-
Notifications
You must be signed in to change notification settings - Fork 0
131 lines (103 loc) · 4.29 KB
/
deploy.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
name: Publish and deploy
on:
push:
branches:
- main
jobs:
push:
runs-on: ubuntu-latest
if: github.event_name == 'push'
strategy:
matrix:
include:
- binary: alisa
mode: image
- binary: elisa
mode: binary
- binary: elizabeth
mode: image
- binary: isabel
mode: binary
steps:
- uses: actions/checkout@v4
- name: Log into registry
run: echo ${{ secrets.CR_PAT }} | docker login ghcr.io -u $GITHUB_ACTOR --password-stdin
- name: Set up Docker Buildx
id: buildx
uses: docker/setup-buildx-action@master
- name: Build image
run: |
IMAGE_ID=ghcr.io/chipp/${{ matrix.binary }}
docker buildx build . --file bin/${{ matrix.binary }}/Dockerfile \
--load \
--tag $IMAGE_ID:latest \
--build-arg VERSION="0.1.${{ github.run_number }}" \
--cache-from=type=registry,ref=$IMAGE_ID:cache \
--cache-to=type=registry,ref=$IMAGE_ID:cache,mode=max
- name: Compose arm64 runnable image
if: ${{ matrix.mode }} == "image"
run: |
docker run --rm -v "$PWD/build:/build" ghcr.io/chipp/${{ matrix.binary }}:latest \
cp /root/${{ matrix.binary }} /build/${{ matrix.binary }}
docker buildx build . --file conf/arm64.Dockerfile \
--push \
--tag $IMAGE_ID:latest \
--build-arg BINARY=${{ matrix.binary }} \
--label "org.opencontainers.image.source=https://github.com/${{ github.repository }}"
- name: Extract arm64 binary
if: ${{ matrix.mode }} == "binary"
run: |
docker run --rm -v "$PWD/build:/build" ghcr.io/chipp/${{ matrix.binary }}:latest \
cp /root/${{ matrix.binary }} /build/${{ matrix.binary }}
- name: Archive arm64 artifact
if: ${{ matrix.mode }} == "binary"
uses: actions/upload-artifact@v4
with:
name: ${{ matrix.binary }}
path: build/${{ matrix.binary }}
retention-days: 1
deploy:
runs-on: ubuntu-latest
needs: push
steps:
- uses: actions/checkout@v4
- name: Add ssh key
run: |
mkdir ~/.ssh/
echo "${{ secrets.ssh_key }}" > ~/.ssh/id_rsa
echo "ezio.chipp.dev ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHynflleQHqQg0GHDph+GkNQARa56hAlJJf4ogGKbwsh" >> ~/.ssh/known_hosts
echo "pi3.chipp.dev ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAID4miYPJr5cirlqtd73clGvCXI/kiqe23UkfXTtgDyuM" >> ~/.ssh/known_hosts
echo "Host pi3.chipp.dev" > ~/.ssh/config
echo " ProxyCommand $PWD/cloudflared-linux-amd64 access ssh --hostname %h" >> ~/.ssh/config
chmod -R 700 ~/.ssh/
- name: Install cloudflared
run: |
curl -sSLO https://github.com/cloudflare/cloudflared/releases/download/2023.10.0/cloudflared-linux-amd64
echo "33e6876bd55c2db13a931cf812feb9cb17c071ab45d3b50c588642b022693cdc cloudflared-linux-amd64" | sha256sum -c -
chmod +x cloudflared-linux-amd64
- name: Deploy alisa and elizabeth
run: |
eval `ssh-agent -s`
echo "${{ secrets.ssh_key_passphrase }}" | ssh-add ~/.ssh/id_rsa
scp conf/docker-compose.yml conf/mq.conf \
[email protected]:/web/lisa
ssh [email protected] \
"cd /web/lisa && docker compose down --remove-orphans --rmi all && docker compose up -d"
- name: Download elisa
uses: actions/download-artifact@v4
with:
name: elisa
- name: Download isabel
uses: actions/download-artifact@v4
with:
name: isabel
- name: Deploy elisa and isabel
run: |
eval `ssh-agent -s`
echo "${{ secrets.ssh_key_passphrase }}" | ssh-add ~/.ssh/id_rsa
export TUNNEL_SERVICE_TOKEN_ID=${{ secrets.TUNNEL_SERVICE_TOKEN_ID }}
export TUNNEL_SERVICE_TOKEN_SECRET=${{ secrets.TUNNEL_SERVICE_TOKEN_SECRET }}
ssh -v [email protected] "echo test"
ssh [email protected] "sudo service elisa stop && sudo service isabel stop"
scp elisa isabel [email protected]:/usr/local/bin
ssh [email protected] "sudo service elisa start && sudo service isabel start"