-
Notifications
You must be signed in to change notification settings - Fork 0
135 lines (123 loc) · 5.37 KB
/
deploy.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
name: "[${GITHUB_REF#refs/heads/}] Build and Push to GHCR"
on:
push:
branches: [staging, main, prod]
jobs:
next-build:
name: Buid Image
runs-on: ubuntu-latest
steps:
- name: Code Checkout
uses: actions/checkout@v3 # Checkout the code
- uses: actions/setup-node@v4 # Install Node.js in the Runner, and allow us to run npm commands
with:
node-version: "20"
- uses: actions/cache@v4 # Caches the node_modules folder across builds, and makes the Runner use the cache as long as package-lock.json doesn’t change.
with:
# Next.js stores its cache in the .next/cache directory. This will persist the cache across builds for faster application rebuilds.
path: |
${{ github.workspace }}/node_modules
${{ github.workspace }}/.next/cache
# Generate a new cache whenever packages or source files change.
key: ${{ runner.os }}-nextjs-${{ hashFiles('**/package-lock.json') }}-${{ hashFiles('**/*.js') }}
# If source files changed but packages didn't, rebuild from a prior cache.
restore-keys: |
${{ runner.os }}-nextjs-${{ hashFiles('**/package-lock.json') }}-
- name: NextJS Build
run: |
npm ci
if [ "$GITHUB_REF_NAME" = main ]; then echo $DEV_ENV_FILE | base64 --decode > .env; fi
if [ "$GITHUB_REF_NAME" = staging ]; then echo $STAGING_ENV_FILE | base64 --decode > .env; fi
if [ "$GITHUB_REF_NAME" = prod ]; then echo $PROD_ENV_FILE | base64 --decode > .env; fi
npm run build
env:
DEV_ENV_FILE: ${{secrets.DEV_ENV_FILE}}
STAGING_ENV_FILE: ${{secrets.STAGING_ENV_FILE}}
PROD_ENV_FILE: ${{secrets.PROD_ENV_FILE}}
- name: Print Dev Env
if: ${{ github.ref_name == 'main' }}
run: cat .env
- name: Upload Next build # Upload the artifact
uses: actions/upload-artifact@v4
with:
name: build
path: |
.next
public
.env
retention-days: 0 # artifact retention duration, can be upto 30 days
ghcr-push:
name:
needs: next-build # Job depends on next-build(above) job
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Download next build # Download the above uploaded artifact
uses: actions/download-artifact@v4
with:
name: build
- name: Login to GitHub Container Registry
uses: docker/login-action@v2
with:
registry: ghcr.io
username: ${{ secrets.GHCR_USERNAME }}
password: ${{ secrets.GHCR_TOKEN }}
- name: Build and Push Docker Image
run: |
export CURRENT_BRANCH=${GITHUB_REF#refs/heads/}
export TAG=$([[ $CURRENT_BRANCH == ${GITHUB_REF#refs/heads/} ]] && echo $CURRENT_BRANCH || echo "latest")
export GITHUB_REF_IMAGE=ghcr.io/$GITHUB_REPOSITORY:$GITHUB_SHA
export GITHUB_BRANCH_IMAGE=ghcr.io/$GITHUB_REPOSITORY:$TAG
docker build -t $GITHUB_REF_IMAGE -t $GITHUB_BRANCH_IMAGE .
echo "Pushing Image to GitHub Container Registry"
docker push $GITHUB_REF_IMAGE
docker push $GITHUB_BRANCH_IMAGE
- name: Deploy on Dev server
if: github.ref == 'refs/heads/main'
uses: appleboy/[email protected]
with:
host: ${{ secrets.DEV_REMOTE_SERVER_ADDRESS }}
username: ${{ secrets.DEV_SERVER_USERNAME }}
key: ${{ secrets.DEV_REMOTE_SERVER_KEY }}
port: ${{ secrets.DEV_SSH_PORT }}
script: |
pwd
cd ~
echo ${{ secrets.GHCR_TOKEN }} | podman login ghcr.io -u secrets.GHCR_USERNAME --password-stdin
sudo podman pull ghcr.io/weareflexable/auth:main
sudo podman stop auth
sudo podman rm auth
sudo podman run --name="auth" -p 9080:3000 -d ghcr.io/weareflexable/auth:main
- name: Deploy on Staging server
if: github.ref == 'refs/heads/staging'
uses: appleboy/[email protected]
with:
host: ${{ secrets.STAGING_REMOTE_SERVER_ADDRESS }}
username: ${{ secrets.STAGING_SERVER_USERNAME }}
key: ${{ secrets.STAGING_REMOTE_SERVER_KEY }}
port: ${{ secrets.STAGING_SSH_PORT }}
script: |
pwd
cd ~
echo ${{ secrets.GHCR_TOKEN }} | podman login ghcr.io -u secrets.GHCR_USERNAME --password-stdin
sudo podman pull ghcr.io/weareflexable/auth:staging
sudo podman stop auth
sudo podman rm auth
sudo podman run --name="auth" -p 9080:3000 -d ghcr.io/weareflexable/auth:staging
- name: Deploy on Prod server
if: github.ref == 'refs/heads/prod'
uses: appleboy/[email protected]
with:
host: ${{ secrets.PROD_REMOTE_SERVER_ADDRESS }}
username: ${{ secrets.PROD_SERVER_USERNAME }}
key: ${{ secrets.PROD_REMOTE_SERVER_KEY }}
port: ${{ secrets.PROD_SSH_PORT }}
script: |
pwd
cd ~
echo ${{ secrets.GHCR_TOKEN }} | podman login ghcr.io -u secrets.GHCR_USERNAME --password-stdin
sudo podman pull ghcr.io/weareflexable/auth:prod
sudo podman stop auth
sudo podman rm auth
sudo podman run --name="auth" -p 9081:3000 -d ghcr.io/weareflexable/auth:prod