Skip to content

Add more info about testing on server #574

Add more info about testing on server

Add more info about testing on server #574

Workflow file for this run

name: dev
on:
push:
branches:
- dev
jobs:
preinstall-client:
runs-on: ubuntu-20.04
strategy:
matrix:
node-version: [16]
steps:
- uses: actions/checkout@v3
- uses: pnpm/action-setup@v2
with:
version: 8
- name: Use Node.js ${{ matrix.node-version }}
uses: actions/setup-node@v3
with:
node-version: ${{ matrix.node-version }}
cache: 'pnpm'
cache-dependency-path: packages/client/pnpm-lock.yaml
- name: Get pnpm store directory
id: pnpm-cache
shell: bash
run: |
echo "STORE_PATH=$(pnpm store path)" >> $GITHUB_OUTPUT
- uses: actions/cache@v3
name: Setup pnpm cache
with:
path: ${{ steps.pnpm-cache.outputs.STORE_PATH }}
key: ${{ runner.os }}-pnpm-store-${{ hashFiles('packages/client/pnpm-lock.yaml') }}
restore-keys: |
${{ runner.os }}-pnpm-store-
- name: Install dependencies
run: |
cd packages/client
pnpm install --frozen-lockfile
build-client-staging:
needs: [preinstall-client]
runs-on: ubuntu-20.04
strategy:
matrix:
node-version: [16]
steps:
- uses: actions/checkout@v3
- uses: pnpm/action-setup@v2
with:
version: 8
- name: Use Node.js ${{ matrix.node-version }}
uses: actions/setup-node@v3
with:
node-version: ${{ matrix.node-version }}
cache: 'pnpm'
cache-dependency-path: packages/client/pnpm-lock.yaml
- name: Get pnpm store directory
id: pnpm-cache
shell: bash
run: |
echo "STORE_PATH=$(pnpm store path)" >> $GITHUB_OUTPUT
- uses: actions/cache@v3
name: Setup pnpm cache
with:
path: ${{ steps.pnpm-cache.outputs.STORE_PATH }}
key: ${{ runner.os }}-pnpm-store-${{ hashFiles('packages/client/pnpm-lock.yaml') }}
restore-keys: |
${{ runner.os }}-pnpm-store-
- name: Install dependencies
run: |
cd packages/client
pnpm install --frozen-lockfile
- name: Create env file for client
run: |
touch packages/client/env/.env.staging
echo "$CLIENT_ENV" >> packages/client/env/.env.staging
env:
CLIENT_ENV: ${{secrets.CLIENT_ENV}}
- name: Set current date as env variable
run: echo "BUILD_TIMESTAMP=$(date +'%Y-%m-%dT%H:%M:%S')" >> $GITHUB_ENV
- name: Build
run: |
cd packages/client
pnpm build:staging
- uses: actions/cache@v3
with:
path: packages/client/dist
key: client-staging-${{ github.sha }}
build-client-data-import:
needs: [preinstall-client]
runs-on: ubuntu-20.04
strategy:
matrix:
node-version: [16]
steps:
- uses: actions/checkout@v3
- uses: pnpm/action-setup@v2
with:
version: 8
- name: Use Node.js ${{ matrix.node-version }}
uses: actions/setup-node@v3
with:
node-version: ${{ matrix.node-version }}
cache: 'pnpm'
cache-dependency-path: packages/client/pnpm-lock.yaml
- name: Get pnpm store directory
id: pnpm-cache
shell: bash
run: |
echo "STORE_PATH=$(pnpm store path)" >> $GITHUB_OUTPUT
- uses: actions/cache@v3
name: Setup pnpm cache
with:
path: ${{ steps.pnpm-cache.outputs.STORE_PATH }}
key: ${{ runner.os }}-pnpm-store-${{ hashFiles('packages/client/pnpm-lock.yaml') }}
restore-keys: |
${{ runner.os }}-pnpm-store-
- name: Install dependencies
run: |
cd packages/client
pnpm install --frozen-lockfile
- name: Create env file for client
run: |
touch packages/client/env/.env.data-import
echo "$CLIENT_ENV" >> packages/client/env/.env.data-import
env:
CLIENT_ENV: ${{secrets.CLIENT_ENV_DATAIMPORT}}
- name: Set current date as env variable
run: echo "BUILD_TIMESTAMP=$(date +'%Y-%m-%dT%H:%M:%S')" >> $GITHUB_ENV
- name: Build
run: |
cd packages/client
pnpm build:data-import
- uses: actions/cache@v3
with:
path: packages/client/dist
key: client-data-import-${{ github.sha }}
build-client-sandbox:
needs: [preinstall-client]
runs-on: ubuntu-20.04
strategy:
matrix:
node-version: [16]
steps:
- uses: actions/checkout@v3
- uses: pnpm/action-setup@v2
with:
version: 8
- name: Use Node.js ${{ matrix.node-version }}
uses: actions/setup-node@v3
with:
node-version: ${{ matrix.node-version }}
cache: 'pnpm'
cache-dependency-path: packages/client/pnpm-lock.yaml
- name: Get pnpm store directory
id: pnpm-cache
shell: bash
run: |
echo "STORE_PATH=$(pnpm store path)" >> $GITHUB_OUTPUT
- uses: actions/cache@v3
name: Setup pnpm cache
with:
path: ${{ steps.pnpm-cache.outputs.STORE_PATH }}
key: ${{ runner.os }}-pnpm-store-${{ hashFiles('packages/client/pnpm-lock.yaml') }}
restore-keys: |
${{ runner.os }}-pnpm-store-
- name: Install dependencies
run: |
cd packages/client
pnpm install --frozen-lockfile
- name: Create env file for client
run: |
touch packages/client/env/.env.sandbox
echo "$CLIENT_ENV" >> packages/client/env/.env.sandbox
env:
CLIENT_ENV: ${{secrets.CLIENT_ENV_SANDBOX}}
- name: Set current date as env variable
run: echo "BUILD_TIMESTAMP=$(date +'%Y-%m-%dT%H:%M:%S')" >> $GITHUB_ENV
- name: Build
run: |
cd packages/client
pnpm build:sandbox
- uses: actions/cache@v3
with:
path: packages/client/dist
key: client-sandbox-${{ github.sha }}
build-staging:
needs: [build-client-staging]
name: Build the staging docker image
runs-on: ubuntu-latest
timeout-minutes: 10
steps:
- uses: actions/checkout@v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v1
- uses: actions/cache@v3
with:
path: packages/client/dist
key: client-staging-${{ github.sha }}
- name: Generate certificates
run: |
mkdir -p ./packages/server/secret
openssl req -x509 -newkey rsa:2048 -nodes -out ./packages/server/secret/cert.pem -keyout ./packages/server/secret/key.pem -days 365 -subj "/C=FR/O=krkr/OU=Domain Control Validated/CN=*"
- name: Run docker build task
run: docker build -f Dockerfile.cached -t inkvisitor:staging .
- name: Save docker-compose stack
run: docker save inkvisitor:staging | gzip > inkvisitor-staging.tar.gz
- name: Cache image.tar
uses: actions/cache@v2
with:
path: inkvisitor-staging.tar.gz
key: inkvisitor-staging-${{ github.sha }}.tar.gz
build-data-import:
needs: [build-client-data-import]
name: Build the data-import docker image
runs-on: ubuntu-latest
timeout-minutes: 10
steps:
- uses: actions/checkout@v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v1
- uses: actions/cache@v3
with:
path: packages/client/dist
key: client-data-import-${{ github.sha }}
- name: Generate certificates
run: |
mkdir -p ./packages/server/secret
openssl req -x509 -newkey rsa:2048 -nodes -out ./packages/server/secret/cert.pem -keyout ./packages/server/secret/key.pem -days 365 -subj "/C=FR/O=krkr/OU=Domain Control Validated/CN=*"
- name: Run docker build task
run: docker build -f Dockerfile.cached -t inkvisitor:data-import .
- name: Save docker-compose stack
run: docker save inkvisitor:data-import | gzip > inkvisitor-data-import.tar.gz
- name: Cache image.tar
uses: actions/cache@v2
with:
path: inkvisitor-data-import.tar.gz
key: inkvisitor-data-import-${{ github.sha }}.tar.gz
build-sandbox:
needs: [build-client-sandbox]
name: Build the sandbox docker image
runs-on: ubuntu-latest
timeout-minutes: 10
steps:
- uses: actions/checkout@v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v1
- uses: actions/cache@v3
with:
path: packages/client/dist
key: client-sandbox-${{ github.sha }}
- name: Generate certificates
run: |
mkdir -p ./packages/server/secret
openssl req -x509 -newkey rsa:2048 -nodes -out ./packages/server/secret/cert.pem -keyout ./packages/server/secret/key.pem -days 365 -subj "/C=FR/O=krkr/OU=Domain Control Validated/CN=*"
- name: Run docker build task
run: docker build -f Dockerfile.cached -t inkvisitor:sandbox .
- name: Save docker-compose stack
run: docker save inkvisitor:sandbox | gzip > inkvisitor-sandbox.tar.gz
- name: Cache image.tar
uses: actions/cache@v2
with:
path: inkvisitor-sandbox.tar.gz
key: inkvisitor-sandbox-${{ github.sha }}.tar.gz
deploy:
needs: [build-staging, build-data-import, build-sandbox]
name: Deploy
runs-on: ubuntu-latest
timeout-minutes: 10
steps:
- name: Checkout InkVisitor
uses: actions/checkout@v2
- name: Restore cached staging
uses: actions/cache@v2
with:
path: inkvisitor-staging.tar.gz
key: inkvisitor-staging-${{ github.sha }}.tar.gz
- name: Restore cached data-import
uses: actions/cache@v2
with:
path: inkvisitor-data-import.tar.gz
key: inkvisitor-data-import-${{ github.sha }}.tar.gz
- name: Restore cached sandbox
uses: actions/cache@v2
with:
path: inkvisitor-sandbox.tar.gz
key: inkvisitor-sandbox-${{ github.sha }}.tar.gz
- name: Install SSH Key
uses: shimataro/ssh-key-action@v2
with:
key: ${{ secrets.SSH_PRIVATE_KEY }}
known_hosts: ${{ secrets.KNOWN_HOSTS }}
- name: Update packages
run: |
sudo apt-get update
- name: Install OpenVPN
run: |
sudo apt install -y openvpn openvpn-systemd-resolved
- name: Prepare OpenVPN creds file
run: |
touch pass.txt
echo ${{ secrets.VPN_USER }} >> pass.txt
echo ${{ secrets.VPN_PASS }} >> pass.txt
- name: Pull OpenVPN Config
run: curl https://it.muni.cz/media/3404274/muni-main-linux.ovpn -o muni-linux.ovpn
- name: Connect to VPN and deploy
run: sudo openvpn --config muni-linux.ovpn --auth-user-pass pass.txt --daemon
- name: Wait for a VPN connection
timeout-minutes: 5
run: until ping -w 5 ${{ secrets.SSH_HOST }}; do sleep 2; done
- name: Upload image staging
run: scp inkvisitor-staging.tar.gz ${{ secrets.SSH_USER }}@${{ secrets.SSH_HOST }}:/var/www/html/apps
- name: Upload image data-import
run: scp inkvisitor-data-import.tar.gz ${{ secrets.SSH_USER }}@${{ secrets.SSH_HOST }}:/var/www/html/apps
- name: Upload image sandbox
run: scp inkvisitor-sandbox.tar.gz ${{ secrets.SSH_USER }}@${{ secrets.SSH_HOST }}:/var/www/html/apps
- name: Restart containers
run: |
ssh -tt ${{ secrets.SSH_USER }}@${{ secrets.SSH_HOST }} -- "sh -c '
podman container prune -f &&
podman image prune -f &&
rm -rf /var/tmp/docker-tar* &&
podman rm inkvisitor-staging --force || true &&
podman rm inkvisitor-data-import --force || true &&
podman rm inkvisitor-sandbox --force || true &&
podman load -i /var/www/html/apps/inkvisitor-staging.tar.gz &&
podman load -i /var/www/html/apps/inkvisitor-data-import.tar.gz &&
podman load -i /var/www/html/apps/inkvisitor-sandbox.tar.gz &&
podman-compose -f /var/www/html/apps/docker-compose.yml up -d inkvisitor-staging &&
podman-compose -f /var/www/html/apps/docker-compose.yml up -d inkvisitor-data-import &&
podman-compose -f /var/www/html/apps/docker-compose.yml up -d inkvisitor-sandbox
'"