway-first has no chicken-and-egg.
deploy-gateway:
# Only on a successful Static Checks run on main, or a manual dispatch.
if: ${{ github.event_name == 'workflow_dispatch' || (github.event.workflow_run.conclusion == 'success' && github.event.workflow_run.head_branch == 'main') }}
runs-on: ubuntu-latest
environment: production
steps:
- uses: actions/checkout@v4
with:
ref: ${{ github.event.workflow_run.head_sha || github.sha }}
- uses: pnpm/action-setup@v4
with:
version: 10.33.2
- uses: actions/setup-node@v4
with:
node-version: 22
cache: pnpm
- run: pnpm install --frozen-lockfile
- run: pnpm turbo build --filter=@cheatcode/gateway-worker
- uses: cloudflare/wrangler-action@v3
with:
apiToken: ${{ secrets.CLOUDFLARE_API_TOKEN }}
accountId: ${{ secrets.CLOUDFLARE_ACCOUNT_ID }}
workingDirectory: apps/gateway-worker
command: deploy
deploy-agent:
needs: deploy-gateway
runs-on: ubuntu-latest
environment: production
steps:
- uses: actions/checkout@v4
with:
ref: ${{ github.event.workflow_run.head_sha || github.sha }}
- uses: pnpm/action-setup@v4
with:
version: 10.33.2
- uses: actions/setup-node@v4
with:
node-version: 22
cache: pnpm
- run: pnpm install --frozen-lockfile
- run: pnpm turbo build --filter=@cheatcode/agent-worker
- uses: cloudflare/wrangler-action@v3
with:
apiToken: ${{ secrets.CLOUDFLARE_API_TOKEN }}
accountId: ${{ secrets.CLOUDFLARE_ACCOUNT_ID }}
workingDirectory: apps/agent-worker
command: deploy
deploy-webhooks:
needs: deploy-agent
runs-on: ubuntu-latest
environment: production
steps:
- uses: actions/checkout@v4
with:
ref: ${{ github.event.workflow_run.head_sha || github.sha }}
- uses: pnpm/action-setup@v4
with:
version: 10.33.2
- uses: actions/setup-node@v4
with:
node-version: 22
cache: pnpm
- run: pnpm install --frozen-lockfile
- run: pnpm turbo build --filter=@cheatcode/webhooks-worker
- uses: cloudflare/wrangler-action@v3
with:
apiToken: ${{ secrets.CLOUDFLARE_API_TOKEN }}
accountId: ${{ secrets.CLOUDFLARE_ACCOUNT_ID }}
workingDirectory: apps/webhooks-worker
command: deploy
deploy-preview-proxy:
needs: deploy-webhooks
runs-on: ubuntu-latest
environment: production
steps:
- uses: actions/checkout@v4
with:
ref: ${{ github.event.workflow_run.head_sha || github.sha }}
- uses: pnpm/action-setup@v4
with:
version: 10.33.2
- uses: actions/setup-node@v4
with:
node-version: 22
cache: pnpm
- run: pnpm install --frozen-lockfile
- run: pnpm turbo build --filter=@cheatcode/preview-proxy
- uses: cloudflare/wrangler-action@v3
with:
apiToken: ${{ secrets.CLOUDFLARE_API_TOKEN }}
accountId: ${{ secrets.CLOUDFLARE_ACCOUNT_ID }}
workingDirectory: apps/preview-proxy
command: deploy