feat: deploy to digital ocean #45
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: CI/CD | |
on: | |
push: | |
branches: | |
- '*' # main | |
pull_request: | |
env: | |
PROJECT_ID: ${{ secrets.PROJECT_ID }} | |
IMAGE_NAME: gore | |
jobs: | |
build_and_push: | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout repository | |
uses: actions/checkout@v2 | |
# In order for the docker image we build to have the .env variables and credentials | |
- name: Make envfile | |
uses: SpicyPizza/create-envfile@v2.0 | |
with: | |
file_name: .env | |
envkey_PROJECT_ID: ${{ secrets.PROJECT_ID }} | |
envkey_INSTANCE_CONNECTION_NAME: ${{ secrets.INSTANCE_CONNECTION_NAME }} | |
envkey_DB_USER: ${{ secrets.DB_USER }} | |
envkey_DB_NAME: ${{ secrets.DB_NAME }} | |
envkey_DB_PASS: ${{ secrets.DB_PASS }} | |
envkey_GOOGLE_APPLICATION_CREDENTIALS: ${{ secrets.GOOGLE_APPLICATION_CREDENTIALS }} | |
envkey_BUCKET_NAME: ${{ secrets.BUCKET_NAME }} | |
envkey_LOCAL_LOG: "FALSE" | |
envkey_CLOUD_LOG: "TRUE" | |
envkey_LOG_NAME: ${{ secrets.LOG_NAME }} | |
envkey_YOUTUBE_API_KEY: ${{ secrets.YOUTUBE_API_KEY }} | |
envkey_ACCESS_TOKEN: ${{ secrets.ACCESS_TOKEN }} | |
envkey_API_AUTH_TOKEN: ${{ secrets.API_AUTH_TOKEN }} | |
- name: Create credentials json file | |
uses: jsdaniell/create-json@v1.2.2 | |
with: | |
name: ${{ secrets.GOOGLE_APPLICATION_CREDENTIALS }} | |
json: ${{ secrets.GOOGLE_APPLICATION_CREDENTIALS_JSON }} | |
- name: Build Docker image | |
run: docker build -t gore . | |
# Deploy the docker image only if the PR was merged | |
- name: Check if PR was merged | |
run: | | |
if [ "${{ github.event.pull_request.merged }}" == "true" ]; then | |
echo "PR was merged." | |
else | |
echo "PR was closed without merging." | |
exit 0 | |
fi | |
# Push Docker image to Docker Hub (it is a private image, hosted there for my own reference) | |
- name: Tag Docker image for Docker Hub | |
run: docker tag gore ${{ secrets.DOCKER_USERNAME }}/gore:latest | |
- name: Push Docker image to Docker Hub | |
run: docker login -u ${{ secrets.DOCKER_USERNAME }} -p ${{ secrets.DOCKER_PASSWORD }} && docker push ${{ secrets.DOCKER_USERNAME }}/gore:latest | |
# Push Docker image to DigitalOcean Container Registry | |
- name: Install doctl | |
uses: digitalocean/action-doctl@v2 | |
with: | |
token: ${{ secrets.DOCR_TOKEN }} | |
- name: Log in to DigitalOcean Container Registry | |
run: doctl registry login --expiry-seconds 600 | |
- name: Tag Docker image for DigitalOcean Container Registry | |
run: docker tag gore:latest registry.digitalocean.com/gore/gore:latest | |
- name: Push Docker image to DigitalOcean Container Registry | |
run: docker push registry.digitalocean.com/gore/gore:latest | |
deploy: | |
runs-on: ubuntu-latest | |
needs: build_and_push | |
steps: | |
- name: Deploy to Digital Ocean droplet via SSH action | |
uses: appleboy/ssh-action@v0.1.10 | |
with: | |
host: ${{ secrets.DIGITAL_OCEAN_HOST }} | |
username: ${{ secrets.DIGITAL_OCEAN_USERNAME }} | |
key: ${{ secrets.SSHKEY }} | |
passphrase: ${{ secrets.PASSPHRASE }} | |
script: | | |
docker login -u ${{ secrets.DOCR_TOKEN }} -p ${{ secrets.DOCR_TOKEN }} registry.digitalocean.com | |
docker stop gore | |
docker rm gore | |
docker run -d -p 8080:8080 \ | |
--restart always \ | |
--name gore \ | |
registry.digitalocean.com/gore/gore:latest |