Skip to content

CD

CD #244

Workflow file for this run

# Using multiple workflow .yaml files
# https://stackoverflow.com/questions/64009546/how-to-run-multiple-github-actions-workflows-from-sub-directories
# TODO
# Preventing concurrent workflows (e.g. multiple merges to master at once)
# https://github.blog/changelog/2021-04-19-github-actions-limit-workflow-run-or-job-concurrency/
# From: https://github.community/t/how-to-limit-concurrent-workflow-runs/16844/
# If we decide to use Docker - Using local Dockerfile in pipeline:
# steps:
# - name: Check out code
# uses: actions/checkout@v3
# - name: Build docker images
# run: docker build -t local < .devcontainer/Dockerfile # .devcontainer is the local path
# - name: Run tests
# run: docker run -it -v $PWD:/srv -w/srv local make test
# OR
# - name: Build docker images
# run: docker-compose build
# - name: Run tests
# run: docker-compose run test
# Ref: https://stackoverflow.com/questions/61154750/use-local-dockerfile-in-a-github-action
name: CD
# Multiple ways to do this, including:
on:
workflow_dispatch:
# Run after CI. Note that this is done here specifically because this repo doesn't utilize GitHub releases.
workflow_run:
branches: [ master ]
workflows: [ 'CI' ]
types: [ completed ]
# # 1. Publish your release in GitHub and have your pipeline
# # react to deploy the package
# release:
# types: [published]
# 2. Run the pipeline on merge to `master` and do the release/deploy then.
# pull_request:
# types: [ closed ]
# branches: [ master ]
# 3. Run on CI completion (the `if:` in the `deploy` job below would need updating accordingly)
# workflow_run:
# branches: [ master ]
# workflows: [ 'CI' ]
# types: [ completed ]
defaults:
run:
shell: bash
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
# See:
# - How to get creds: https://www.techielass.com/create-azure-credentials-for-use-in-github-actions/
# - Alternative GitHub action: https://github.com/marketplace/actions/azure-cli-action
AZURE_CREDENTIALS: ${{ secrets.AZURE_CREDENTIALS }}
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
AWS_REGION: ${{ secrets.AWS_REGION }}
AWS_SSH_KEY: ${{ secrets.AWS_SSH_KEY }}
AWS_INSTANCE_URL: ${{ secrets.AWS_INSTANCE_URL }}
AWS_SERVER_KEYSTORE_PASSWORD: ${{ secrets.AWS_SERVER_KEYSTORE_PASSWORD }}
registryUrlDomain: ghcr.io
# Since Render.com isn't configurable and it decides to do whatever it wants, don't (re-)run
# the build/deploy commands here
jobs:
# cd-build:
# runs-on: ubuntu-latest
# steps:
# - name: Checkout repository branch
# uses: actions/checkout@v3
# - uses: valeriangalliat/action-sshd-cloudflared@v1
# - name: Deploy
# run: |
# ./index.sh dockerBuild
cd-publish-docker:
runs-on: ubuntu-latest
# Only run on merge to master: https://github.community/t/depend-on-another-workflow/16311/3
if: ${{ github.event.pull_request.merged || github.ref == 'refs/heads/master' }}
outputs:
registryUrl: ${{ steps.cd-docker-output-vars.outputs.registryUrl }}
imageId: ${{ steps.cd-docker-output-vars.outputs.imageId }}
digest: ${{ steps.cd-docker-output-vars.outputs.digest }}
steps:
- name: Checkout repository branch
uses: actions/checkout@v3
- name: CD:Docker - Cache name - Init
uses: ./.github/workflows/actions/cache-name
- name: CD:Docker - Download CI output
id: cd-docker-download-server-cache
uses: actions/cache/restore@v3
continue-on-error: true
with:
path: |
./server/build/libs
key: ${{ env.SERVER_CACHE_ID }}
# Docker images are relatively large (this simple image is ~2 GB).
# Publishing them to GitHub saves them in the registry, not
# the repo's packages.
- name: CD:Docker - Build image
id: cd-docker-build-and-publish-image
uses: ./.github/workflows/actions/docker-publish
with:
GITHUB_TOKEN: ${{ env.GITHUB_TOKEN }}
registryUrlDomain: ${{ env.registryUrlDomain }}
- name: CD:Docker - Output published image info
id: cd-docker-output-vars
run: |
echo "registryUrl=${{ env.registryUrl }}" >> $GITHUB_OUTPUT
echo "imageId=${{ env.imageId }}" >> $GITHUB_OUTPUT
echo "digest=${{ env.digest }}" >> $GITHUB_OUTPUT
cd-deploy:
runs-on: ubuntu-latest
needs: [ cd-publish-docker ]
env:
registryUrl: ${{ needs.cd-publish-docker.outputs.registryUrl }}
imageId: ${{ needs.cd-publish-docker.outputs.imageId }}
digest: ${{ needs.cd-publish-docker.outputs.digest }}
steps:
- name: Checkout repository branch
uses: actions/checkout@v3
- name: CD:Cache name - Init
uses: ./.github/workflows/actions/cache-name
- name: CD:Server - Download CI output
id: cd-deploy-download-server-cache
uses: actions/cache/restore@v3
continue-on-error: true
with:
path: |
./server/build/libs
key: ${{ env.SERVER_CACHE_ID }}
- name: CD:Deploy - Login to Docker container registry
uses: docker/login-action@v2
with:
registry: ${{ env.registryUrlDomain }}
username: ${{ github.actor }}
password: ${{ env.GITHUB_TOKEN }}
- name: CD:Deploy - Abort without fail if Docker image unchanged
shell: bash
run: |
if [[ -z "${{ env.imageId }}" ]]; then
exit
fi
- name: CD:AWS - Deploy
id: cd-aws-deploy
uses: ./.github/workflows/actions/deploy-aws
with:
GITHUB_TOKEN: ${{ env.GITHUB_TOKEN }}
registryUrl: ${{ env.registryUrl }}
AWS_ACCESS_KEY_ID: ${{ env.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ env.AWS_SECRET_ACCESS_KEY }}
AWS_REGION: ${{ env.AWS_REGION }}
AWS_SSH_KEY: ${{ env.AWS_SSH_KEY }}
AWS_INSTANCE_URL: ${{ env.AWS_INSTANCE_URL }}
AWS_SERVER_KEYSTORE_PASSWORD: ${{ env.AWS_SERVER_KEYSTORE_PASSWORD }}
# - name: CD:Azure - Deploy
# id: cd-azure-deploy
# uses: ./.github/workflows/actions/deploy-azure
# with:
# GITHUB_TOKEN: ${{ env.GITHUB_TOKEN }}
# registryUrl: ${{ env.registryUrl }}
# - name: Deploy application to Render.com
# run: |
# ls -FlAh
# ./index.sh deployRenderIO