Ajoute une préprod sur wiru #2
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: "Continuous Deployment" | |
| on: | |
| workflow_dispatch: | |
| push: | |
| branches: | |
| - dev | |
| - main | |
| concurrency: ci-${{ github.ref }} | |
| env: | |
| ECLIPSE_SSH_HOST: eclipse.mes-aides.incubateur.net | |
| ECLIPSE_SSH_USER: debian | |
| EQUINOXE_SSH_HOST: equinoxe.mes-aides.1jeune1solution.beta.gouv.fr | |
| EQUINOXE_SSH_USER: debian | |
| PYTHON_VERSION: 3.11.4 | |
| jobs: | |
| install_python_requirements: | |
| name: Install Python requirements | |
| runs-on: ubuntu-24.04 | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Setup Python | |
| uses: actions/setup-python@v5 | |
| with: | |
| python-version: ${{ env.PYTHON_VERSION }} | |
| cache: 'pip' | |
| - name: Upgrade pip | |
| run: python -m pip install --upgrade pip | |
| - name: Cache Python dependencies | |
| uses: actions/cache@v4 | |
| id: python-dependencies | |
| with: | |
| path: ${{ env.pythonLocation }} | |
| key: ${{ runner.os }}-python-dependencies-${{ hashFiles('**/requirements.txt') }} | |
| - name: Install dependencies | |
| run: pip install -r requirements.txt | |
| lint_ansible_files: | |
| name: Lint ansible files | |
| runs-on: ubuntu-24.04 | |
| needs: [install_python_requirements] | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Setup Python | |
| uses: actions/setup-python@v5 | |
| with: | |
| python-version: ${{ env.PYTHON_VERSION }} | |
| cache: 'pip' | |
| - name: Cache Python dependencies | |
| uses: actions/cache@v4 | |
| id: python-dependencies | |
| with: | |
| path: ${{ env.pythonLocation }} | |
| key: ${{ runner.os }}-python-dependencies-${{ hashFiles('**/requirements.txt') }} | |
| - name: Check installed package | |
| run: pip freeze | |
| - name: Run ansible lint | |
| run: ansible-lint --offline | |
| deploy_production: | |
| name: Deploy production (Equinoxe) | |
| runs-on: ubuntu-24.04 | |
| needs: [install_python_requirements, lint_ansible_files] | |
| if: github.ref == 'refs/heads/main' | |
| steps: | |
| - name: Equinoxe Deployment | |
| shell: bash | |
| run: | | |
| mkdir -p ~/.ssh/ | |
| echo "${{ secrets.EQUINOXE_PRIVATE_KEY }}" > ~/.ssh/equinoxe | |
| chmod 600 ~/.ssh/equinoxe | |
| ssh -o StrictHostKeyChecking=no ${{ env.EQUINOXE_SSH_USER }}@${{ env.EQUINOXE_SSH_HOST }} -i ~/.ssh/equinoxe | |
| deploy_preproduction: | |
| name: Deploy preproduction (Eclipse) | |
| runs-on: ubuntu-24.04 | |
| needs: [install_python_requirements, lint_ansible_files] | |
| if: github.ref == 'refs/heads/dev' | |
| steps: | |
| - name: Eclipse Deployment | |
| shell: bash | |
| run: | | |
| mkdir -p ~/.ssh/ | |
| echo "${{ secrets.ECLIPSE_PRIVATE_KEY }}" > ~/.ssh/eclipse | |
| chmod 600 ~/.ssh/eclipse | |
| ssh -o StrictHostKeyChecking=no ${{ env.ECLIPSE_SSH_USER }}@${{ env.ECLIPSE_SSH_HOST }} -i ~/.ssh/eclipse |