-
Notifications
You must be signed in to change notification settings - Fork 0
158 lines (124 loc) · 5.17 KB
/
deploy.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
name: Publish and deploy
on:
push:
branches:
- main
jobs:
push:
runs-on: ubuntu-latest
if: github.event_name == 'push'
strategy:
matrix:
include:
- binary: alisa
mode: image
- binary: elisa
mode: binary
- binary: elisheba
mode: binary
- binary: elizabeth
mode: image
- binary: isabel
mode: binary
steps:
- uses: actions/checkout@v4
- name: Log into registry
run: echo ${{ secrets.CR_PAT }} | docker login ghcr.io -u $GITHUB_ACTOR --password-stdin
- name: Set up Docker Buildx
id: buildx
uses: docker/setup-buildx-action@master
- name: Build image
run: |
IMAGE_ID=ghcr.io/chipp/${{ matrix.binary }}
RUST_VERSION=$(cat .rust-version)
docker buildx build . --file bin/${{ matrix.binary }}/Dockerfile \
--load \
--progress plain \
--tag $IMAGE_ID:latest \
--build-arg RUST_VERSION="${RUST_VERSION}" \
--build-arg VERSION="0.1.${{ github.run_number }}" \
--label "org.opencontainers.image.source=https://github.com/${{ github.repository }}" \
--cache-from=type=registry,ref=$IMAGE_ID:cache \
--cache-to=type=registry,ref=$IMAGE_ID:cache,mode=max
docker images -a
- name: Compose arm64 runnable image
if: matrix.mode == 'image'
run: |
IMAGE_ID=ghcr.io/chipp/${{ matrix.binary }}
docker images -a
docker run --rm -v "$PWD/build:/build" ghcr.io/chipp/${{ matrix.binary }}:latest \
cp /root/${{ matrix.binary }} /build/${{ matrix.binary }}
docker buildx build . --file conf/arm64.Dockerfile \
--push \
--platform linux/arm64 \
--progress plain \
--tag $IMAGE_ID:latest \
--tag $IMAGE_ID:0.1.${{ github.run_number }} \
--build-arg BINARY=${{ matrix.binary }} \
--label "org.opencontainers.image.source=https://github.com/${{ github.repository }}" \
--label "org.opencontainers.image.version=0.1.${{ github.run_number }}"
- name: Extract arm64 binary
if: matrix.mode == 'binary'
run: |
docker images -a
docker run --rm -v "$PWD/build:/build" ghcr.io/chipp/${{ matrix.binary }}:latest \
cp /root/${{ matrix.binary }} /build/${{ matrix.binary }}
- name: Archive arm64 artifact
if: matrix.mode == 'binary'
uses: actions/upload-artifact@v4
with:
name: ${{ matrix.binary }}
path: build/${{ matrix.binary }}
retention-days: 1
deploy:
runs-on: ubuntu-latest
needs: push
steps:
- uses: actions/checkout@v4
- name: Add ssh key
run: |
mkdir ~/.ssh/
echo "${{ secrets.ssh_key }}" > ~/.ssh/id_rsa
echo "ezio.chipp.dev ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHynflleQHqQg0GHDph+GkNQARa56hAlJJf4ogGKbwsh" >> ~/.ssh/known_hosts
echo "pi4.chipp.dev ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMFENzlmv0ZYkEREgu8EERva4dLF/6UjXlkNOmc2Q1SJ" >> ~/.ssh/known_hosts
echo "Host pi4.chipp.dev" > ~/.ssh/config
echo " ProxyCommand $PWD/cloudflared-linux-amd64 access ssh --hostname %h" >> ~/.ssh/config
chmod -R 700 ~/.ssh/
- name: Install cloudflared
run: |
curl -sSLO https://github.com/cloudflare/cloudflared/releases/download/2024.2.1/cloudflared-linux-amd64
echo "f140d18894206a45f5150d34066e8940a3bca82a0da670fcb4e6d93b11f0c81c cloudflared-linux-amd64" | sha256sum -c -
chmod +x cloudflared-linux-amd64
- name: Deploy alisa and elizabeth
run: |
eval `ssh-agent -s`
echo "${{ secrets.ssh_key_passphrase }}" | ssh-add ~/.ssh/id_rsa
scp conf/docker-compose.yml conf/mq.conf \
[email protected]:/web/lisa
ssh [email protected] \
"cd /web/lisa && docker compose down --remove-orphans --rmi all && docker compose up -d"
- name: Download elisa
uses: actions/download-artifact@v4
with:
name: elisa
- name: Download elisheba
uses: actions/download-artifact@v4
with:
name: elisheba
- name: Download isabel
uses: actions/download-artifact@v4
with:
name: isabel
- name: Deploy elisa, elisheba, isabel
run: |
eval `ssh-agent -s`
echo "${{ secrets.ssh_key_passphrase }}" | ssh-add ~/.ssh/id_rsa
export TUNNEL_SERVICE_TOKEN_ID=${{ secrets.TUNNEL_SERVICE_TOKEN_ID }}
export TUNNEL_SERVICE_TOKEN_SECRET=${{ secrets.TUNNEL_SERVICE_TOKEN_SECRET }}
ssh [email protected] "sudo service elisa stop"
ssh [email protected] "sudo service elisheba stop"
ssh [email protected] "sudo service isabel stop"
scp elisa elisheba isabel [email protected]:/usr/local/bin
ssh [email protected] "sudo service elisa start"
ssh [email protected] "sudo service elisheba start"
ssh [email protected] "sudo service isabel start"