-
Notifications
You must be signed in to change notification settings - Fork 0
141 lines (125 loc) · 4.35 KB
/
deploy.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
# yaml-language-server: $schema=https://json.schemastore.org/github-workflow.json
name: Deploy to Amazon AWS
on:
workflow_dispatch:
pull_request:
push:
branches: ["main", "neues-projekt"]
env:
AWS_REGION: us-east-1
DOCKER_IMAGE_NAME: m324/nginx
permissions:
contents: read
jobs:
prettier:
permissions:
contents: write
pull-requests: write
runs-on: ubuntu-latest
upermissions:
steps:
- name: Checkout
uses: actions/checkout@v3
with:
# Make sure the actual branch is checked out when running on pull requests
ref: ${{ github.head_ref }}
# This is important to fetch the changes to the previous commit
fetch-depth: 0
- name: Prettify code
uses: creyD/[email protected]
with:
# This part is also where you can pass other options, for example:
prettier_options: --write **/*.{js,md}
only_changed: True # Prüft nur Dateien die geändert wurden
test:
name: Test
runs-on: ubuntu-latest
steps:
- name: Install headless chrome
uses: browser-actions/setup-chrome@v1
with:
chrome-version: 120
install-chromedriver: true
- uses: actions/checkout@v4
- name: Install node
uses: actions/setup-node@v4
with:
node-version: 22 # lts
cache: "npm"
cache-dependency-path: neues-projekt/package-lock.json
- name: Test
working-directory: neues-projekt
run: npm ci && npm run test:ci
deploy:
name: Deploy
runs-on: ubuntu-latest
environment: aws
needs: [test, prettier]
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v4
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-session-token: ${{ secrets.AWS_SESSION_TOKEN }}
aws-region: ${{ env.AWS_REGION }}
- uses: webfactory/[email protected]
with:
ssh-private-key: ${{ secrets.AWS_SSH_PRIVATE_KEY }}
- name: Get Server Ip
id: get-server-ip
working-directory: terraform
shell: bash
run: |
echo "SERVER_IP=$(sh scripts/get_public_ip.sh ubuntu2404)" >> $GITHUB_ENV
- name: Set up Ruby for Kamal
uses: ruby/setup-ruby@v1
env:
BUNDLE_GEMFILE: ./kamal/Gemfile
with:
ruby-version: 3.2.2
bundler-cache: true
- name: Login to Amazon ECR
id: login-ecr
uses: aws-actions/amazon-ecr-login@v2
- name: Push environment variables
working-directory: kamal
env:
KAMAL_SERVER_IP: ${{ env.SERVER_IP }}
KAMAL_REGISTRY: "not-used-to-push-envs"
KAMAL_REGISTRY_PASSWORD: "not-used-to-push-envs"
run: |
EOF=$(dd if=/dev/urandom bs=15 count=1 status=none | base64)
to_envs() { jq -r "( . // {} ) | to_entries[] | \"\(.key)<<$EOF\n\(.value)\n$EOF\n\""; }
echo "$VARS_CONTEXT" | to_envs >> $GITHUB_ENV
echo "$SECRETS_CONTEXT" | to_envs >> $GITHUB_ENV
bundle exec kamal env push
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Docker meta
id: meta
uses: docker/metadata-action@v5
with:
images: |
${{ steps.login-ecr.outputs.registry }}/${{ env.DOCKER_IMAGE_NAME }}
tags: type=sha
- name: Build and push nginx Image
uses: docker/build-push-action@v6
with:
context: ./nginx
push: true
tags: ${{ steps.meta.outputs.tags }}
cache-from: type=gha
cache-to: type=gha,mode=max
- name: Kamal deploy image
working-directory: kamal
env:
KAMAL_SERVER_IP: ${{ env.SERVER_IP }}
KAMAL_REGISTRY: ${{ steps.login-ecr.outputs.registry }}
KAMAL_REGISTRY_PASSWORD: ${{ steps.login-ecr.outputs[format('docker_password_{0}_dkr_ecr_us_east_1_amazonaws_com', secrets.AWS_ACCOUNT_ID)] }}
VERSION: ${{ steps.meta.outputs.version }}
run: |
bundle exec kamal deploy --skip-push --version=$VERSION
echo "Visit me on [http://$KAMAL_SERVER_IP](http://$KAMAL_SERVER_IP) 🚀" >> $GITHUB_STEP_SUMMARY