Merge pull request #18 from Vaansh/improvements #55
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: CI/CD | |
on: | |
push: | |
branches: | |
- main | |
# Environment variables local to this file | |
env: | |
PROJECT_ID: ${{ secrets.PROJECT_ID }} | |
IMAGE_NAME: gore | |
jobs: | |
# Build and push Docker image job | |
build_and_push: | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout repository | |
uses: actions/checkout@v2 | |
# Create .env file for the Docker image | |
- name: Make envfile | |
uses: SpicyPizza/create-envfile@v2.0 | |
with: | |
file_name: .env | |
envkey_INSTANCE_CONNECTION_NAME: ${{ secrets.INSTANCE_CONNECTION_NAME }} | |
envkey_PROJECT_ID: ${{ secrets.PROJECT_ID }} | |
envkey_DB_USER: ${{ secrets.DB_USER }} | |
envkey_DB_NAME: ${{ secrets.DB_NAME }} | |
envkey_DB_PASS: ${{ secrets.DB_PASS }} | |
envkey_GOOGLE_APPLICATION_CREDENTIALS: ${{ secrets.GOOGLE_APPLICATION_CREDENTIALS }} | |
envkey_BUCKET_NAME: ${{ secrets.BUCKET_NAME }} | |
envkey_LOCAL_LOG: "FALSE" | |
envkey_CLOUD_LOG: "TRUE" | |
envkey_LOG_NAME: ${{ secrets.LOG_NAME }} | |
envkey_YOUTUBE_API_KEY: ${{ secrets.YOUTUBE_API_KEY }} | |
envkey_ACCESS_TOKEN: ${{ secrets.ACCESS_TOKEN }} | |
envkey_API_AUTH_TOKEN: ${{ secrets.API_AUTH_TOKEN }} | |
# Create credentials JSON file | |
- name: Create credentials json file | |
uses: jsdaniell/create-json@v1.2.2 | |
with: | |
name: ${{ secrets.GOOGLE_APPLICATION_CREDENTIALS }} | |
json: ${{ secrets.GOOGLE_APPLICATION_CREDENTIALS_JSON }} | |
# Build the Docker image and push to Docker Hub | |
- name: Build and Push Docker image to Docker Hub | |
run: | | |
docker build -t gore . | |
docker tag gore ${{ secrets.DOCKER_USERNAME }}/gore:latest | |
docker login -u ${{ secrets.DOCKER_USERNAME }} -p ${{ secrets.DOCKER_PASSWORD }} | |
docker push ${{ secrets.DOCKER_USERNAME }}/gore:latest | |
# Authenticate and push the Docker image to DigitalOcean Container Registry | |
- name: Push Docker image to DigitalOcean Container Registry | |
run: | | |
doctl registry login --expiry-seconds 600 | |
docker tag gore:latest registry.digitalocean.com/gore/gore:latest | |
docker push registry.digitalocean.com/gore/gore:latest | |
# Deploy job | |
deploy: | |
runs-on: ubuntu-latest | |
needs: build_and_push | |
steps: | |
# SSH into instance, remove current instance, and start the newest image after pulling it from the registry | |
- name: Deploy to Digital Ocean droplet via SSH action | |
uses: appleboy/ssh-action@v0.1.10 | |
with: | |
host: ${{ secrets.DIGITAL_OCEAN_HOST }} | |
username: ${{ secrets.DIGITAL_OCEAN_USERNAME }} | |
key: ${{ secrets.SSHKEY }} | |
passphrase: ${{ secrets.PASSPHRASE }} | |
script: | | |
docker login -u ${{ secrets.DOCR_TOKEN }} -p ${{ secrets.DOCR_TOKEN }} registry.digitalocean.com | |
docker stop gore | |
docker rm gore | |
docker run -d -p 8080:8080 \ | |
--restart always \ | |
--name gore \ | |
registry.digitalocean.com/gore/gore:latest |