task1_attempt1 #56
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Prod backend build and deploy | |
on: | |
pull_request: | |
branches: | |
- master | |
types: [ closed ] | |
env: | |
REGISTRY: ghcr.io | |
REP_OWNER: studio-yandex-practicum | |
IMAGE_NAME: lomaya_baryery_backend | |
DEPLOY_PATH: /lombarye/full | |
WORK_DIR: /LOMAYA_BARYERY_BACKEND | |
HEALTHCHECK_URL: https://lombaryery.tk/healthcheck | |
defaults: | |
run: | |
working-directory: . | |
jobs: | |
build_and_push_docker_image: | |
name: Push Docker image to GitHub Packages | |
if: github.event.pull_request.merged == true | |
runs-on: ubuntu-latest | |
environment: | |
name: prod_deploy | |
steps: | |
- name: Check out the repo | |
uses: actions/checkout@v2 | |
- name: Docker login | |
uses: docker/login-action@v1 | |
with: | |
registry: ${{ env.REGISTRY }} | |
username: ${{ github.actor }} | |
password: ${{ secrets.GITHUB_TOKEN }} | |
- name: Build and push | |
uses: docker/build-push-action@v2 | |
with: | |
context: . | |
file: Dockerfile | |
labels: runnumber=${GITHUB_RUN_ID} | |
push: true | |
tags: | | |
${{ env.REGISTRY }}/${{ env.REP_OWNER }}/${{ env.IMAGE_NAME }}:prod, | |
${{ env.REGISTRY }}/${{ env.REP_OWNER }}/${{ env.IMAGE_NAME }}:${{ github.sha }} | |
start_application: | |
name: Start application | |
if: github.event.pull_request.merged == true | |
runs-on: ubuntu-latest | |
needs: build_and_push_docker_image | |
environment: | |
name: prod_deploy | |
steps: | |
- name: Check out repository | |
uses: actions/checkout@v2 | |
- name: Copy docker-compose and nginx files | |
uses: appleboy/scp-action@master | |
with: | |
host: ${{ secrets.HOST }} | |
username: ${{ secrets.SSH_USERNAME }} | |
key: ${{ secrets.SSH_KEY }} | |
source: "docker-compose.prod.yaml,nginx/default.prod.conf" | |
target: ${{ env.DEPLOY_PATH }} | |
- name: Create .env file | |
uses: appleboy/ssh-action@master | |
with: | |
host: ${{ secrets.HOST }} | |
username: ${{ secrets.SSH_USERNAME }} | |
key: ${{ secrets.SSH_KEY }} | |
script: | | |
cd ${{ env.DEPLOY_PATH }} | |
mv docker-compose.prod.yaml docker-compose.yaml | |
mv nginx/default.prod.conf nginx/default.conf | |
rm -f .env | |
touch .env | |
echo POSTGRES_DB=${{ secrets.POSTGRES_DB }} >> .env | |
echo POSTGRES_USER=${{ secrets.POSTGRES_USER }} >> .env | |
echo POSTGRES_PASSWORD=${{ secrets.POSTGRES_PASSWORD }} >> .env | |
echo DB_HOST=${{ secrets.DB_HOST }} >> .env | |
echo DB_PORT=${{ secrets.DB_PORT }} >> .env | |
echo BOT_TOKEN=${{ secrets.TELEGRAM_BOT_TOKEN }} >> .env | |
echo BOT_WEBHOOK_MODE=${{ secrets.BOT_WEBHOOK_MODE }} >> .env | |
echo APPLICATION_URL=${{ secrets.APPLICATION_URL }} >> .env | |
echo HEALTHCHECK_API_URL=${{ secrets.HEALTHCHECK_API_URL }} >> .env | |
echo MAIL_LOGIN=${{ secrets.MAIL_LOGIN }} >> .env | |
echo MAIL_PASSWORD=${{ secrets.MAIL_PASSWORD }} >> .env | |
echo ORGANIZATIONS_EMAIL=${{ secrets.ORGANIZATIONS_EMAIL }} >> .env | |
echo SECRET_KEY=${{ secrets.SECRET_KEY }} >> .env | |
echo ROOT_PATH=${{ secrets.ROOT_PATH }} >> .env | |
echo TZ=${{ secrets.TZ }} >> .env | |
echo DEBUG=${{ secrets.DEBUG }} >> .env | |
- name: Start application | |
uses: appleboy/ssh-action@master | |
with: | |
host: ${{ secrets.HOST }} | |
username: ${{ secrets.SSH_USERNAME }} | |
key: ${{ secrets.SSH_KEY }} | |
script: | | |
cd ${{ env.DEPLOY_PATH }} | |
docker image prune -f | |
docker pull ${{ env.REGISTRY }}/${{ env.REP_OWNER }}/${{ env.IMAGE_NAME }}:prod | |
docker-compose --file docker-compose.yaml stop | |
docker-compose --file docker-compose.yaml rm backend | |
docker-compose --file docker-compose.yaml up -d | |
- name: Making migrations | |
uses: appleboy/ssh-action@master | |
with: | |
host: ${{ secrets.HOST }} | |
username: ${{ secrets.SSH_USERNAME }} | |
key: ${{ secrets.SSH_KEY }} | |
script: | | |
cd ${{ env.DEPLOY_PATH }} | |
docker-compose exec -T -w ${{ env.WORK_DIR }} backend alembic upgrade head | |
- name: Sleep for 30 seconds | |
run: sleep 30s | |
shell: bash | |
- name: Get the status of healthcheck | |
uses: im-open/[email protected] | |
with: | |
url: ${{ env.HEALTHCHECK_URL }} | |
fail-on-bad-status: true |