Add script to test ghcr.io connectivity and image access, enhancing t… #32
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Steps to deploy the app: | |
| # - Build the Docker image and push it to Docker Hub | |
| # - Deploy the Docker image to EC2 by SSH | |
| name: Deploy To SSH Server | |
| on: | |
| push: | |
| branches: ["main"] | |
| pull_request: | |
| branches: ["main"] | |
| # Allows you to run this workflow manually from the Actions tab | |
| workflow_dispatch: | |
| env: | |
| IMAGE_TAG_SERVER: SERVER-${{ github.sha }} | |
| REGISTRY: ghcr.io | |
| IMAGE_NAME: ${{ github.repository }} | |
| jobs: | |
| check-changes: | |
| runs-on: ubuntu-latest | |
| outputs: | |
| nginx: ${{ steps.filter.outputs.nginx }} | |
| steps: | |
| - uses: actions/checkout@v3 | |
| with: | |
| fetch-depth: 2 | |
| - uses: dorny/paths-filter@v2 | |
| id: filter | |
| with: | |
| filters: | | |
| nginx: | |
| - 'nginx.Dockerfile' | |
| list-files: shell | |
| build-nginx: | |
| runs-on: ubuntu-latest | |
| needs: check-changes | |
| if: needs.check-changes.outputs.nginx == 'true' | |
| steps: | |
| - uses: actions/checkout@v3 | |
| - name: Login to GitHub Container Registry | |
| uses: docker/login-action@v2 | |
| with: | |
| registry: ${{ env.REGISTRY }} | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Build and Push Nginx Image | |
| run: | | |
| docker build -t ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}_nginx:latest -f nginx.Dockerfile . | |
| docker push ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}_nginx:latest | |
| build: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v3 | |
| - uses: actions/setup-node@v3 | |
| with: | |
| node-version: 14 | |
| - name: Build nuxt app | |
| run: | | |
| cd website | |
| echo "VUE_APP_BASE_URL=/api/" > .env | |
| echo "VUE_APP_BASE_URL_ON_SERVER=http://localhost:8081/" >> .env | |
| npm install | |
| npm run build | |
| # Login to GitHub Container Registry | |
| - name: Login to GitHub Container Registry | |
| uses: docker/login-action@v2 | |
| with: | |
| registry: ${{ env.REGISTRY }} | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Build the Docker image | |
| run: | | |
| docker build -t ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ env.IMAGE_TAG_SERVER }} -f app.Dockerfile . | |
| - name: Push the Docker image to GitHub Container Registry | |
| run: | | |
| docker push ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ env.IMAGE_TAG_SERVER }} | |
| deploy: | |
| runs-on: ubuntu-latest | |
| needs: [build, build-nginx, check-changes] | |
| if: needs.build.result == 'success' | |
| steps: | |
| - uses: actions/checkout@v3 | |
| - name: Copy docker-compose file to server | |
| uses: appleboy/scp-action@v0.1.7 | |
| with: | |
| host: ${{ secrets.SSH_HOST }} | |
| username: ${{ secrets.SSH_USERNAME }} | |
| key: ${{ secrets.SSH_KEY }} | |
| source: "docker-compose.yaml" | |
| target: "." | |
| timeout: 30s | |
| - name: Fetch the Docker images from server | |
| uses: appleboy/ssh-action@v1 | |
| env: | |
| SERVER_IMAGE_NAME: ${{ env.IMAGE_TAG_SERVER }} | |
| SERVER_ADMIN_EMAIL: ${{ vars.SERVER_ADMIN_EMAIL }} | |
| SERVER_ADMIN_PASSWORD: ${{ vars.SERVER_ADMIN_PASSWORD }} | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| with: | |
| host: ${{ secrets.SSH_HOST }} | |
| username: ${{ secrets.SSH_USERNAME }} | |
| key: ${{ secrets.SSH_KEY }} | |
| envs: SERVER_IMAGE_NAME, SERVER_ADMIN_EMAIL, SERVER_ADMIN_PASSWORD, GITHUB_TOKEN | |
| script: | | |
| # Login to GitHub Container Registry | |
| echo "$GITHUB_TOKEN" | docker login ghcr.io -u ${{ github.actor }} --password-stdin || true | |
| # Remove the previous version of the app, if exists | |
| docker-compose down | |
| # Remove all stoped images | |
| docker system prune -a --force | |
| # Up the app | |
| docker-compose up --remove-orphans -d |