Merge pull request #19 from TickLabVN:hotfix/change-config-to-hard-code #4
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
on: | |
push: | |
branches: | |
- staging | |
permissions: | |
contents: write | |
pull-requests: write | |
packages: write | |
env: | |
REGISTRY: ${{vars.REGISTRY_NAME}} | |
IMAGE_NAME: ticklabvn/ssps-be | |
CD_USERNAME: ${{github.actor}} | |
name: Release and deploy | |
jobs: | |
build: | |
name: Build | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v3 | |
name: Checkout repository | |
- name: Set up QEMU | |
uses: docker/setup-qemu-action@v2 | |
- name: Setup Docker buildx | |
uses: docker/setup-buildx-action@v2 | |
with: | |
version: v0.9.1 | |
- name: Log into registry ${{ env.REGISTRY }} | |
uses: docker/login-action@v2 | |
with: | |
registry: ${{ env.REGISTRY }} | |
username: ${{ env.CD_USERNAME }} | |
password: ${{ secrets.REGISTRY_TOKEN }} | |
- name: Build and push | |
uses: docker/build-push-action@v3 | |
with: | |
context: . | |
push: true | |
tags: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} | |
deploy: | |
name: Deploy | |
runs-on: ubuntu-latest | |
needs: [build] | |
env: | |
POSTGRES_URL: postgresql://${{ secrets.POSTGRES_USER }}:${{ secrets.POSTGRES_PASSWORD }}@postgres:5432/${{ secrets.POSTGRES_DB }}?schema=public | |
steps: | |
- name: Deploy | |
uses: appleboy/ssh-action@master | |
with: | |
host: ${{ secrets.VPS_HOST }} | |
port: ${{ secrets.VPS_PORT }} | |
username: ${{ secrets.VPS_USERNAME }} | |
password: ${{ secrets.VPS_PASSWORD }} | |
script: | | |
export CR_PAT=${{ secrets.REGISTRY_TOKEN }} | |
echo $CR_PAT | docker login ${{ env.REGISTRY }} -u ${{ env.CD_USERNAME }} --password-stdin | |
docker pull ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} | |
mkdir -p $HOME/ssps-be && cd $HOME/ssps-be | |
rm -f .env | |
echo POSTGRES_USER=${{ secrets.POSTGRES_USER }} >> .env | |
echo POSTGRES_PASSWORD=${{ secrets.POSTGRES_PASSWORD }} >> .env | |
echo POSTGRES_DB=${{ secrets.POSTGRES_DB }} >> .env | |
echo POSTGRES_URL=${{ env.POSTGRES_URL }} >> .env | |
echo CORS_WHITE_LIST=${{ secrets.CORS_WHITE_LIST }} >> .env | |
echo COOKIE_SECRET=${{ secrets.COOKIE_SECRET }} >> .env | |
echo JWT_SECRET=${{ secrets.JWT_SECRET }} >> .env | |
echo MINIO_URL=${{ secrets.MINIO_URL }} >> .env | |
echo MINIO_SERVER_ENDPOINT=${{ secrets.MINIO_SERVER_ENDPOINT }} >> .env | |
echo MINIO_PORT=${{ secrets.MINIO_PORT }} >> .env | |
echo MINIO_ACCESS_KEY=${{ secrets.MINIO_ACCESS_KEY }} >> .env | |
echo MINIO_SECRET_KEY=${{ secrets.MINIO_SECRET_KEY }} >> .env | |
echo MINIO_BUCKET_NAME=${{ secrets.MINIO_BUCKET_NAME }} >> .env | |
echo CHECKOUT_ENVIRONMENT=${{ vars.CHECKOUT_ENVIRONMENT }} >> .env | |
echo PAYPAL_LIVE_ENDPOINT=${{ vars.PAYPAL_LIVE_ENDPOINT }} >> .env | |
echo PAYPAL_SANDBOX_ENDPOINT=${{ vars.PAYPAL_SANDBOX_ENDPOINT }} >> .env | |
echo PAYPAL_CLIENT_ID=${{ secrets.PAYPAL_CLIENT_ID }} >> .env | |
echo PAYPAL_CLIENT_SECRET=${{ secrets.PAYPAL_CLIENT_SECRET }} >> .env | |
curl -s ${{secrets.DOCKER_COMPOSE_RAW_FILE_URL}} -O -f | |
docker compose stop ${{vars.DOCKER_COMPOSE_DEPLOY_SERVICE_NAME}} | |
docker compose down --volumes --remove-orphans | |
docker compose rm -f ${{vars.DOCKER_COMPOSE_DEPLOY_SERVICE_NAME}} | |
docker compose up -d ${{vars.DOCKER_COMPOSE_DEPLOY_SERVICE_NAME}} | |
docker exec -it $(docker ps --filter "ancestor=${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:latest" -q) /bin/sh -c "npx prisma seed" | |
docker logout ${{ env.REGISTRY }} | |