Add APP_KEY to deployment workflow #28
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Deploy Pfaditechnik | |
| on: | |
| push: | |
| branches: | |
| - deploy | |
| jobs: | |
| build-and-deploy: | |
| runs-on: ubuntu-latest | |
| environment: deploy | |
| steps: | |
| # Frontend deployment steps | |
| - name: Checkout the repository | |
| uses: actions/checkout@v2 | |
| - name: Set up Node.js | |
| uses: actions/setup-node@v2 | |
| with: | |
| node-version: '18' | |
| - name: Install frontend dependencies | |
| run: npm install | |
| - name: Build the frontend project | |
| run: npm run docs:build | |
| - name: Deploy frontend via SSH | |
| env: | |
| SSH_PRIVATE_KEY: ${{ secrets.SSH_PRIVATE_KEY }} | |
| SSH_USERNAME: ${{ secrets.SSH_USERNAME }} | |
| SSH_SERVER: ${{ vars.SSH_SERVER }} | |
| DEPLOY_PATH: ${{ vars.DEPLOY_PATH }} | |
| run: | | |
| mkdir -p ~/.ssh | |
| echo "$SSH_PRIVATE_KEY" | tr -d '\r' > ~/.ssh/id_rsa | |
| chmod 600 ~/.ssh/id_rsa | |
| ssh-keyscan -H $SSH_SERVER >> ~/.ssh/known_hosts | |
| cd .vitepress/dist | |
| rsync -avz --delete . $SSH_USERNAME@$SSH_SERVER:$DEPLOY_PATH | |
| - name: Ensure bootstrap/cache directory exists and is writable | |
| run: | | |
| mkdir -p ./api/bootstrap/cache | |
| chmod -R 775 ./api/bootstrap/cache | |
| - name: Install PHP 8.2 and Composer | |
| run: | | |
| sudo add-apt-repository ppa:ondrej/php -y | |
| sudo apt-get update | |
| sudo apt-get install -y php8.2 php8.2-cli php8.2-mbstring php8.2-xml php8.2-curl php8.2-zip php8.2-intl php8.2-bcmath unzip curl | |
| curl -sS https://getcomposer.org/installer | php | |
| sudo mv composer.phar /usr/local/bin/composer | |
| - name: Install backend dependencies | |
| run: composer install | |
| working-directory: ./api | |
| - name: Set up environment variables | |
| env: | |
| BACKEND_URL: ${{ secrets.BACKEND_URL }} | |
| DB_HOST: ${{ secrets.DB_HOST }} | |
| DB_DATABASE: ${{ secrets.DB_DATABASE }} | |
| DB_USERNAME: ${{ secrets.DB_USERNAME }} | |
| DB_PASSWORD: ${{ secrets.DB_PASSWORD }} | |
| MAIL_USERNAME: ${{ secrets.MAIL_USERNAME }} | |
| MAIL_PASSWORD: ${{ secrets.MAIL_PASSWORD }} | |
| MAIL_MAILER: ${{ secrets.MAIL_MAILER }} | |
| MAIL_HOST: ${{ secrets.MAIL_HOST }} | |
| MAIL_PORT: ${{ secrets.MAIL_PORT }} | |
| MAIL_ENCRYPTION: ${{ secrets.MAIL_ENCRYPTION }} | |
| MAIL_FROM_ADDRESS: ${{ secrets.MAIL_FROM_ADDRESS }} | |
| MAIL_FROM_NAME: ${{ secrets.MAIL_FROM_NAME }} | |
| APP_KEY: ${{ secrets.APP_KEY }} | |
| run: | | |
| cd ./api | |
| rm -f .env | |
| cp env.example .env | |
| sed -ri "s~^APP_URL=.*$~APP_URL=$BACKEND_URL~" .env | |
| sed -ri "s~^DB_HOST=.*$~DB_HOST=$DB_HOST~" .env | |
| sed -ri "s~^DB_DATABASE=.*$~DB_DATABASE=$DB_DATABASE~" .env | |
| sed -ri "s~^DB_USERNAME=.*$~DB_USERNAME=$DB_USERNAME~" .env | |
| sed -ri "s~^DB_PASSWORD=.*$~DB_PASSWORD=$DB_PASSWORD~" .env | |
| sed -ri "s~^MAIL_USERNAME=.*$~MAIL_USERNAME=$MAIL_USERNAME~" .env | |
| sed -ri "s~^MAIL_PASSWORD=.*$~MAIL_PASSWORD=$MAIL_PASSWORD~" .env | |
| sed -ri "s~^MAIL_MAILER=.*$~MAIL_MAILER=$MAIL_MAILER~" .env | |
| sed -ri "s~^MAIL_HOST=.*$~MAIL_HOST=$MAIL_HOST~" .env | |
| sed -ri "s~^MAIL_PORT=.*$~MAIL_PORT=$MAIL_PORT~" .env | |
| sed -ri "s~^MAIL_ENCRYPTION=.*$~MAIL_ENCRYPTION=$MAIL_ENCRYPTION~" .env | |
| sed -ri "s~^MAIL_FROM_ADDRESS=.*$~MAIL_FROM_ADDRESS=$MAIL_FROM_ADDRESS~" .env | |
| sed -ri "s~^MAIL_FROM_NAME=.*\$~MAIL_FROM_NAME=\"$MAIL_FROM_NAME\"~" .env | |
| sed -ri "s~^APP_KEY=.*$~APP_KEY=$APP_KEY~" .env | |
| - name: Deploy backend via SSH | |
| env: | |
| SSH_PRIVATE_KEY: ${{ secrets.SSH_PRIVATE_KEY }} | |
| SSH_USERNAME: ${{ secrets.SSH_USERNAME }} | |
| SSH_SERVER: ${{ vars.SSH_SERVER }} | |
| DEPLOY_PATH_BACKEND: ${{ vars.DEPLOY_PATH_BACKEND }} | |
| run: | | |
| mkdir -p ~/.ssh | |
| echo "$SSH_PRIVATE_KEY" | tr -d '\r' > ~/.ssh/id_rsa | |
| chmod 600 ~/.ssh/id_rsa | |
| ssh-keyscan -H $SSH_SERVER >> ~/.ssh/known_hosts | |
| rsync -avz --delete ./api/ $SSH_USERNAME@$SSH_SERVER:$DEPLOY_PATH_BACKEND | |
| - name: Set file permissions on the server | |
| env: | |
| SSH_PRIVATE_KEY: ${{ secrets.SSH_PRIVATE_KEY }} | |
| SSH_USERNAME: ${{ secrets.SSH_USERNAME }} | |
| SSH_SERVER: ${{ vars.SSH_SERVER }} | |
| DEPLOY_PATH_BACKEND: ${{ vars.DEPLOY_PATH_BACKEND }} | |
| run: | | |
| ssh -i ~/.ssh/id_rsa $SSH_USERNAME@$SSH_SERVER "cd $DEPLOY_PATH_BACKEND && chmod -R 775 storage bootstrap/cache" | |
| - name: Run migrations | |
| env: | |
| SSH_PRIVATE_KEY: ${{ secrets.SSH_PRIVATE_KEY }} | |
| SSH_USERNAME: ${{ secrets.SSH_USERNAME }} | |
| SSH_SERVER: ${{ vars.SSH_SERVER }} | |
| DEPLOY_PATH_BACKEND: ${{ vars.DEPLOY_PATH_BACKEND }} | |
| run: | | |
| ssh -i ~/.ssh/id_rsa $SSH_USERNAME@$SSH_SERVER "cd $DEPLOY_PATH_BACKEND && /usr/local/php83/bin/php artisan migrate --force" | |
| - name: Optimize application | |
| env: | |
| SSH_PRIVATE_KEY: ${{ secrets.SSH_PRIVATE_KEY }} | |
| SSH_USERNAME: ${{ secrets.SSH_USERNAME }} | |
| SSH_SERVER: ${{ vars.SSH_SERVER }} | |
| DEPLOY_PATH_BACKEND: ${{ vars.DEPLOY_PATH_BACKEND }} | |
| run: | | |
| ssh -i ~/.ssh/id_rsa $SSH_USERNAME@$SSH_SERVER "cd $DEPLOY_PATH_BACKEND && /usr/local/php83/bin/php artisan config:cache && /usr/local/php83/bin/php artisan route:cache && /usr/local/php83/bin/php artisan view:cache" |