-
Notifications
You must be signed in to change notification settings - Fork 1
96 lines (84 loc) · 4.32 KB
/
build-and-push-test.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
name: Build docker images and push to GHCR
on:
workflow_dispatch:
push:
branches:
- main
concurrency: build-and-deploy
permissions:
contents: read
packages: write
env:
env_var: ${{ vars.ENV_CONTEXT_VAR }}
REGISTRY: ghcr.io
TAG_NAME: latest
FRONTEND_CACHE_IMAGE_NAME: frontend_buildcache
BACKEND_CACHE_IMAGE_NAME: backend_buildcache
jobs:
build-and-push:
name: Build test image and push it to registry
timeout-minutes: 10
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: Export lowercase image names
shell: bash
run: |
: "${{ env.REGISTRY }}/${{ github.repository }}_frontend:latest"
echo "FRONTEND_IMAGE_TAG=${_,,}" | tee -a $GITHUB_ENV
: "${{ env.REGISTRY }}/${{ github.repository }}_backend:latest"
echo "BACKEND_IMAGE_TAG=${_,,}" | tee -a $GITHUB_ENV
: "${{ env.REGISTRY }}/${{ github.repository }}/${{ env.FRONTEND_CACHE_IMAGE_NAME }}:latest"
echo "FRONTEND_CACHE_IMAGE_TAG=${_,,}" | tee -a $GITHUB_ENV
: "${{ env.REGISTRY }}/${{ github.repository }}/${{ env.BACKEND_CACHE_IMAGE_NAME }}:latest"
echo "BACKEND_CACHE_IMAGE_TAG=${_,,}" | tee -a $GITHUB_ENV
- name: Login to GHCR
uses: docker/login-action@v2
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Set up Docker Buildx
id: buildx
uses: docker/setup-buildx-action@v2
- name: Build and push frontend docker image
uses: docker/build-push-action@v3
with:
builder: ${{ steps.buildx.outputs.name }}
context: ./
file: ./frontend/Dockerfile
tags: "${{ env.FRONTEND_IMAGE_TAG }}"
push: true
cache-from: type=registry,ref=${{ env.FRONTEND_CACHE_IMAGE_TAG }}
cache-to: type=registry,ref=${{ env.FRONTEND_CACHE_IMAGE_TAG }},mode=max
- name: Build and push backend docker image
uses: docker/build-push-action@v3
with:
builder: ${{ steps.buildx.outputs.name }}
context: ./
file: ./backend/Dockerfile
tags: "${{ env.BACKEND_IMAGE_TAG }}"
push: true
cache-from: type=registry,ref=${{ env.BACKEND_CACHE_IMAGE_TAG }}
cache-to: type=registry,ref=${{ env.BACKEND_CACHE_IMAGE_TAG }},mode=max
deploy-test:
name: Connect to server, pull latest test images and deploy it
needs: build-and-push
runs-on: ubuntu-latest
timeout-minutes: 10
steps:
- name: install ssh keys
# check this thread to understand why its needed:
# https://stackoverflow.com/a/70447517
run: |
install -m 600 -D /dev/null ~/.ssh/id_rsa
echo "${{ secrets.SSH_PRIVATE_KEY }}" > ~/.ssh/id_rsa
ssh-keyscan -H ${{ secrets.SSH_HOST }} > ~/.ssh/known_hosts
- name: connect and pull
run: ssh ${{ secrets.SSH_USER }}@${{ secrets.SSH_HOST }} "cd ${{ vars.TEST_DIR }} && git checkout ${{ vars.TEST_BRANCH }} && git pull"
- name: connect and update traefik
run: ssh ${{ secrets.SSH_USER }}@${{ secrets.SSH_HOST }} "cd ${{ vars.TEST_DIR }} && docker compose --compatibility -p ows-events -f docker-compose.traefik.yml up -d --build && exit"
- name: connect and services
run: ssh ${{ secrets.SSH_USER }}@${{ secrets.SSH_HOST }} "echo ${{ secrets.GITHUB_TOKEN }} | docker login ghcr.io -u ${{ github.actor }} --password-stdin && export S3_ENDPOINT=${{ secrets.S3_ENDPOINT }} && export S3_SECRET_ACCESS_KEY=${{ secrets.S3_SECRET_KEY }} && export S3_ACCESS_KEY_ID=${{ secrets.S3_ACCESS_KEY }} && export S3_BUCKET=${{ secrets.S3_BUCKET }} && export S3_REGION=${{ secrets.S3_REGION }} && export NUXT_PUBLIC_GOOGLE_SIGN_IN_CLIENT_ID=${{ secrets.TEST_GOOGLE_OAUTH_KEY }} && export PEREDELANOCONF_GOOGLEDOC=${{ secrets.PEREDELANOCONF_GOOGLEDOC_ID }} && export NUXT_PUBLIC_GTAG_ID=${{ secrets.TEST_GTAG_ID }} && export GITHUB_PARSING_TOKEN=${{ secrets.PARSING_TOKEN }} && export SECRET_KEY=${{ secrets.BACKEND_SECRET_KEY }} && export NUXT_PUBLIC_TELEGRAM_AUTH_BOT_NAME=${{ vars.TEST_AUTH_TELEGRAM_BOT_NAME }} && cd ${{ vars.TEST_DIR }} && docker compose --compatibility -p ows-events_test -f docker-compose.test.new.yml up --pull always -d --force-recreate && exit"
- name: cleanup
run: rm -rf ~/.ssh