-
Notifications
You must be signed in to change notification settings - Fork 89
41 lines (38 loc) · 2.16 KB
/
deploy.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
name: Deploy master
on:
workflow_dispatch:
push:
branches:
- master
jobs:
build:
name: Build image
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@master
- run: docker login ghcr.io -u $GITHUB_ACTOR -p ${{ secrets.GHCR_TOKEN }}
- run: docker build -t ghcr.io/$GITHUB_ACTOR/infomate:latest -t ghcr.io/$GITHUB_ACTOR/infomate:$GITHUB_SHA .
- run: docker image push ghcr.io/$GITHUB_ACTOR/infomate:$GITHUB_SHA
- run: docker image push ghcr.io/$GITHUB_ACTOR/infomate:latest
deploy:
name: Deploy
runs-on: ubuntu-latest
needs: build
env:
SSH_KEY_PATH: /tmp/ssh_key
steps:
- name: Checkout
uses: actions/checkout@v2
- name: Make envfile
run: export | grep "secret_" | sed "s/declare -x secret_//" > .env
env:
secret_SECRET_KEY: ${{ secrets.SECRET_KEY }}
secret_APP_HOST: ${{ secrets.APP_HOST }}
secret_MEDIA_UPLOAD_CODE: ${{ secrets.MEDIA_UPLOAD_CODE }}
secret_SENTRY_DSN: ${{ secrets.SENTRY_DSN }}
- run: echo "GITHUB_SHA=$GITHUB_SHA" >> .env
- run: echo "${{ secrets.PRODUCTION_SSH_KEY }}" > ${{ env.SSH_KEY_PATH }} && chmod 600 ${{ env.SSH_KEY_PATH }}
- run: scp -o StrictHostKeyChecking=no -i ${{ env.SSH_KEY_PATH }} -r $(pwd)/* ${{ secrets.PRODUCTION_SSH_USERNAME }}@${{ secrets.PRODUCTION_SSH_HOST }}:/home/vas3k/infomate.club
- run: scp -o StrictHostKeyChecking=no -i ${{ env.SSH_KEY_PATH }} .env ${{ secrets.PRODUCTION_SSH_USERNAME }}@${{ secrets.PRODUCTION_SSH_HOST }}:/home/vas3k/infomate.club/.env
- run: scp -o StrictHostKeyChecking=no -i ${{ env.SSH_KEY_PATH }} docker-compose.production.yml ${{ secrets.PRODUCTION_SSH_USERNAME }}@${{ secrets.PRODUCTION_SSH_HOST }}:/home/vas3k/infomate.club/docker-compose.production.yml
- run: ssh -i ${{ env.SSH_KEY_PATH }} ${{ secrets.PRODUCTION_SSH_USERNAME }}@${{ secrets.PRODUCTION_SSH_HOST }} "cd /home/vas3k/infomate.club && docker login ghcr.io -u $GITHUB_ACTOR -p ${{ secrets.GHCR_TOKEN }} && docker pull ghcr.io/$GITHUB_ACTOR/infomate:$GITHUB_SHA && docker-compose -f docker-compose.production.yml --env-file=.env up -d && docker system prune --all --force"