Rework Rules and improve some database functions #1046
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: 'Docker image build' | |
on: | |
push: | |
branches: main | |
workflow_dispatch: | |
# cancel existing builds if a push is made | |
concurrency: | |
group: ${{ github.workflow }}-${{ github.ref }} | |
cancel-in-progress: true | |
jobs: | |
build: | |
name: 'Image build' | |
if: "!contains(github.event.head_commit.message, 'skip ci')" | |
runs-on: ubuntu-latest | |
steps: | |
- name: Send job start webhook | |
continue-on-error: true | |
uses: appleboy/discord-action@3c62873803ab2f276e28cdde23972899fb26e3a5 | |
with: | |
webhook_id: ${{ secrets.WEBHOOK_ID }} | |
webhook_token: ${{ secrets.WEBHOOK_TOKEN }} | |
message: | | |
Starting build for commit [${{ github.sha }}](https://github.com/${{ github.repository }}/commit/${{ github.sha }}) by ${{ github.actor }} | |
>>> ${{ github.event.head_commit.message }} | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Set up Python 3.11 | |
uses: actions/setup-python@v5 | |
with: | |
python-version: '3.11' | |
- name: Install testing dependencies | |
run: | | |
python -m pip install --upgrade pip | |
python -m pip install flake8 | |
- name: Check with flake8 | |
run: | | |
flake8 . | |
- name: Set up QEMU | |
uses: docker/setup-qemu-action@v3 | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@v3 | |
- name: Cache Docker layers | |
uses: actions/cache@v3 | |
with: | |
path: /tmp/.buildx-cache | |
key: ${{ runner.os }}-buildx-${{ github.sha }} | |
restore-keys: | | |
${{ runner.os }}-buildx- | |
- name: Login to GHCR | |
uses: docker/login-action@v3 | |
with: | |
# GitHub username and personal access token | |
registry: ghcr.io | |
username: ${{ secrets.CR_USERNAME }} | |
password: ${{ secrets.CR_PAT }} | |
- name: Build Docker image | |
id: docker_build | |
uses: docker/build-push-action@v3 | |
with: | |
context: . | |
file: ./Dockerfile | |
platforms: linux/amd64 | |
push: true | |
tags: ghcr.io/nh-server/kurisu:latest | |
build-args: | | |
COMMIT=${{ github.sha }} | |
BRANCH=${{ github.ref }} | |
cache-from: type=local,src=/tmp/.buildx-cache | |
cache-to: type=local,dest=/tmp/.buildx-cache | |
- name: Image digest | |
run: echo ${{ steps.docker_build.outputs.digest }} | |
# https://stackoverflow.com/questions/60477061/github-actions-how-to-deploy-to-remote-server-using-ssh/60479844#60479844 | |
- name: Create SSH key | |
run: | | |
mkdir -p ~/.ssh/ | |
chmod 700 ~/.ssh/ | |
echo "$SSH_PRIVATE_KEY" > ~/.ssh/id_rsa | |
chmod 600 ~/.ssh/id_rsa | |
echo "$SSH_KNOWN_HOSTS" > ~/.ssh/known_hosts | |
shell: bash | |
env: | |
SSH_PRIVATE_KEY: ${{ secrets.SSH_PRIVATE_KEY }} | |
SSH_KNOWN_HOSTS: ${{ secrets.SSH_KNOWN_HOSTS }} | |
- name: Send push webhook | |
continue-on-error: true | |
uses: appleboy/discord-action@3c62873803ab2f276e28cdde23972899fb26e3a5 | |
with: | |
webhook_id: ${{ secrets.WEBHOOK_ID }} | |
webhook_token: ${{ secrets.WEBHOOK_TOKEN }} | |
message: Pulling on server | |
- name: Pull on server | |
run: docker compose -f docker-compose-prod.yml pull | |
env: | |
DOCKER_HOST: ${{ secrets.SSH_HOST }} | |
COMPOSE_PARAMIKO_SSH: '1' | |
- name: Send up webhook | |
continue-on-error: true | |
uses: appleboy/discord-action@3c62873803ab2f276e28cdde23972899fb26e3a5 | |
with: | |
webhook_id: ${{ secrets.WEBHOOK_ID }} | |
webhook_token: ${{ secrets.WEBHOOK_TOKEN }} | |
message: Running on server | |
- name: Run on server | |
run: docker compose -f docker-compose-prod.yml up -d | |
env: | |
DOCKER_HOST: ${{ secrets.SSH_HOST }} | |
COMPOSE_PARAMIKO_SSH: '1' | |
- name: Send webhook on failure | |
if: ${{ failure() }} | |
continue-on-error: true | |
uses: appleboy/discord-action@3c62873803ab2f276e28cdde23972899fb26e3a5 | |
with: | |
webhook_id: ${{ secrets.WEBHOOK_ID }} | |
webhook_token: ${{ secrets.WEBHOOK_TOKEN }} | |
message: | | |
Failed to build [${{ github.sha }}](https://github.com/${{ github.repository }}/commit/${{ github.sha }}) | |
- name: Send webhook on cancellation | |
if: ${{ cancelled() }} | |
continue-on-error: true | |
uses: appleboy/discord-action@3c62873803ab2f276e28cdde23972899fb26e3a5 | |
with: | |
webhook_id: ${{ secrets.WEBHOOK_ID }} | |
webhook_token: ${{ secrets.WEBHOOK_TOKEN }} | |
message: | | |
Cancelled build for [${{ github.sha }}](https://github.com/${{ github.repository }}/commit/${{ github.sha }}) |