Skip to content

chore(master): release 1.87.0 (#940) #979

chore(master): release 1.87.0 (#940)

chore(master): release 1.87.0 (#940) #979

Workflow file for this run

name: Deploy project
on:
push:
branches:
- master
- deploy-*
tags:
- v*.*.*
# Note on secrets used for connection
# They are configured as environment secrets
# HOST is the internal ip of VM containing docker
# PROXY_HOST is the host of VMs
# USERNAME is the user used for operations
# SSH_PRIVATE_KEY is the private key (shared between VM and host)
jobs:
deploy:
runs-on: ubuntu-latest
strategy:
matrix:
env:
# Note: env is also the name of the directory on the server
- ${{ startsWith(github.ref, 'refs/tags/v') && 'open-prices-org' || 'open-prices-net' }}
environment: ${{ matrix.env }}
concurrency: ${{ matrix.env }}
steps:
- uses: actions/checkout@v4
- uses: actions/setup-node@v4
with:
node-version: 20
cache: "yarn"
- name: Install dependencies
run: yarn install --immutable
- name: Build (staging)
run: |
yarn build-staging
if: matrix.env == 'open-prices-net'
- name: Build (prod)
run: |
yarn build-prod
if: matrix.env == 'open-prices-org'
# Deploy
- name: Set common variables
run: |
# We use the prod oauth server for all environments
echo "SSH_PROXY_HOST=ovh1.openfoodfacts.org" >> $GITHUB_ENV
echo "SSH_USERNAME=off" >> $GITHUB_ENV
- name: Set various variable for staging (net) deployment
if: matrix.env == 'open-prices-net'
run: |
echo "SSH_HOST=10.1.0.200" >> $GITHUB_ENV
- name: Set various variable for production deployment
if: matrix.env == 'open-prices-org'
run: |
echo "SSH_HOST=10.1.0.201" >> $GITHUB_ENV
- name: Copy dist via scp
uses: appleboy/scp-action@master
with:
host: ${{ env.SSH_HOST }}
username: ${{ env.SSH_USERNAME }}
key: ${{ secrets.SSH_PRIVATE_KEY }}
proxy_host: ${{ env.SSH_PROXY_HOST }}
proxy_username: ${{ env.SSH_USERNAME }}
proxy_key: ${{ secrets.SSH_PRIVATE_KEY }}
source: "dist"
target: "/home/${{ env.SSH_USERNAME }}/${{ matrix.env }}/www"
rm: true
strip_components: 1
# We need to restart nginx to prevent permission issues after deploying
# front-end code directly by untarring it in the www directory.
# This is a workaround, we should use a better solution in the long-term
- name: Restart nginx
uses: appleboy/ssh-action@master
with:
host: ${{ env.SSH_HOST }}
username: ${{ env.SSH_USERNAME }}
key: ${{ secrets.SSH_PRIVATE_KEY }}
proxy_host: ${{ env.SSH_PROXY_HOST }}
proxy_username: ${{ env.SSH_USERNAME }}
proxy_key: ${{ secrets.SSH_PRIVATE_KEY }}
script: |
cd ${{ matrix.env }} && docker compose restart nginx