Update build_hash #4
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Build and Deploy | |
on: | |
push: | |
branches: | |
- main | |
schedule: | |
- cron: '0 3 * * *' | |
repository_dispatch: | |
types: [trigger-workflow] | |
permissions: write-all | |
concurrency: | |
group: ${{ github.workflow }}-${{ github.ref }} | |
cancel-in-progress: true | |
env: | |
PNPM_VERSION: 9.x.x | |
HASH_FILE: build_hash | |
jobs: | |
prepare: | |
name: Prepare | |
runs-on: ubuntu-latest | |
if: ${{ github.event.head_commit.message != 'Update hash file' }} | |
outputs: | |
hash_content: ${{ steps.read_hash.outputs.hash_content }} | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Read HASH_FILE content | |
id: read_hash | |
run: | | |
content=$(cat ${{ env.HASH_FILE }}) || true | |
echo "hash_content=$content" >> "$GITHUB_OUTPUT" | |
check: | |
name: Check Should Rebuild | |
runs-on: ubuntu-latest | |
needs: prepare | |
outputs: | |
canceled: ${{ steps.use_content.outputs.canceled }} | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
repository: innei-dev/shiroi | |
token: ${{ secrets.GH_PAT }} # `GH_PAT` is a secret that contains your PAT | |
fetch-depth: 0 | |
lfs: true | |
- name: Use content from prev job and compare | |
id: use_content | |
env: | |
FILE_HASH: ${{ needs.prepare.outputs.hash_content }} | |
run: | | |
file_hash=$FILE_HASH | |
current_hash=$(git rev-parse --short HEAD) | |
echo "File Hash: $file_hash" | |
echo "Current Git Hash: $current_hash" | |
if [ "$file_hash" == "$current_hash" ]; then | |
echo "Hashes match. Stopping workflow." | |
echo "canceled=true" >> $GITHUB_OUTPUT | |
else | |
echo "Hashes do not match. Continuing workflow." | |
fi | |
build: | |
name: Build artifact | |
runs-on: ubuntu-latest | |
needs: check | |
if: ${{needs.check.outputs.canceled != 'true'}} | |
strategy: | |
matrix: | |
node-version: [20.x] | |
outputs: | |
sha_short: ${{ steps.store.outputs.sha_short }} | |
branch: ${{ steps.store.outputs.branch }} | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
repository: innei-dev/shiroi | |
token: ${{ secrets.GH_PAT }} # `GH_PAT` is a secret that contains your PAT | |
fetch-depth: 0 | |
lfs: true | |
- name: Checkout LFS objects | |
run: git lfs checkout | |
- uses: pnpm/action-setup@v2 | |
with: | |
version: ${{ env.PNPM_VERSION }} | |
- name: Use Node.js ${{ matrix.node-version }} | |
uses: actions/setup-node@v4 | |
with: | |
node-version: ${{ matrix.node-version }} | |
cache: 'pnpm' | |
- name: Install dependencies | |
run: pnpm install | |
- uses: actions/cache@v4 | |
with: | |
path: | | |
~/.npm | |
${{ github.workspace }}/.next/cache | |
# Generate a new cache whenever packages or source files change. | |
key: ${{ runner.os }}-nextjs-${{ hashFiles('**/pnpm-lock.yaml') }}-${{ hashFiles('**/*.js', '**/*.jsx', '**/*.ts', '**/*.tsx') }} | |
# If source files changed but packages didn't, rebuild from a prior cache. | |
restore-keys: | | |
${{ runner.os }}-nextjs-${{ hashFiles('**/pnpm-lock.yaml') }}- | |
- name: Build project | |
run: | | |
sh ./ci-release-build.sh | |
# - uses: actions/upload-artifact@v4 | |
# with: | |
# name: dist | |
# path: assets/release.zip | |
# retention-days: 7 | |
- name: Cache Build Artifacts | |
id: cache-primes | |
uses: actions/cache/save@v4 | |
with: | |
path: assets | |
key: ${{ github.run_number }}-release | |
- name: Store artifact commit version | |
shell: bash | |
id: store | |
run: | | |
sha_short=$(git rev-parse --short HEAD) | |
branch_name=$(git rev-parse --abbrev-ref HEAD) | |
echo "sha_short=$sha_short" >> "$GITHUB_OUTPUT" | |
echo "branch=$branch_name" >> "$GITHUB_OUTPUT" | |
deploy: | |
name: Deploy artifact | |
runs-on: ubuntu-latest | |
needs: build | |
steps: | |
# - name: Download artifact | |
# uses: actions/download-artifact@v4 | |
# with: | |
# name: dist | |
- name: Restore cached Build Artifacts | |
id: cache-primes-restore | |
uses: actions/cache/restore@v4 | |
with: | |
path: | | |
assets | |
key: ${{ github.run_number }}-release | |
- name: Move assets to root | |
run: mv assets/release.zip release.zip | |
- name: copy file via ssh password | |
uses: appleboy/[email protected] | |
with: | |
host: ${{ secrets.HOST }} | |
username: ${{ secrets.USER }} | |
password: ${{ secrets.PASSWORD }} | |
key: ${{ secrets.KEY }} | |
port: ${{ secrets.PORT }} | |
source: 'release.zip' | |
target: '/tmp/shiro' | |
- name: Exec deploy script with SSH | |
uses: appleboy/ssh-action@master | |
with: | |
command_timeout: 5m | |
host: ${{ secrets.HOST }} | |
username: ${{ secrets.USER }} | |
password: ${{ secrets.PASSWORD }} | |
key: ${{ secrets.KEY }} | |
port: ${{ secrets.PORT }} | |
script_stop: true | |
script: | | |
set -e | |
source $HOME/.bashrc | |
basedir=$HOME/shiro | |
workdir=$basedir/${{ github.run_number }} | |
mkdir -p $workdir | |
mkdir -p $basedir/.cache | |
mv /tmp/shiro/release.zip $workdir/release.zip | |
rm -r /tmp/shiro | |
cd $workdir | |
unzip -qq -o $workdir/release.zip | |
rm -rf $workdir/standalone/.env | |
ln -s $HOME/shiro/.env $workdir/standalone/.env | |
export NEXT_SHARP_PATH=$(npm root -g)/sharp | |
# copy workdir ecosystem.config.js to basedir if not exists | |
if [ ! -f $basedir/ecosystem.config.js ]; then | |
cp $workdir/standalone/ecosystem.config.js $basedir/ecosystem.config.js | |
fi | |
# https://github.com/Unitech/pm2/issues/3054 | |
# symlink workdir node entry file to basedir | |
ln -sf $workdir/standalone/server.js $basedir/server.js | |
mkdir -p $workdir/standalone/.next | |
rm -rf $workdir/standalone/.next/cache | |
ln -sf $basedir/.cache $workdir/standalone/.next/cache | |
cd $basedir | |
pm2 reload ecosystem.config.js --update-env | |
rm $workdir/release.zip | |
pm2 save | |
echo "Deployed successfully" | |
- name: After deploy script | |
run: | | |
hash=${{ needs.build.outputs.sha_short }} | |
# curl -X "POST" "https://mx.innei.in/api/v2/fn/shiro/new-version-hook" -H 'Content-Type: application/json' -d "{\"hash\": \"$hash\", \"key\": \"\"}" | |
${{ secrets.AFTER_DEPLOY_SCRIPT }} | |
store: | |
name: Store artifact commit version | |
runs-on: ubuntu-latest | |
needs: [deploy, build] | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
with: | |
persist-credentials: false # otherwise, the token used is the GITHUB_TOKEN, instead of your personal token | |
fetch-depth: 0 # otherwise, you will failed to push refs to dest repo | |
# Get the commit version from the build job | |
- name: Use outputs from build | |
env: | |
SHA_SHORT: ${{ needs.build.outputs.sha_short }} | |
BRANCH: ${{ needs.build.outputs.branch }} | |
run: | | |
echo "SHA Short from build: $SHA_SHORT" | |
echo "Branch from build: $BRANCH" | |
- name: Write hash to file | |
env: | |
SHA_SHORT: ${{ needs.build.outputs.sha_short }} | |
run: echo $SHA_SHORT > ${{ env.HASH_FILE }} | |
- name: Commit files | |
run: | | |
git config --local user.email "41898282+github-actions[bot]@users.noreply.github.com" | |
git config --local user.name "github-actions[bot]" | |
git add ${{ env.HASH_FILE }} | |
git commit -a -m "Update hash file" | |
- name: Push changes | |
uses: ad-m/github-push-action@master | |
with: | |
github_token: ${{ secrets.GITHUB_TOKEN }} | |
branch: ${{ github.ref }} |