ci: pass env vars to SSH-action context #29
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Deploy to staging when pushing on staging | |
| on: | |
| push: | |
| branches: | |
| - staging | |
| - feat/github-ci | |
| jobs: | |
| deploy-staging: | |
| environment: staging | |
| name: Deploy to staging from ${{ github.ref_name }}/${{ github.sha }} | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| - name: Get current CI job ID | |
| env: | |
| GH_TOKEN: ${{ github.token }} | |
| run: | | |
| jobs=$(gh api repos/${{ github.repository }}/actions/runs/${{ github.run_id}}/attempts/${{ github.run_attempt }}/jobs) | |
| job_id=$(echo $jobs | jq -r '.jobs[] | select(.runner_name=="${{ runner.name }}") | .id') | |
| echo "CI_JOB_ID=$job_id" >> $GITHUB_ENV | |
| echo "This CI job ID is ${{ env.CI_JOB_ID }}" | |
| - name: Install SSH key | |
| uses: shimataro/ssh-key-action@v2 | |
| with: | |
| key: ${{ secrets.CI_DEPLOY_USER_SSH_PRIVATE_KEY }} | |
| name: id_rsa | |
| known_hosts: ${{ secrets.CI_DEPLOY_HOST }} | |
| - name: Adding server to known hosts | |
| run: ssh-keyscan -H ${{ secrets.CI_DEPLOY_HOST }} >> ~/.ssh/known_hosts | |
| - name: Prepare deployment files on runner for this CI job ID | |
| run: | | |
| mkdir -p ./${{ env.CI_JOB_ID }} | |
| cp -r ./app ./${{ env.CI_JOB_ID }} | |
| cp ./docker-compose.yml ./${{ env.CI_JOB_ID }}/docker-compose.yml | |
| cp ./Dockerfile ./${{ env.CI_JOB_ID }}/Dockerfile | |
| cp ./pyproject.toml ./${{ env.CI_JOB_ID }}/pyproject.toml | |
| - name: Create .env file with current secrets | |
| run: | | |
| cd ./${{ env.CI_JOB_ID }} | |
| touch .env | |
| echo API_ENDPOINT="https://xxx.execute-api.us-west-2.amazonaws.com" >> .env | |
| echo API_KEY=${{ secrets.API_KEY }} >> .env | |
| echo MATRIX_HOME_SERVER=${{ secrets.MATRIX_HOME_SERVER }} >> .env | |
| echo MATRIX_BOT_USERNAME=${{ secrets.MATRIX_BOT_USERNAME }} >> .env | |
| echo MATRIX_BOT_PASSWORD=${{ secrets.MATRIX_BOT_PASSWORD }} >> .env | |
| echo ERRORS_ROOM_ID=${{ secrets.ERRORS_ROOM_ID }} >> .env | |
| echo USER_ALLOWED_DOMAINS=${{ secrets.USER_ALLOWED_DOMAINS }} >> .env | |
| echo SALT=${{ secrets.SALT }} >> .env | |
| echo ALBERT_API_URL=${{ secrets.ALBERT_API_URL }} >> .env | |
| echo ALBERT_API_TOKEN=${{ secrets.ALBERT_API_TOKEN }} >> .env | |
| echo ALBERT_API_MODEL_NAME=${{ secrets.ALBERT_API_MODEL_NAME }} >> .env | |
| echo ALBERT_API_MODE=${{ secrets.ALBERT_API_MODE }} >> .env | |
| cat .env | |
| - name: Copy deployment files to remote server via SCP | |
| uses: appleboy/scp-action@master | |
| with: | |
| host: ${{ secrets.CI_DEPLOY_HOST }} | |
| username: ${{ secrets.CI_DEPLOY_USER }} | |
| key: ${{ secrets.CI_DEPLOY_USER_SSH_PRIVATE_KEY }} | |
| source: "./${{ env.CI_JOB_ID }}" | |
| target: "/home/${{ secrets.CI_DEPLOY_USER }}" | |
| - name: Execute server commands for deploy | |
| uses: appleboy/ssh-action@master | |
| with: | |
| host: ${{ secrets.CI_DEPLOY_HOST }} | |
| username: ${{ secrets.CI_DEPLOY_USER }} | |
| key: ${{ secrets.CI_DEPLOY_USER_SSH_PRIVATE_KEY }} | |
| script: | | |
| cd /home/${{ secrets.CI_DEPLOY_USER }}/${{ env.CI_JOB_ID }} | |
| mkdir -p /data/tchapbot | |
| export COMPOSE_FILE=/home/${{ secrets.CI_DEPLOY_USER }}/${{ env.CI_JOB_ID }}/docker-compose.yml | |
| export COMPOSE_PROJECT_NAME=albert-tchapbot | |
| docker compose down | |
| docker tag albert/tchapbot:latest albert/tchapbot:old || true | |
| docker image rm albert/tchapbot:latest || true | |
| docker compose up --detach | |
| docker image rm albert/tchapbot:old || true | |
| rm -rf /home/${{ secrets.CI_DEPLOY_USER }}/${{ env.CI_JOB_ID }} |