feat: update sync server action#2030
Conversation
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
| needs: build-and-push | ||
| if: ${{ github.repository == 'web3infra-foundation/mega' }} | ||
| runs-on: ubuntu-latest | ||
| strategy: | ||
| matrix: | ||
| include: | ||
| - cluster: gitmega-com | ||
| service: mega-web-sync-server-dev-service-v3hdlyk8 | ||
| # TODO: update service name to actual gitmono sync server ECS service | ||
| - cluster: gitmono-com-mega-app | ||
| service: mega-web-sync-service | ||
| steps: | ||
| - name: Force ECS redeploy | ||
| run: | | ||
| aws ecs update-service \ | ||
| --cluster gitmega-com \ | ||
| --service mega-web-sync-server-dev-service-v3hdlyk8 \ | ||
| --cluster ${{ matrix.cluster }} \ | ||
| --service ${{ matrix.service }} \ | ||
| --force-new-deployment | ||
| env: | ||
| AWS_REGION: ap-southeast-2 | ||
| AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} | ||
| AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | ||
|
|
||
| deploy-gcp: |
Check warning
Code scanning / CodeQL
Workflow does not contain permissions Medium
| needs: build-and-push | ||
| if: ${{ github.repository == 'web3infra-foundation/mega' }} | ||
| runs-on: ubuntu-latest | ||
| steps: | ||
| - name: Auth to GCP | ||
| uses: google-github-actions/auth@v2 | ||
| with: | ||
| credentials_json: ${{ secrets.GCP_SA_KEY }} | ||
|
|
||
| - name: Deploy to Cloud Run (force new revision) | ||
| env: | ||
| REGION: asia-east1 | ||
| SERVICE_NAME: buck2hub-notesync | ||
| run: | | ||
| set -euo pipefail | ||
|
|
||
| IMAGE=$(gcloud run services describe "$SERVICE_NAME" \ | ||
| --project "$GCP_PROJECT_ID" \ | ||
| --region "$REGION" \ | ||
| --format="value(spec.template.spec.containers[0].image)") | ||
|
|
||
| echo "Current image: $IMAGE" | ||
|
|
||
| gcloud run deploy "$SERVICE_NAME" \ | ||
| --image "$IMAGE" \ | ||
| --region "$REGION" \ | ||
| --project "$GCP_PROJECT_ID" \ | ||
| --quiet |
Check warning
Code scanning / CodeQL
Workflow does not contain permissions Medium
![chatgpt-codex-connector[bot]](https://avatars.githubusercontent.com/in/1144995?s=60&v=4){kind=small}
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: a49d99ed1e
ℹ️ About Codex in GitHub
Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".
| export const API_URL = process.env.API_URL || 'https://api.gitmega.com' | ||
|
|
||
| // Server Configuration | ||
| export const API_URL = process.env.API_URL |
There was a problem hiding this comment.
API_URL is now exported directly from process.env.API_URL without any fallback, while this commit also removes the checked-in sync-server .env.* files; in any environment where API_URL is not explicitly injected, the generated client will run with an empty base URL and issue relative fetches, which breaks sync/auth requests at runtime in Node. Please keep a safe default or fail fast during startup when API_URL is missing.
Useful? React with 👍 / 👎.
| # TODO: update service name to actual gitmono sync server ECS service | ||
| - cluster: gitmono-com-mega-app | ||
| service: mega-web-sync-service |
There was a problem hiding this comment.
The matrix includes a TODO stating the gitmono service name is not the actual one, but aws ecs update-service is executed unconditionally for that entry; if this placeholder does not match a real ECS service, the gitmono matrix leg fails and the deploy-aws job is marked failed on every run. This should be updated to the real service name before merging.
Useful? React with 👍 / 👎.
c8b6c00
There was a problem hiding this comment.
Pull request overview
Updates the sync-server configuration and its deployment workflow, simplifying local env loading while expanding the GitHub Actions pipeline to publish images to both AWS ECR Public and GCP Artifact Registry.
Changes:
- Simplify
sync-serverenv loading to only use.env.localin non-production, and makeAPI_URLcome directly from runtime environment. - Remove committed
.env.*files for sync-server. - Update
web-sync-server-deployworkflow to build once and push to both AWS + GCP, then trigger AWS ECS and GCP Cloud Run redeploys.
Reviewed changes
Copilot reviewed 9 out of 9 changed files in this pull request and generated 2 comments.
Show a summary per file
| File | Description |
|---|---|
moon/apps/sync-server/src/config.ts |
Simplifies dotenv loading and changes how API_URL is sourced. |
moon/apps/sync-server/.env.staging-nju |
Removes committed environment config. |
moon/apps/sync-server/.env.staging |
Removes committed environment config. |
moon/apps/sync-server/.env.openatom |
Removes committed environment config. |
moon/apps/sync-server/.env.gitmono |
Removes committed environment config. |
moon/apps/sync-server/.env.example |
Removes example env template. |
moon/apps/sync-server/.env.demo |
Removes committed environment config. |
moon/apps/sync-server/.env.buck2hub |
Removes committed environment config. |
.github/workflows/web-sync-server-deploy.yml |
Builds and pushes the sync-server image to AWS + GCP and triggers redeploys. |
| - name: Configure docker for GCP | ||
| run: gcloud auth configure-docker us-central1-docker.pkg.dev | ||
|
|
||
| - name: Build, tag, and push docker image to Amazon ECR Public |
| export const API_URL = process.env.API_URL || 'https://api.gitmega.com' | ||
|
|
||
| // Server Configuration | ||
| export const API_URL = process.env.API_URL |
No description provided.