ci: set up auto deployment

Questionable-Content-Extensions · Mar 12, 2023 · af64331 · af64331
1 parent 9428f34
commit af64331
Show file tree

Hide file tree

Showing 7 changed files with 26,279 additions and 15 deletions.
diff --git a/.github/workflows/workflow.yml b/.github/workflows/workflow.yml
@@ -0,0 +1,27 @@
+name: Build and Deploy
+
+on:
+    push:
+        branches: [main]
+
+jobs:
+    build-and-deploy:
+        runs-on: ubuntu-latest
+        steps:
+            - uses: actions/checkout@v3
+
+            - name: Build Docker image
+              run: docker build -t qcext-server .
+
+            - name: Save Docker image
+              run: docker save -o qcext-server.tar qcext-server
+
+            - name: Compress Docker image
+              run: bzip2 -z qcext-server.tar
+
+            - name: Deploy
+              run: docker-compose run deploy
+              env:
+                  DEPLOY_KEY: ${{ secrets.deploy_key }}
+                  DEPLOY_TARGET: ${{ secrets.deploy_target }}
+                  DEPLOY_USER: ${{ secrets.deploy_user }}
diff --git a/.npmrc b/.npmrc
diff --git a/Dockerfile b/Dockerfile
@@ -1,16 +1,14 @@
-FROM rust:latest AS build
+##################
+#   Rust image   #
+##################
+
+FROM rust:latest AS rust
 
 WORKDIR /usr/src/qcext-server
 
 # Run SQLX in offline mode
 ENV SQLX_OFFLINE=true
 
-# Make sure we have npm and nodejs
-RUN apt-get update && DEBIAN_FRONTEND=noninteractive apt-get install -y \
-    nodejs npm
-RUN nodejs --version
-RUN npm --version
-
 # Build the dependencies in a separate step to avoid rebuilding all of them
 # every time the source code changes. This takes advantage of Docker's layer
 # caching, and it works by doing a build using the Cargo.{toml,lock} files with
@@ -29,22 +27,46 @@ RUN mkdir -p /usr/src/qcext-server/shared/src && \
 RUN cargo fetch
 RUN cargo build --release
 
-# Next, let's run npm install
-COPY package.json .npmrc /usr/src/qcext-server/
-RUN npm install
-
 # Dependencies are now cached, copy the actual source code and do another full
 # build. The touch on all the .rs files is needed, otherwise cargo assumes the
 # source code didn't change thanks to mtime weirdness.
 RUN rm -rf /usr/src/qcext-server/src /usr/src/qcext-server/database/src /usr/src/qcext-server/shared/src
 COPY src /usr/src/qcext-server/src
+RUN rm -rf /usr/src/qcext-server/src/client
 COPY database/src /usr/src/qcext-server/database/src
 COPY shared/src /usr/src/qcext-server/shared/src
 RUN find src -name "*.rs" -exec touch {} \; && \
     find database/src -name "*.rs" -exec touch {} \; && \
     find shared/src -name "*.rs" -exec touch {} \; && \
     cargo build --release
 
+##################
+#  NodeJS image  #
+##################
+
+FROM debian:bullseye AS nodejs
+
+WORKDIR /usr/src/qcext-server
+
+# Make sure we have npm and nodejs
+RUN apt-get update
+RUN DEBIAN_FRONTEND=noninteractive apt-get install -y curl
+RUN curl -fsSL https://deb.nodesource.com/setup_lts.x | bash -
+RUN DEBIAN_FRONTEND=noninteractive apt-get install -y nodejs
+RUN node --version
+RUN npm --version
+
+# Next, let's run npm install
+COPY package.json package-lock.json /usr/src/qcext-server/
+RUN npm install
+
+# Copy only files relevant for Node (i.e. no Rust files)
+RUN mkdir /usr/src/qcext-server/src 
+COPY src/client /usr/src/qcext-server/src/client
+COPY src/index.js /usr/src/qcext-server/src
+
+RUN npx browserslist@latest --update-db
+
 COPY public /usr/src/qcext-server/public
 RUN npm run build
 
@@ -55,11 +77,11 @@ RUN npm run build
 FROM debian:bullseye-slim AS binary
 
 RUN apt-get update && DEBIAN_FRONTEND=noninteractive apt-get install -y \
-    ca-certificates
+    ca-certificates rsync
 RUN apt-get clean
 
-COPY --from=build /usr/src/qcext-server/target/release/qcext-server /usr/local/bin/
-COPY --from=build /usr/src/qcext-server/build /build
+COPY --from=rust /usr/src/qcext-server/target/release/qcext-server /usr/local/bin/
+COPY --from=nodejs /usr/src/qcext-server/build /build
 
 ENV RUST_LOG=info
 CMD ["/usr/local/bin/qcext-server"]
diff --git a/deploy.sh b/deploy.sh
@@ -0,0 +1,21 @@
+#!/bin/sh
+
+# Instantly exits our script whenever an error occurs
+set -e
+
+# Pipe our environmental SSH key variable into a file
+mkdir -p $HOME/.ssh
+echo "${deploy_key}" > $HOME/.ssh/deploy_key
+chmod 600 $HOME/.ssh/deploy_key # SSH keys need to be readonly
+
+# Where to deploy our site on our server
+target="/home/${deploy_user}/qcext-server/staging"
+
+# The actual deployment
+sh -c "rsync -azvh -e 'ssh -i $HOME/.ssh/deploy_key -o StrictHostKeyChecking=no' qcext-server.tar.bz2 ${deploy_user}@${deploy_target}:${target}"
+
+# Run update script
+sh -c "ssh -i $HOME/.ssh/deploy_key -o StrictHostKeyChecking=no ${deploy_user}@${deploy_target} 'cd ${target}; ./update.sh'"
+
+# Remove our deploy_key again since it's no longer needed
+rm $HOME/.ssh/deploy_key
diff --git a/docker-compose.yml b/docker-compose.yml
@@ -0,0 +1,13 @@
+version: '3'
+
+services:
+    deploy:
+        image: 'instrumentisto/rsync-ssh'
+        volumes:
+            - .:/home/site
+        working_dir: /home/site
+        environment:
+            deploy_key: $DEPLOY_KEY
+            deploy_target: $DEPLOY_TARGET
+            deploy_user: $DEPLOY_USER
+        command: sh deploy.sh