feat: add infrastructure dockerfile, droplet documentation, and gitea deployment workflow
This commit is contained in:
@@ -0,0 +1,114 @@
|
||||
name: Production Deployment
|
||||
|
||||
on:
|
||||
push:
|
||||
branches:
|
||||
- main
|
||||
- refactored
|
||||
|
||||
jobs:
|
||||
build:
|
||||
name: Build and Push Docker Image
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: Checkout Code
|
||||
uses: actions/checkout@v4
|
||||
|
||||
- name: Set up Docker Buildx
|
||||
uses: docker/setup-buildx-action@v3
|
||||
|
||||
- name: Log in to Gitea Container Registry
|
||||
uses: docker/login-action@v3
|
||||
with:
|
||||
registry: git.nciphered.com
|
||||
username: ${{ github.actor }}
|
||||
password: ${{ secrets.GITHUB_TOKEN }}
|
||||
|
||||
- name: Build and Push Image
|
||||
uses: docker/build-push-action@v5
|
||||
with:
|
||||
context: .
|
||||
push: true
|
||||
tags: |
|
||||
git.nciphered.com/${{ github.repository }}:latest
|
||||
git.nciphered.com/${{ github.repository }}:${{ github.sha }}
|
||||
cache-from: type=gha
|
||||
cache-to: type=gha,mode=max
|
||||
|
||||
deploy-droplet:
|
||||
name: Deploy to DigitalOcean Droplet
|
||||
needs: build
|
||||
runs-on: ubuntu-latest
|
||||
if: ${{ secrets.DEPLOY_TARGET == 'droplet' }}
|
||||
steps:
|
||||
- name: Executing remote SSH commands to deploy
|
||||
uses: appleboy/ssh-action@v1.0.3
|
||||
with:
|
||||
host: ${{ secrets.DROPLET_HOST }}
|
||||
username: ${{ secrets.DROPLET_USER }}
|
||||
key: ${{ secrets.DROPLET_SSH_KEY }}
|
||||
script: |
|
||||
# Authenticate with Gitea registry on Droplet
|
||||
docker login -u "${{ github.actor }}" -p "${{ secrets.GITHUB_TOKEN }}" git.nciphered.com
|
||||
|
||||
# Ensure isolated network exists
|
||||
docker network create dockernet 2>/dev/null || true
|
||||
|
||||
# Pull latest image
|
||||
docker pull git.nciphered.com/${{ github.repository }}:latest
|
||||
|
||||
# Stop existing container
|
||||
docker rm -f stick-app-container || true
|
||||
|
||||
# Run container on the 'dockernet' network
|
||||
docker run -d \
|
||||
--name stick-app-container \
|
||||
--network dockernet \
|
||||
-p 80:3007 \
|
||||
-e DATABASE_URL="${{ secrets.DATABASE_URL_DROPLET }}" \
|
||||
-e DATABASE_NAME="${{ secrets.DATABASE_NAME }}" \
|
||||
-e JWT_SECRET="${{ secrets.JWT_SECRET }}" \
|
||||
-e HOST="0.0.0.0" \
|
||||
-e PORT="3007" \
|
||||
--restart unless-stopped \
|
||||
git.nciphered.com/${{ github.repository }}:latest
|
||||
|
||||
deploy-cloudrun:
|
||||
name: Deploy to Google Cloud Run
|
||||
needs: build
|
||||
runs-on: ubuntu-latest
|
||||
if: ${{ secrets.DEPLOY_TARGET == 'cloudrun' }}
|
||||
steps:
|
||||
- name: Checkout Code
|
||||
uses: actions/checkout@v4
|
||||
|
||||
- name: Authenticate with Google Cloud
|
||||
uses: google-github-actions/auth@v2
|
||||
with:
|
||||
credentials_json: ${{ secrets.GCP_SA_KEY }}
|
||||
|
||||
- name: Set up Cloud SDK
|
||||
uses: google-github-actions/setup-gcloud@v2
|
||||
|
||||
- name: Configure Docker Authentication
|
||||
run: |
|
||||
gcloud auth configure-docker us-central1-docker.pkg.dev --quiet
|
||||
|
||||
- name: Tag and Push Image to Artifact Registry
|
||||
run: |
|
||||
# Build/Tag for Google Artifact Registry
|
||||
docker tag git.nciphered.com/${{ github.repository }}:latest us-central1-docker.pkg.dev/${{ secrets.GCP_PROJECT_ID }}/stick/app:latest
|
||||
docker push us-central1-docker.pkg.dev/${{ secrets.GCP_PROJECT_ID }}/stick/app:latest
|
||||
|
||||
- name: Deploy to Google Cloud Run
|
||||
uses: google-github-actions/deploy-cloudrun@v2
|
||||
with:
|
||||
service: stick-app
|
||||
image: us-central1-docker.pkg.dev/${{ secrets.GCP_PROJECT_ID }}/stick/app:latest
|
||||
region: ${{ secrets.GCP_REGION }}
|
||||
env_vars: |
|
||||
DATABASE_URL=${{ secrets.DATABASE_URL_CLOUDRUN }}
|
||||
DATABASE_NAME=${{ secrets.DATABASE_NAME }}
|
||||
JWT_SECRET=${{ secrets.JWT_SECRET }}
|
||||
HOST=0.0.0.0
|
||||
PORT=3007
|
||||
Reference in New Issue
Block a user