Skip to content

Commit

Permalink
chore: update prod deploy
Browse files Browse the repository at this point in the history
  • Loading branch information
@daniluk4000
daniluk4000 committed Dec 7, 2024
1 parent 3f14dcb commit 86179c8
Showing 1 changed file with 61 additions and 72 deletions.
133 changes: 61 additions & 72 deletions .github/workflows/publish.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,9 @@ jobs:
permissions:
contents: read
packages: write
environment:
name: production
url: https://vatsim-radar.com
steps:
- uses: actions/checkout@v4
- name: Login to GitHub Container Registry
Expand All @@ -29,99 +32,85 @@ jobs:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Add .env file
run: echo "${{ secrets.ENV }}" > .env
- name: Build and push
uses: docker/build-push-action@v5
with:
tags: ghcr.io/vatsim-radar/vatsim-radar/production:latest
context: .
push: true
file: .config/Dockerfile
build-args: |
DOMAIN=${{ vars.DOMAIN }}
NAVIGRAPH_CLIENT_ID=${{ vars.NAVIGRAPH_CLIENT_ID }}
NAVIGRAPH_SERVER_ID=${{ vars.NAVIGRAPH_SERVER_ID }}
VATSIM_CLIENT_ID=${{ vars.VATSIM_CLIENT_ID }}
VATSIM_ENDPOINT=${{ vars.VATSIM_ENDPOINT }}
DATABASE_URL=${{ secrets.DATABASE_URL }}
NAVIGRAPH_CLIENT_SECRET=${{ secrets.NAVIGRAPH_CLIENT_SECRET }}
NAVIGRAPH_SERVER_SECRET=${{ secrets.NAVIGRAPH_SERVER_SECRET }}
VATSIM_CLIENT_SECRET=${{ secrets.VATSIM_CLIENT_SECRET }}
DISCORD_TOKEN=${{ secrets.DISCORD_TOKEN }}
DISCORD_CLIENT_ID=${{ secrets.DISCORD_CLIENT_ID }}
DISCORD_SERVER_ID=${{ vars.DISCORD_SERVER_ID }}
DISCORD_INTERNAL_SERVER_ID=${{ vars.DISCORD_INTERNAL_SERVER_ID }}
DISCORD_RELEASES_CHANNEL_ID=${{ vars.DISCORD_RELEASES_CHANNEL_ID }}
DISCORD_ROLE_ID=${{ vars.DISCORD_ROLE_ID }}
ACCESS_BY_DISCORD_ROLES=${{ vars.ACCESS_BY_DISCORD_ROLES }}
IS_DOWN=${{ vars.IS_DOWN }}
VATSIM_KAFKA_BROKER=${{ secrets.VATSIM_KAFKA_BROKER }}
VATSIM_KAFKA_USER=${{ secrets.VATSIM_KAFKA_USER }}
VATSIM_KAFKA_PASSWORD=${{ secrets.VATSIM_KAFKA_PASSWORD }}
VATSIM_KAFKA_GROUP=${{ secrets.VATSIM_KAFKA_GROUP }}
INFLUX_URL=${{ secrets.INFLUX_URL }}
INFLUX_TOKEN=${{ secrets.INFLUX_TOKEN }}
INFLUX_ORG=${{ secrets.INFLUX_ORG }}
INFLUX_BUCKET_MAIN=${{ secrets.INFLUX_BUCKET_MAIN }}
INFLUX_BUCKET_ONLINE=${{ secrets.INFLUX_BUCKET_ONLINE }}
INFLUX_ENABLE_WRITE=${{ vars.INFLUX_ENABLE_WRITE }}
INFLUX_BUCKET_PLANS=${{ secrets.INFLUX_BUCKET_PLANS }}
DISABLE_WEBSOCKETS=${{ vars.DISABLE_WEBSOCKETS }}
CF_R2_API=${{ secrets.CF_R2_API }}
CF_R2_ACCESS_ID=${{ secrets.CF_R2_ACCESS_ID }}
CF_R2_ACCESS_TOKEN=${{ secrets.CF_R2_ACCESS_TOKEN }}
PATREON_ACCESS_TOKEN=${{ secrets.PATREON_ACCESS_TOKEN }}
FAA_NOTAMS_CLIENT_ID=${{ secrets.FAA_NOTAMS_CLIENT_ID }}
FAA_NOTAMS_CLIENT_SECRET=${{ secrets.FAA_NOTAMS_CLIENT_SECRET }}
deploy:
runs-on: do-prod
#runs-on: beget

deploy-app:
runs-on: ubuntu-latest
needs:
- push
permissions:
contents: read
packages: read
steps:
- uses: actions/checkout@v4
- name: Login to GitHub Container Registry
uses: docker/login-action@v3
- name: Set up kubectl
uses: matootie/[email protected]
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Pull
shell: bash
run: docker pull ghcr.io/vatsim-radar/vatsim-radar/production:latest
- name: Build
shell: bash
run: docker compose -f docker-compose.prod.yml build
- name: Deploy
shell: bash
run: docker compose -f docker-compose.prod.yml up -d
- name: Clear
shell: bash
run: docker system prune --force && docker system prune --volumes --force
personalAccessToken: ${{ secrets.DIGITALOCEAN_TOKEN }}
clusterName: main
- name: Deploy App
run: kubectl apply -f .config/k8s/main/app.yml
- name: Apply App
run: kubectl rollout restart deployment app-prod
- name: Apply Worker
run: kubectl rollout restart deployment worker-prod
- name: Validate App
run: kubectl rollout status deployment app-prod
- name: Validate Worker
run: kubectl rollout status deployment worker-prod

deploy-db-redis:
runs-on: ubuntu-latest
needs:
- push
permissions:
contents: read
steps:
- uses: actions/checkout@v4
- name: Set up kubectl
uses: matootie/[email protected]
with:
personalAccessToken: ${{ secrets.DIGITALOCEAN_TOKEN }}
clusterName: main
- name: Deploy Volume
run: kubectl apply -f .config/k8s/prod/volume.yml
- name: Deploy Redis
run: kubectl apply -f .config/k8s/prod/redis.yml
- name: Validate Redis
run: kubectl rollout status deployment redis
- name: Deploy DB
run: kubectl apply -f .config/k8s/prod/db.yml
- name: Validate DB
run: kubectl rollout status deployment db

deploy-nginx:
runs-on: do-nginx
#runs-on: beget
# needs:
# - push
deploy-ingress:
runs-on: ubuntu-latest
permissions:
contents: read
packages: read
steps:
- name: Copy default config
shell: bash
run: cp .config/nginx/default.conf /etc/nginx/sites-available/default
- name: Copy Nginx config
shell: bash
run: cp .config/nginx/nginx.conf /etc/nginx/nginx.conf
- name: Apply config
shell: bash
run: service nginx restart
- uses: actions/checkout@v4
- name: Set up kubectl
uses: matootie/[email protected]
with:
personalAccessToken: ${{ secrets.DIGITALOCEAN_TOKEN }}
clusterName: main
- name: Deploy Ingress
run: kubectl apply -f .config/k8s/ingress.yml


github-release:
name: Release tag to Github
needs: deploy
needs:
- deploy-app
- deploy-db-redis
runs-on: ubuntu-latest
permissions:
contents: write
Expand Down

0 comments on commit 86179c8

Please sign in to comment.