From b290b07648f320c4a1f20bd67bbe26d38a010ad1 Mon Sep 17 00:00:00 2001 From: Veivel <25278964+Veivel@users.noreply.github.com> Date: Mon, 17 Jun 2024 15:51:44 +0700 Subject: [PATCH] feature: implement half of service deployment workflow --- .github/workflows/deploy-staging.yaml | 85 +++++++++++++++++---------- deploy-stg/docker-compose.yml | 50 ++++++++++++++++ deploy-stg/infisical.yml | 4 ++ deploy-stg/new_setup.py | 0 4 files changed, 107 insertions(+), 32 deletions(-) create mode 100644 deploy-stg/docker-compose.yml create mode 100644 deploy-stg/infisical.yml create mode 100644 deploy-stg/new_setup.py diff --git a/.github/workflows/deploy-staging.yaml b/.github/workflows/deploy-staging.yaml index a2c7944..c6dbebb 100644 --- a/.github/workflows/deploy-staging.yaml +++ b/.github/workflows/deploy-staging.yaml @@ -33,41 +33,62 @@ jobs: context: . file: ./Dockerfile push: true - tags: ristekoss/susunjadwal-backend - labels: staging + tags: ristekoss/susunjadwal-backend:staging - # deploy_service: - # name: Deploy Service - # runs-on: ubuntu-22.04 - # steps: - # - name: Checkout sources - # uses: actions/checkout@v4 + deploy_service: + needs: build_and_push + runs-on: ubuntu-latest + steps: + - name: Checkout sources + uses: actions/checkout@v4 + + - name: Setup Python + uses: actions/setup-python@v5 + with: + python-version: 3.11.3 - # - name: Setup Python - # uses: actions/setup-python@v5 - # with: - # python-version: 3.11.3 + - name: Install dependencies + run: | + python -m pip install --upgrade pip + pip install -r requirements.txt - # - name: Install dependencies - # run: | - # python -m pip install --upgrade pip - # pip install -r requirements.txt + - name: Setup Infisical + run: | + curl -1sLf \ + 'https://dl.cloudsmith.io/public/infisical/infisical-cli/setup.deb.sh' \ + | sudo -E bash + sudo apt-get update && sudo apt-get install -y infisical - # - name: Setup Infisical - # run: | - # curl -1sLf \ - # 'https://dl.cloudsmith.io/public/infisical/infisical-cli/setup.deb.sh' \ - # | sudo -E bash - # sudo apt-get update && sudo apt-get install -y infisical + - name: Get Infisical Token + id: get-infisical-token + run: | + INFISICAL_TOKEN=$(infisical login --method universal-auth --client-id ${{ secrets.INFISICAL_CLIENT_ID }} --client-secret ${{ secrets.INFISICAL_CLIENT_SECRET }} --silent --plain) + echo "infisical-token=$INFISICAL_TOKEN" >> "$GITHUB_OUTPUT" - # - name: Get Infisical Token - # id: get-infisical-token - # run: | - # INFISICAL_TOKEN=$(infisical login --method universal-auth --client-id ${{ secrets.INFISICAL_CLIENT_ID }} --client-secret ${{ secrets.INFISICAL_CLIENT_SECRET }} --silent --plain) - # echo "infisical-token=$INFISICAL_TOKEN" >> "$GITHUB_OUTPUT" + - name: Load Infisical Secrets + run: python3 ./deploy-stg/new_setup.py + env: + INFISICAL_TOKEN: ${{ steps.get-infisical-token.outputs.infisical-token }} + SSH_TIMEOUT: 20 + + - name: SSH and Prepare Working Directory + uses: appleboy/ssh-action@master + with: + host: ${{ secrets.SSH_IP_ADDRESS }} + username: ${{ secrets.SSH_USER }} + key: ${{ secrets.SSH_KEY}} + port: ${{ secrets.SSH_PORT }} + script: | + ls -al + mkdir -pv susunjadwal/susunjadwal-backend-stg + + - name: RSync Files to Server + uses: burnett01/rsync-deployments@7.0.1 + with: + switches: -avzr --progress + path: deploy-stg/ + remote_path: susunjadwal/susunjadwal-backend-stg + remote_host: ${{ secrets.SSH_IP_ADDRESS }} + remote_user: ${{ secrets.SSH_USER }} + remote_key: ${{ secrets.SSH_KEY }} - # - name: Execute Setup - # run: python3 ./deploy/setup.py susunjadwal-backend-stg - # env: - # INFISICAL_TOKEN: ${{ steps.get-infisical-token.outputs.infisical-token }} - # SSH_TIMEOUT: 30 diff --git a/deploy-stg/docker-compose.yml b/deploy-stg/docker-compose.yml new file mode 100644 index 0000000..3ecf23d --- /dev/null +++ b/deploy-stg/docker-compose.yml @@ -0,0 +1,50 @@ +version: "3.9" + +services: + susunjadwal-rmq-stg: + restart: unless-stopped + image: rabbitmq:management-alpine + ports: + - "15671-15672:15671-15672" + + susunjadwal-mongo-stg: + image: mongo:7 + restart: unless-stopped + environment: + MONGO_INITDB_ROOT_USERNAME: ${MONGODB_USERNAME} + MONGO_INITDB_ROOT_PASSWORD: ${MONGODB_PASSWORD} + MONGO_INITDB_USERNAME: ${MONGODB_USERNAME} + MONGO_INITDB_PASSWORD: ${MONGODB_PASSWORD} + MONGO_INITDB_DATABASE: ${MONGODB_DB} + volumes: + - susunjadwal-mongo-stg:/data/db + ports: + - 27017:27017 + networks: + - public-web + + susunjadwal-backend-stg: + image: 638207107223.dkr.ecr.ap-southeast-1.amazonaws.com/susunjadwal-backend:latest + container_name: "${APP_NAME}_app" + labels: + caddy: stg.api.susunjadwal.ristek.cs.ui.ac.id + caddy.handle: /v1/* + caddy.handle.reverse_proxy: "{{upstreams 8005}}" + restart: unless-stopped + env_file: + - .env + ports: + - 8005:8000 + networks: + - public-web + depends_on: + - susunjadwal-mongo-stg + - susunjadwal-rmq-stg + +networks: + public-web: + external: true + +volumes: + susunjadwal-mongo-stg: + external: true diff --git a/deploy-stg/infisical.yml b/deploy-stg/infisical.yml new file mode 100644 index 0000000..e469640 --- /dev/null +++ b/deploy-stg/infisical.yml @@ -0,0 +1,4 @@ +infisical: + project_id: d49b238f-40b9-46fb-9863-21f79ce751fb + env: staging + path: /projects/susunjadwal/susunjadwal-backend diff --git a/deploy-stg/new_setup.py b/deploy-stg/new_setup.py new file mode 100644 index 0000000..e69de29