Merge pull request #321 from drugis/develop #40
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: MCDA | push | deploy | |
| on: | |
| push: | |
| branches: master | |
| jobs: | |
| test: | |
| runs-on: ${{ matrix.os }} | |
| strategy: | |
| matrix: | |
| node-version: ['18'] | |
| os: [ubuntu-22.04] | |
| steps: | |
| - uses: actions/checkout@v3 | |
| - name: Use Node.js ${{ matrix.node-version }} | |
| uses: actions/setup-node@v3 | |
| with: | |
| node-version: ${{ matrix.node-version }} | |
| - name: Cache node modules | |
| uses: actions/cache@v3 | |
| with: | |
| path: node_modules | |
| key: ${{ runner.OS }}-build-${{ hashFiles('package.json') }} | |
| - name: run yarn | |
| run: yarn | |
| - name: unit tests | |
| id: jest | |
| run: yarn jest | |
| - name: build docker image | |
| run: ./build-docker.sh GOOGLE Live https://mcda.drugis.org live | |
| - name: docker login | |
| run: docker login -u addis -p ${{ secrets.dockerRegistryPassword }} | |
| - name: docker push | |
| run: docker push addis/mcda:live | |
| - name: Configure SSH | |
| run: | | |
| mkdir -p ~/.ssh/ | |
| echo "$SSH_KEY" > ~/.ssh/id_ed25519.key | |
| chmod 600 ~/.ssh/id_ed25519.key | |
| cat >>~/.ssh/config <<END | |
| Host jumphost | |
| HostName $SSH_JUMP_HOST | |
| User $SSH_JUMP_USER | |
| IdentityFile ~/.ssh/id_ed25519.key | |
| StrictHostKeyChecking no | |
| Host internalserver | |
| HostName $SSH_INTERNAL_HOST | |
| User $SSH_INTERNAL_USER | |
| IdentityFile ~/.ssh/id_ed25519.key | |
| StrictHostKeyChecking no | |
| END | |
| env: | |
| SSH_JUMP_USER: ${{ secrets.liveJumpHostUser }} | |
| SSH_KEY: ${{ secrets.deployPrivateKey }} | |
| SSH_JUMP_HOST: ${{ secrets.liveJumpHost }} | |
| SSH_INTERNAL_HOST: ${{ secrets.liveInternalServer }} | |
| SSH_INTERNAL_USER: ${{ secrets.liveInternalUser }} | |
| - name: pull latest from drugis on the server | |
| run: ssh -J jumphost internalserver 'cd git/mcda-elicitation-web && git pull' | |
| - name: pull image on server | |
| run: ssh -J jumphost internalserver 'docker pull addis/mcda:live' | |
| - name: remove service on the server | |
| run: > | |
| ssh -J jumphost internalserver \ | |
| "if systemctl list-unit-files | grep mcda | |
| then | |
| systemctl stop mcda | |
| systemctl disable mcda | |
| rm -f /etc/systemd/system/mcda.service | |
| systemctl daemon-reload | |
| fi" | |
| - name: remove container | |
| run: ssh -J jumphost internalserver 'podman rm -f mcda || true' | |
| - name: update database | |
| run: > | |
| ssh -J jumphost internalserver \ | |
| "cd git/mcda-elicitation-web/liquibase && git pull && cp ../database.pg.sql liquibase-changelog.sql" | |
| - name: run liquibase | |
| run: ssh -J jumphost internalserver './run-mcda-liquibase.sh' | |
| - name: run mcda container on the server | |
| run: ssh -J jumphost internalserver './run-mcda.sh' | |
| - name: generate mcda system service file | |
| run: > | |
| ssh -J jumphost internalserver \ | |
| 'podman generate systemd --name mcda > /etc/systemd/system/mcda.service' | |
| - name: stop mcda container | |
| run: ssh -J jumphost internalserver 'podman stop mcda' | |
| - name: start mcda service | |
| run: > | |
| ssh -J jumphost internalserver \ | |
| "systemctl daemon-reload && \ | |
| systemctl enable mcda && \ | |
| systemctl start mcda" | |
| - name: notify on slack channel on failure | |
| if: failure() | |
| uses: rtCamp/action-slack-notify@master | |
| env: | |
| SLACK_WEBHOOK: ${{ secrets.slackWebhook }} | |
| SLACK_USERNAME: gitbot | |
| SLACK_TITLE: 'Master push:' | |
| SLACK_MESSAGE: 'MCDA-live deploy failed' | |
| - name: notify on slack channel on success | |
| uses: rtCamp/action-slack-notify@master | |
| env: | |
| SLACK_WEBHOOK: ${{ secrets.slackWebhook }} | |
| SLACK_USERNAME: gitbot | |
| SLACK_TITLE: 'Master push:' | |
| SLACK_MESSAGE: 'MCDA-live deployed' |