Deploy server image #43
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| name: Deploy server image | |
| on: | |
| workflow_dispatch: | |
| inputs: | |
| env: | |
| description: "Deployment environment" | |
| required: true | |
| default: "staging" | |
| jobs: | |
| validate: | |
| runs-on: ubuntu-latest | |
| outputs: | |
| env: ${{ steps.setenv.outputs.env }} | |
| steps: | |
| - name: Validate environment | |
| id: setenv | |
| run: | | |
| if [[ "${{ github.event.inputs.env }}" != "prod" && "${{ github.event.inputs.env }}" != "staging" ]]; then | |
| echo "Error: Invalid environment specified. Can only be 'prod' or 'staging'." | |
| exit 1 | |
| fi | |
| deploy_to_server: | |
| needs: validate | |
| runs-on: ubuntu-latest | |
| environment: ${{ github.event.inputs.env }} | |
| steps: | |
| - name: Setup SSH | |
| run: | | |
| mkdir -p ~/.ssh | |
| echo "${{ secrets.SSH_PRIVATE_KEY }}" > ~/.ssh/private_key.pem | |
| chmod 600 ~/.ssh/private_key.pem | |
| ssh-keyscan -H ${{ secrets.SERVER_HOST }} >> ~/.ssh/known_hosts | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Copy docker compose files | |
| run: | | |
| scp -i ~/.ssh/private_key.pem -r ./docker/* ${{ secrets.SERVER_USER }}@${{ secrets.SERVER_HOST }}:/home/${{ secrets.SERVER_USER }}/track/ | |
| echo "creating alias script" | |
| ssh -i ~/.ssh/private_key.pem ${{ secrets.SERVER_USER }}@${{ secrets.SERVER_HOST }} <<"ENDSSH" | |
| echo "dc() {" > track/alias | |
| echo " APP_ENV=${{ vars.APP_ENV }} HOST_PORT=${{ vars.HOST_PORT }} POSTGRES_PASSWORD=${{ secrets.POSTGRES_PASSWORD }} docker compose -f track/base.yml -f track/prod.yml \"\$@\"" >> track/alias | |
| echo "}" >> track/alias | |
| chmod +x track/alias | |
| ENDSSH | |
| echo "created alias script" | |
| # - id: "auth" | |
| # uses: "google-github-actions/auth@v1" | |
| # with: | |
| # credentials_json: "${{ secrets.GCP_SA_KEY }}" | |
| # - name: "Set up Cloud SDK" | |
| # uses: "google-github-actions/setup-gcloud@v1" | |
| # - name: Configure Docker to use Google Artifact Registry | |
| # run: gcloud auth configure-docker us-central1-docker.pkg.dev | |
| - name: Prepare and Deploy | |
| run: | | |
| cat <<EOM >/tmp/gcp-sa-key.json | |
| ${{ secrets.GCP_SA_KEY }} | |
| EOM | |
| scp -i ~/.ssh/private_key.pem /tmp/gcp-sa-key.json ${{ secrets.SERVER_USER }}@${{ secrets.SERVER_HOST }}:/tmp/gcp-sa-key.json | |
| ssh -i ~/.ssh/private_key.pem ${{ secrets.SERVER_USER }}@${{ secrets.SERVER_HOST }} <<"ENDSSH" | |
| gcloud auth activate-service-account --key-file=/tmp/gcp-sa-key.json | |
| gcloud auth configure-docker us-central1-docker.pkg.dev | |
| rm /tmp/gcp-sa-key.json | |
| export APP_ENV=${{ vars.APP_ENV }} | |
| export HOST_PORT=${{ vars.HOST_PORT }} | |
| export POSTGRES_PASSWORD=${{ secrets.POSTGRES_PASSWORD }} | |
| docker compose -f track/base.yml -f track/prod.yml pull | |
| docker compose -f track/base.yml -f track/prod.yml down | |
| docker compose -f track/base.yml -f track/prod.yml up -d | |
| echo "Status:" | |
| docker compose -f track/base.yml -f track/prod.yml ps | |
| ENDSSH |