.github/workflows/push.yml

name: Push

on:
  push: null
  workflow_dispatch:
    inputs:
      publish:
        description: 'Build and publish Docker image'
        type: boolean
        required: false
        default: false
      deploy:
        description: 'Deploy to demo server'
        type: boolean
        required: false
        default: false

jobs:
  build:
    name: Build
    runs-on: ubuntu-latest
    if: ${{ github.event_name == 'push' }}
    steps:
      - name: Check out
        uses: actions/checkout@v3
      - name: Use Node.js 18.x
        uses: actions/setup-node@v3
        with:
          node-version: 18
          cache: yarn
      - name: Install
        run: yarn --immutable
      - name: Build collaboration server
        run: yarn build
        working-directory: packages/apollo-collaboration-server
      - name: Build plugin
        run: yarn build
        working-directory: packages/jbrowse-plugin-apollo
  lint:
    name: Lint
    runs-on: ubuntu-latest
    if: ${{ github.event_name == 'push' }}
    steps:
      - name: Check out
        uses: actions/checkout@v3
      - name: Use Node.js 18.x
        uses: actions/setup-node@v3
        with:
          node-version: 18
          cache: yarn
      - name: Install
        run: yarn --immutable
        # Have to build shared before linting so type-based lint rules can
        # run correctly
      - name: Build shared
        run: yarn build
        working-directory: packages/apollo-shared
      - name: Lint codebase
        run: yarn eslint --ext .js,.ts,.jsx,.tsx .
  build-and-push-docker:
    name: Build and push Docker image
    runs-on: ubuntu-latest
    if:
      ${{ (github.event_name == 'push' && github.ref == 'refs/heads/main') ||
      inputs.publish }}
    steps:
      - name: Set up QEMU
        uses: docker/setup-qemu-action@v3
      - name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v3
      - name: Log in to the GitHub Container Registry
        uses: docker/login-action@v3
        with:
          registry: ghcr.io
          username: ${{ github.repository_owner }}
          password: ${{ secrets.GITHUB_TOKEN }}
      - name: Build and push Apollo collaboration server image
        uses: docker/build-push-action@v5
        with:
          platforms: linux/arm64/v8,linux/amd64
          push: true
          tags: ghcr.io/gmod/apollo-collaboration-server:development
          outputs:
            type=image,annotation-index.org.opencontainers.image.description=Apollo
            collaboration server
          cache-from: type=registry,ref=user/app:latest
          cache-to: type=inline
  deploy:
    name: Deploy to demo staging server
    runs-on: ubuntu-latest
    environment: staging
    needs: build-and-push-docker
    if:
      ${{ (github.event_name == 'push' && github.ref == 'refs/heads/main') ||
      ( inputs.deploy  &&  always()) }}
    steps:
      - name: Check out
        uses: actions/checkout@v3
      - name: Configure AWS credentials
        uses: aws-actions/configure-aws-credentials@v2
        with:
          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
          aws-region: us-east-1
      - name: Get instance address
        id: ec2-describe-instances
        run: |
          INSTANCE_ADDRESS=$(aws ec2 describe-instances \
            --instance-ids ${{ vars.INSTANCE_ID }} \
            --query "Reservations[*].Instances[*].[PublicDnsName]" \
            --output text)
          echo "INSTANCE_ADDRESS=$INSTANCE_ADDRESS" >> "$GITHUB_OUTPUT"
      - name: Set up SSH
        run: |
          mkdir --parents ~/.ssh
          echo "${{ secrets.SSH_PRIVATE_KEY  }}" >  ~/.ssh/staging
          chmod 600 ~/.ssh/staging
          cat >>~/.ssh/config <<END
          Host staging
            HostName ${{ steps.ec2-describe-instances.outputs.INSTANCE_ADDRESS }}
            User ec2-user
            IdentityFile ~/.ssh/staging
          END
          ssh-keyscan -H ${{ steps.ec2-describe-instances.outputs.INSTANCE_ADDRESS }} >> ~/.ssh/known_hosts
      - name: Create Docker context
        run: |
          docker context create staging \
            --docker host=ssh://staging \
            --description "Staging server"
      - name: Log in to the GitHub Container Registry
        uses: docker/login-action@v3
        with:
          registry: ghcr.io
          username: ${{ github.repository_owner }}
          password: ${{ secrets.GITHUB_TOKEN }}
      - name: Deploy
        env:
          JWT_SECRET: ${{ secrets.JWT_SECRET }}
          SESSION_SECRET: ${{ secrets.SESSION_SECRET }}
          GOOGLE_CLIENT_ID: ${{ secrets.GOOGLE_CLIENT_ID }}
          GOOGLE_CLIENT_SECRET: ${{ secrets.GOOGLE_CLIENT_SECRET }}
          ROOT_USER_NAME: ${{ secrets.ROOT_USER_NAME }}
          ROOT_USER_PASSWORD: ${{ secrets.ROOT_USER_PASSWORD }}
          URL: ${{ vars.URL }}
        working-directory: .github/workflows/deploy
        run: |
          docker --context staging compose down
          docker --context staging compose pull
          docker --context staging compose up --build --detach