-
Notifications
You must be signed in to change notification settings - Fork 0
86 lines (70 loc) · 2.27 KB
/
deploy.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
name: deploy
on:
push:
branches:
- dev
- main
paths-ignore:
- "*.md"
jobs:
deploy:
name: Deploy
runs-on: ubuntu-latest
steps:
- name: Prepare environment
run: |
echo "TAG=${{ github.head_ref || github.ref_name }}" >> $GITHUB_ENV
- name: Checkout repository
uses: actions/checkout@v4
- name: Install Nix
uses: cachix/install-nix-action@v24
with:
nix_path: nixpkgs=channel:nixpkgs-23.11-darwin
extra_nix_config: |
trusted-public-keys = cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY=
substituters = https://cache.nixos.org/
- name: Install dependencies
run: |
nix-shell --pure --run true
- name: Build Cython modules
run: |
nix-shell --pure --run cython-build
- name: Build container image
run: |
echo "IMAGE_PATH=$(nix-build --no-out-link)" >> $GITHUB_ENV
- name: Configure SSH
run: |
mkdir -p ~/.ssh
echo "${{ secrets.SSH_PRIVATE_KEY }}" > ~/.ssh/id_rsa && chmod 600 ~/.ssh/id_rsa
echo "${{ secrets.SSH_KNOWN_HOSTS }}" > ~/.ssh/known_hosts
echo "Host remote
HostName ${{ secrets.SSH_HOST }}
User ${{ secrets.SSH_USER }}
Port ${{ secrets.SSH_PORT }}
IdentityFile ~/.ssh/id_rsa
" > ~/.ssh/config
- name: Upload container image
run: |
scp "${{ env.IMAGE_PATH }}" remote:~
- name: Deploy on remote
run: |
ssh remote <<\EOF
set -e
tag="${{ env.TAG }}"
image_filename="$(basename "${{ env.IMAGE_PATH }}")"
cleanup() {
cd ~
echo "Cleaning up"
rm -f "$image_filename"
}
trap cleanup EXIT
echo "Loading Docker image"
docker load < "$image_filename"
echo "Fetching latest changes from the git repository"
cd "$tag"
git fetch origin "$tag"
git checkout "$tag"
git reset --hard "origin/$tag"
echo "Restarting containers"
TAG="$tag" docker compose --env-file "envs/compose/$tag.env" up -d
EOF