update workflow #55
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Name of the workflow | |
| name: Create, Publish, and Deploy Docker Image | |
| # Configures this workflow to run every time a change is pushed to the branch called `praveshan`. | |
| on: | |
| push: | |
| branches: ['praveshan'] | |
| # Defines environment variables available to all jobs in the workflow. | |
| env: | |
| REGISTRY: ghcr.io | |
| IMAGE_NAME: ${{ github.repository }} | |
| # Defines the jobs that will run as part of the workflow. | |
| jobs: | |
| # JOB 1: Builds the Docker image and pushes it to the GitHub Container Registry. | |
| build-and-push-image: | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: read | |
| packages: write | |
| attestations: write | |
| id-token: write | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| - name: Log in to GitHub Container Registry | |
| uses: docker/login-action@65b78e6e13532edd9afa3aa52ac7964289d1a9c1 | |
| with: | |
| registry: ${{ env.REGISTRY }} | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Extract metadata (tags, labels) for Docker | |
| id: meta | |
| uses: docker/metadata-action@9ec57ed1fcdbf14dcef7dfbe97b2010124a938b7 | |
| with: | |
| images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} | |
| - name: Build and push Docker image | |
| id: push | |
| uses: docker/build-push-action@f2a1d5e99d037542a71f64918e516c093c6f3fc4 | |
| with: | |
| context: . | |
| push: true | |
| tags: ${{ steps.meta.outputs.tags }} | |
| labels: ${{ steps.meta.outputs.labels }} | |
| - name: Generate artifact attestation | |
| uses: actions/attest-build-provenance@v2 | |
| with: | |
| subject-name: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME}} | |
| subject-digest: ${{ steps.push.outputs.digest }} | |
| push-to-registry: true | |
| # JOB 2: Deploys the new image to your Virtual Machine. | |
| deploy: | |
| # This job will only run after the 'build-and-push-image' job is successful. | |
| needs: build-and-push-image | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Deploy with Docker Compose | |
| uses: appleboy/[email protected] | |
| with: | |
| host: ${{ secrets.VM_HOST }} | |
| username: ${{ secrets.VM_USERNAME }} | |
| key: ${{ secrets.VM_SSH_KEY }} | |
| script: | | |
| # --- DEPLOYMENT SCRIPT --- | |
| # 1. Navigate to the directory with your docker-compose.yml file. | |
| cd /home/s0lus/praveshan/ | |
| # 2. Set the TAG variable for docker-compose to use. | |
| export TAG=${{ github.ref_name }} | |
| # 3. Log in to GitHub Container Registry to pull the private image. | |
| echo ${{ secrets.GITHUB_TOKEN }} | docker login ghcr.io -u ${{ github.actor }} --password-stdin | |
| # 4. Pull the latest version of your backend image. | |
| docker pull ghcr.io/amfoss/ammentor-backend:$TAG | |
| # 5. Start the services. Docker Compose will see the new backend | |
| # image and intelligently recreate only that container. | |
| docker-compose up -d |