From 8fd3c62474e739e5fb8b463b852961146e401a0a Mon Sep 17 00:00:00 2001 From: quannhg Date: Sun, 29 Oct 2023 09:06:35 +0700 Subject: [PATCH] feat(workflows): split cd for deploy of development and product --- .github/workflows/dev-deploy.yml | 90 ++++++++++++++++++++++++++++++++ .github/workflows/release.yml | 2 +- 2 files changed, 91 insertions(+), 1 deletion(-) create mode 100644 .github/workflows/dev-deploy.yml diff --git a/.github/workflows/dev-deploy.yml b/.github/workflows/dev-deploy.yml new file mode 100644 index 0000000..9493f0a --- /dev/null +++ b/.github/workflows/dev-deploy.yml @@ -0,0 +1,90 @@ +on: + push: + branches: + - staging + +permissions: + contents: write + pull-requests: write + packages: write + +env: + REGISTRY: ${{vars.REGISTRY_NAME}} + IMAGE_NAME: ticklabvn/ssps-be + CD_USERNAME: ${{github.actor}} + +name: Release and deploy + +jobs: + build: + name: Build + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v3 + name: Checkout repository + + - name: Set up QEMU + uses: docker/setup-qemu-action@v2 + + - name: Setup Docker buildx + uses: docker/setup-buildx-action@v2 + with: + version: v0.9.1 + + - name: Log into registry ${{ env.REGISTRY }} + uses: docker/login-action@v2 + with: + registry: ${{ env.REGISTRY }} + username: ${{ env.CD_USERNAME }} + password: ${{ secrets.REGISTRY_TOKEN }} + + - name: Build and push + uses: docker/build-push-action@v3 + with: + context: . + push: true + tags: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} + + deploy: + name: Deploy + runs-on: ubuntu-latest + needs: [build] + env: + POSTGRES_URL: postgresql://${{ secrets.POSTGRES_USER }}:${{ secrets.POSTGRES_PASSWORD }}@postgres:5432/${{ secrets.POSTGRES_DB }}?schema=public + steps: + - name: Deploy + uses: appleboy/ssh-action@master + with: + host: ${{ secrets.VPS_HOST }} + port: ${{ secrets.VPS_PORT }} + username: ${{ secrets.VPS_USERNAME }} + password: ${{ secrets.VPS_PASSWORD }} + + script: | + export CR_PAT=${{ secrets.REGISTRY_TOKEN }} + echo $CR_PAT | docker login ${{ env.REGISTRY }} -u ${{ env.CD_USERNAME }} --password-stdin + docker pull ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} + + mkdir -p $HOME/ssps-be && cd $HOME/ssps-be + rm -f .env + echo POSTGRES_USER=${{ secrets.POSTGRES_USER }} >> .env + echo POSTGRES_PASSWORD=${{ secrets.POSTGRES_PASSWORD }} >> .env + echo POSTGRES_DB=${{ secrets.POSTGRES_DB }} >> .env + echo POSTGRES_URL=${{ env.POSTGRES_URL }} >> .env + echo CORS_WHITE_LIST=${{ secrets.CORS_WHITE_LIST }} >> .env + echo COOKIE_SECRET=${{ secrets.COOKIE_SECRET }} >> .env + echo JWT_SECRET=${{ secrets.JWT_SECRET }} >> .env + echo MINIO_URL=${{ secrets.MINIO_URL }} >> .env + echo MINIO_SERVER_ENDPOINT=${{ secrets.MINIO_SERVER_ENDPOINT }} >> .env + echo MINIO_PORT=${{ secrets.MINIO_PORT }} >> .env + echo MINIO_ACCESS_KEY=${{ secrets.MINIO_ACCESS_KEY }} >> .env + echo MINIO_SECRET_KEY=${{ secrets.MINIO_SECRET_KEY }} >> .env + echo MINIO_BUCKET_NAME=${{ secrets.MINIO_BUCKET_NAME }} >> .env + curl -s ${{secrets.DOCKER_COMPOSE_RAW_FILE_URL}} -O -f + docker compose stop ${{vars.DOCKER_COMPOSE_DEPLOY_SERVICE_NAME}} + docker compose down --volumes --remove-orphans + docker compose rm -f ${{vars.DOCKER_COMPOSE_DEPLOY_SERVICE_NAME}} + docker compose up -d ${{vars.DOCKER_COMPOSE_DEPLOY_SERVICE_NAME}} + + docker logout ${{ env.REGISTRY }} + diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index c326334..8c7e8ec 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -1,7 +1,7 @@ on: push: branches: - - staging + - main permissions: contents: write