-
Notifications
You must be signed in to change notification settings - Fork 2
110 lines (103 loc) · 3.94 KB
/
deploy.yml
File metadata and controls
110 lines (103 loc) · 3.94 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
name: Deploy
on:
push:
branches: [main]
jobs:
terraform-and-web:
name: Terraform & Web
if: github.repository_owner == 'Axedyson'
runs-on: ubuntu-latest
outputs:
ipv4_address: ${{ steps.ipv4_address_output.outputs.ipv4_address }}
steps:
- name: Check out repository code
uses: actions/checkout@v3
- name: Setup Terraform
uses: hashicorp/setup-terraform@v2
with:
terraform_wrapper: false
cli_config_credentials_token: ${{ secrets.TF_API_TOKEN }}
- name: Setup SSH agent
uses: webfactory/ssh-agent@v0.7.0
with:
ssh-private-key: ${{ secrets.DO_PVT_SSH_KEY }}
- name: Terraform Init
run: terraform init
- name: Terraform Apply
run: terraform apply -auto-approve -lock-timeout=5h
env:
DIGITALOCEAN_TOKEN: ${{ secrets.DIGITALOCEAN_TOKEN }}
VERCEL_API_TOKEN: ${{ secrets.VERCEL_API_TOKEN }}
TF_VAR_SESSION_SECRET: ${{ secrets.SESSION_SECRET }}
- name: Output ipv4_address of droplet
id: ipv4_address_output
run: echo "ipv4_address=$(terraform output -raw ipv4_address)" >> $GITHUB_OUTPUT
build-server-image:
name: Build Server Image
if: github.repository_owner == 'Axedyson'
runs-on: ubuntu-latest
permissions:
contents: read
packages: write
env:
REGISTRY: ghcr.io
outputs:
image: ${{ steps.docker-image-name-output.outputs.image }}
changes: ${{ steps.changes.outputs.server }}
steps:
- name: Check out repository code
uses: actions/checkout@v3
- name: Check for changed server files
uses: dorny/paths-filter@v2
id: changes
with:
filters: |
server:
- 'yarn.lock'
- 'packages/server/package.json'
- 'packages/server/tsconfig.json'
- 'packages/server/src/**'
- 'packages/server/Dockerfile'
- name: Log in to the container registry
if: steps.changes.outputs.server == 'true'
uses: docker/login-action@v2
with:
registry: ${{ env.REGISTRY }}
username: $GITHUB_REPOSITORY_OWNER
password: ${{ secrets.GITHUB_TOKEN }}
- name: Set up Docker Buildx
if: steps.changes.outputs.server == 'true'
uses: docker/setup-buildx-action@v2
- name: Lowercase github.repository environment variable for docker
if: steps.changes.outputs.server == 'true'
id: gh_repo_lc
uses: ASzc/change-string-case-action@v4
with:
string: ${{ github.repository }}
- name: Build and push docker image
if: steps.changes.outputs.server == 'true'
id: docker-build
uses: docker/build-push-action@v3
with:
push: true
file: packages/server/Dockerfile
tags: ${{ env.REGISTRY }}/${{ steps.gh_repo_lc.outputs.lowercase }}-server:latest
cache-from: type=registry,ref=${{ env.REGISTRY }}/${{ steps.gh_repo_lc.outputs.lowercase }}-server:buildcache
cache-to: type=registry,ref=${{ env.REGISTRY }}/${{ steps.gh_repo_lc.outputs.lowercase }}-server:buildcache,mode=max
- name: Output docker image name
if: steps.changes.outputs.server == 'true'
id: docker-image-name-output
run: echo "image=${{ env.REGISTRY }}/${{ steps.gh_repo_lc.outputs.lowercase }}-server@${{ steps.docker-build.outputs.digest }}" >> $GITHUB_OUTPUT
deploy-server-image:
name: Server Image
if: needs.build-server-image.outputs.changes == 'true'
runs-on: ubuntu-latest
needs: [terraform-and-web, build-server-image]
steps:
- name: Deploy docker server image
uses: appleboy/ssh-action@master
with:
host: ${{ needs.terraform-and-web.outputs.ipv4_address }}
username: root
key: ${{ secrets.DO_PVT_SSH_KEY }}
script: dokku git:from-image server ${{ needs.build-server-image.outputs.image }}