Trigger new workflow #49
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Name of the workflow | |
| name: Create, Publish, and Deploy Docker Image | |
| # Configures this workflow to run every time a change is pushed to the branch called `praveshan`. | |
| on: | |
| push: | |
| branches: ['praveshan'] | |
| # Defines environment variables available to all jobs in the workflow. | |
| env: | |
| REGISTRY: ghcr.io | |
| IMAGE_NAME: ${{ github.repository }} | |
| # Defines the jobs that will run as part of the workflow. | |
| jobs: | |
| # JOB 1: Builds the Docker image and pushes it to the GitHub Container Registry. | |
| build-and-push-image: | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: read | |
| packages: write | |
| attestations: write | |
| id-token: write | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| - name: Log in to GitHub Container Registry | |
| uses: docker/login-action@65b78e6e13532edd9afa3aa52ac7964289d1a9c1 | |
| with: | |
| registry: ${{ env.REGISTRY }} | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Extract metadata (tags, labels) for Docker | |
| id: meta | |
| uses: docker/metadata-action@9ec57ed1fcdbf14dcef7dfbe97b2010124a938b7 | |
| with: | |
| images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} | |
| - name: Build and push Docker image | |
| id: push | |
| uses: docker/build-push-action@f2a1d5e99d037542a71f64918e516c093c6f3fc4 | |
| with: | |
| context: . | |
| push: true | |
| tags: ${{ steps.meta.outputs.tags }} | |
| labels: ${{ steps.meta.outputs.labels }} | |
| - name: Generate artifact attestation | |
| uses: actions/attest-build-provenance@v2 | |
| with: | |
| subject-name: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME}} | |
| subject-digest: ${{ steps.push.outputs.digest }} | |
| push-to-registry: true | |
| # JOB 2: Deploys the new image to your Virtual Machine. | |
| deploy: | |
| # This job will only run after the 'build-and-push-image' job is successful. | |
| needs: build-and-push-image | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: SSH into VM and redeploy | |
| uses: appleboy/ssh-action@master | |
| with: | |
| host: ${{ secrets.VM_HOST }} | |
| username: ${{ secrets.VM_USERNAME }} | |
| key: ${{ secrets.SSH_KEY }} | |
| script: | | |
| # Pull the image tagged with the specific branch name (e.g., 'praveshan') | |
| docker pull ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ github.ref_name }} | |
| # Stop and remove the old container to avoid conflicts | |
| docker stop my-app-container || true | |
| docker rm my-app-container || true | |
| # Run the new container using the correct image tag | |
| docker run -d \ | |
| --restart always \ | |
| -p 8080:80 \ | |
| --name my-app-container \ | |
| ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ github.ref_name }} |