Merge pull request #54 from amfoss/praveshan-develop #33
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Inspired the workflow from https://faun.pub/full-ci-cd-with-docker-github-actions-digitalocean-droplets-container-registry-db2938db8246 | |
| name: CI | |
| # 1 | |
| # Controls when the workflow will run | |
| on: | |
| # Triggers the workflow on push events but only for the master branch | |
| push: | |
| branches: [ praveshan ] | |
| # Allows you to run this workflow manually from the Actions tab | |
| workflow_dispatch: | |
| inputs: | |
| version: | |
| description: 'Image version' | |
| required: true | |
| #2 | |
| env: | |
| REGISTRY: "registry.digitalocean.com/praveshan" | |
| IMAGE_NAME: "ammentor-backend-praveshan" | |
| #3 | |
| jobs: | |
| build_and_push: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout the repo | |
| uses: actions/checkout@v2 | |
| - name: List files in repository | |
| run: ls -laR | |
| - name: Build container image | |
| # This now builds the image with both the commit tag and the 'latest' tag | |
| run: docker build -t $(echo $REGISTRY)/$(echo $IMAGE_NAME):$(echo $GITHUB_SHA | head -c7) -t $(echo $REGISTRY)/$(echo $IMAGE_NAME):latest . | |
| - name: Install doctl | |
| uses: digitalocean/action-doctl@v2 | |
| with: | |
| token: ${{ secrets.DIGITALOCEAN_ACCESS_TOKEN }} | |
| - name: Log in to DigitalOcean Container Registry with short-lived credentials | |
| run: doctl registry login --expiry-seconds 600 | |
| - name: Remove all old images | |
| run: if [ ! -z "$(doctl registry repository list | grep "$(echo $IMAGE_NAME)")" ]; then doctl registry repository delete-manifest $(echo $IMAGE_NAME) $(doctl registry repository list-tags $(echo $IMAGE_NAME) | grep -o "sha.*") --force; else echo "No repository"; fi | |
| - name: Push image to DigitalOcean Container Registry | |
| # This now pushes both the commit tag and the 'latest' tag | |
| run: | | |
| docker push $(echo $REGISTRY)/$(echo $IMAGE_NAME):$(echo $GITHUB_SHA | head -c7) | |
| docker push $(echo $REGISTRY)/$(echo $IMAGE_NAME):latest | |
| deploy: | |
| runs-on: ubuntu-latest | |
| needs: build_and_push | |
| steps: | |
| - name: Checkout the repo | |
| uses: actions/checkout@v2 | |
| - name: Copy docker-compose.yml to Droplet | |
| uses: appleboy/scp-action@master | |
| with: | |
| host: ${{ secrets.HOST }} | |
| username: ${{ secrets.USERNAME }} | |
| key: ${{ secrets.SSHKEY }} | |
| passphrase: ${{ secrets.PASSPHRASE }} | |
| source: "docker-compose.yml" | |
| target: "myapp" | |
| - name: Deploy to Digital Ocean droplet via SSH action | |
| uses: appleboy/ssh-action@master | |
| with: | |
| host: ${{ secrets.HOST }} | |
| username: ${{ secrets.USERNAME }} | |
| key: ${{ secrets.SSHKEY }} | |
| passphrase: ${{ secrets.PASSPHRASE }} | |
| envs: IMAGE_NAME,REGISTRY,{{ secrets.DIGITALOCEAN_ACCESS_TOKEN }},GITHUB_SHA | |
| script: | | |
| # Navigate to the app directory | |
| cd myapp | |
| # Create the .env file from the GitHub Secret | |
| echo "${{ secrets.DOT_ENV_FILE }}" > .env | |
| # Login to registry | |
| docker login -u ${{ secrets.DIGITALOCEAN_ACCESS_TOKEN }} -p ${{ secrets.DIGITALOCEAN_ACCESS_TOKEN }} registry.digitalocean.com | |
| # Update the image definition in docker-compose.yml to use the new tag | |
| # This makes sure we run the exact version we just built | |
| sed -i 's|image: .*|image: $(echo $REGISTRY)/$(echo $IMAGE_NAME):$(echo $GITHUB_SHA | head -c7)|' docker-compose.yml | |
| # Pull the new backend image | |
| docker compose pull backend | |
| # Stop and recreate ONLY the backend service with the new image | |
| docker compose up -d --no-deps backend |