-
Notifications
You must be signed in to change notification settings - Fork 0
104 lines (87 loc) · 3.51 KB
/
cd.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
name: CD
on:
push:
branches:
- prod
jobs:
cd-build:
runs-on: ubuntu-20.04
steps:
- name: checkout
uses: actions/checkout@v3
- name: Set up Node.js
uses: actions/setup-node@v3
with:
node-version: 20
- name: install pnpm
run: npm i -g pnpm
- name: Caching dependencies
id: cache
uses: actions/cache@v3
with:
path: "**/node_modules"
key: ${{runner.os}}-node-${{ hashFiles('**/pnpm-lock.json')}}
restore-keys: |
${{ runner.os }}-node-
${{ runner.os }}
- name: Install package
if: steps.cache.outputs.cache-hit != 'true'
run: pnpm i --no-frozen-lockfile
- name: env set
run: |
touch .env
echo POSTGRESQL_DB=${{secrets.POSTGRESQL_DB}} >> .env
echo PORT=${{secrets.PORT}} >> .env
echo ORIGIN=${{secrets.ORIGIN}} >> .env
echo TESTING_TOKEN=${{secrets.TESTING_TOKEN}} >> .env
echo TESTING_PASSWORD=${{secrets.TESTING_PASSWORD}} >> .env
- name: prisma set
run: npx prisma generate --schema=src/prisma/schema.prisma
- name: docker
run: docker build --cache-from ${{ secrets.DOCKERHUB_USERNAME }}/admin-server:latest -t ${{ secrets.DOCKERHUB_USERNAME }}/admin-server:latest -f ./dockerfile ./
- name: Login to Docker Hub
uses: docker/login-action@v1
with:
username: ${{secrets.DOCKERHUB_USERNAME}}
password: ${{secrets.DOCKERHUB_PASSWORD}}
- name: push to Docker Hub
run: docker push ${{secrets.DOCKERHUB_USERNAME}}/admin-server:latest
- name: Get GitHub Actions IP
id: ip
uses: haythem/[email protected]
- name: configuring
uses: aws-actions/configure-aws-credentials@v4
with:
aws-region: ${{ secrets.AWS_REGION }}
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
- name: Add Github Actions IP to Security group
env:
AWS_DEFAULT_REGION: ${{ secrets.AWS_REGION }}
run: |
aws ec2 authorize-security-group-ingress \
--group-id ${{ secrets.AWS_EC2_SG_ID }} \
--protocol tcp --port 22 \
--cidr ${{ steps.ip.outputs.ipv4 }}/32 \
- name: EC2 Production Server Deploy
uses: appleboy/ssh-action@master
with:
host: ${{ secrets.PROD_AWS_HOST }}
port: ${{ secrets.AWS_PORT }}
username: ${{ secrets.PROD_AWS_USERNAME }}
key: ${{ secrets.PROD_AWS_SSH_KEY }}
script: |
sudo groupadd docker
sudo usermod -aG docker $USER
echo "${{ secrets.DOCKERHUB_PASSWORD }}" | docker login -u ${{ secrets.DOCKERHUB_USERNAME }} --password-stdin
sudo docker stop $(sudo docker ps -q --filter "ancestor=${{ secrets.DOCKERHUB_USERNAME }}/${{ secrets.DOCKERHUB_PASSWORD }}")
sudo docker rm -f $(sudo docker ps -a -f status=exited -q)
sudo docker pull ${{ secrets.DOCKERHUB_USERNAME }}/admin-server:latest
sudo docker run -d -p ${{ secrets.PORT }}:${{ secrets.PORT }} ${{ secrets.DOCKERHUB_USERNAME }}/admin-server:latest
sudo docker image prune -f
- name: Remove Github Actions IP From Security Group
run: |
aws ec2 revoke-security-group-ingress \
--group-id ${{ secrets.AWS_EC2_SG_ID }} \
--protocol tcp --port 22 \
--cidr ${{ steps.ip.outputs.ipv4 }}/32