CD #244
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Using multiple workflow .yaml files | |
# https://stackoverflow.com/questions/64009546/how-to-run-multiple-github-actions-workflows-from-sub-directories | |
# TODO | |
# Preventing concurrent workflows (e.g. multiple merges to master at once) | |
# https://github.blog/changelog/2021-04-19-github-actions-limit-workflow-run-or-job-concurrency/ | |
# From: https://github.community/t/how-to-limit-concurrent-workflow-runs/16844/ | |
# If we decide to use Docker - Using local Dockerfile in pipeline: | |
# steps: | |
# - name: Check out code | |
# uses: actions/checkout@v3 | |
# - name: Build docker images | |
# run: docker build -t local < .devcontainer/Dockerfile # .devcontainer is the local path | |
# - name: Run tests | |
# run: docker run -it -v $PWD:/srv -w/srv local make test | |
# OR | |
# - name: Build docker images | |
# run: docker-compose build | |
# - name: Run tests | |
# run: docker-compose run test | |
# Ref: https://stackoverflow.com/questions/61154750/use-local-dockerfile-in-a-github-action | |
name: CD | |
# Multiple ways to do this, including: | |
on: | |
workflow_dispatch: | |
# Run after CI. Note that this is done here specifically because this repo doesn't utilize GitHub releases. | |
workflow_run: | |
branches: [ master ] | |
workflows: [ 'CI' ] | |
types: [ completed ] | |
# # 1. Publish your release in GitHub and have your pipeline | |
# # react to deploy the package | |
# release: | |
# types: [published] | |
# 2. Run the pipeline on merge to `master` and do the release/deploy then. | |
# pull_request: | |
# types: [ closed ] | |
# branches: [ master ] | |
# 3. Run on CI completion (the `if:` in the `deploy` job below would need updating accordingly) | |
# workflow_run: | |
# branches: [ master ] | |
# workflows: [ 'CI' ] | |
# types: [ completed ] | |
defaults: | |
run: | |
shell: bash | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
# See: | |
# - How to get creds: https://www.techielass.com/create-azure-credentials-for-use-in-github-actions/ | |
# - Alternative GitHub action: https://github.com/marketplace/actions/azure-cli-action | |
AZURE_CREDENTIALS: ${{ secrets.AZURE_CREDENTIALS }} | |
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
AWS_REGION: ${{ secrets.AWS_REGION }} | |
AWS_SSH_KEY: ${{ secrets.AWS_SSH_KEY }} | |
AWS_INSTANCE_URL: ${{ secrets.AWS_INSTANCE_URL }} | |
AWS_SERVER_KEYSTORE_PASSWORD: ${{ secrets.AWS_SERVER_KEYSTORE_PASSWORD }} | |
registryUrlDomain: ghcr.io | |
# Since Render.com isn't configurable and it decides to do whatever it wants, don't (re-)run | |
# the build/deploy commands here | |
jobs: | |
# cd-build: | |
# runs-on: ubuntu-latest | |
# steps: | |
# - name: Checkout repository branch | |
# uses: actions/checkout@v3 | |
# - uses: valeriangalliat/action-sshd-cloudflared@v1 | |
# - name: Deploy | |
# run: | | |
# ./index.sh dockerBuild | |
cd-publish-docker: | |
runs-on: ubuntu-latest | |
# Only run on merge to master: https://github.community/t/depend-on-another-workflow/16311/3 | |
if: ${{ github.event.pull_request.merged || github.ref == 'refs/heads/master' }} | |
outputs: | |
registryUrl: ${{ steps.cd-docker-output-vars.outputs.registryUrl }} | |
imageId: ${{ steps.cd-docker-output-vars.outputs.imageId }} | |
digest: ${{ steps.cd-docker-output-vars.outputs.digest }} | |
steps: | |
- name: Checkout repository branch | |
uses: actions/checkout@v3 | |
- name: CD:Docker - Cache name - Init | |
uses: ./.github/workflows/actions/cache-name | |
- name: CD:Docker - Download CI output | |
id: cd-docker-download-server-cache | |
uses: actions/cache/restore@v3 | |
continue-on-error: true | |
with: | |
path: | | |
./server/build/libs | |
key: ${{ env.SERVER_CACHE_ID }} | |
# Docker images are relatively large (this simple image is ~2 GB). | |
# Publishing them to GitHub saves them in the registry, not | |
# the repo's packages. | |
- name: CD:Docker - Build image | |
id: cd-docker-build-and-publish-image | |
uses: ./.github/workflows/actions/docker-publish | |
with: | |
GITHUB_TOKEN: ${{ env.GITHUB_TOKEN }} | |
registryUrlDomain: ${{ env.registryUrlDomain }} | |
- name: CD:Docker - Output published image info | |
id: cd-docker-output-vars | |
run: | | |
echo "registryUrl=${{ env.registryUrl }}" >> $GITHUB_OUTPUT | |
echo "imageId=${{ env.imageId }}" >> $GITHUB_OUTPUT | |
echo "digest=${{ env.digest }}" >> $GITHUB_OUTPUT | |
cd-deploy: | |
runs-on: ubuntu-latest | |
needs: [ cd-publish-docker ] | |
env: | |
registryUrl: ${{ needs.cd-publish-docker.outputs.registryUrl }} | |
imageId: ${{ needs.cd-publish-docker.outputs.imageId }} | |
digest: ${{ needs.cd-publish-docker.outputs.digest }} | |
steps: | |
- name: Checkout repository branch | |
uses: actions/checkout@v3 | |
- name: CD:Cache name - Init | |
uses: ./.github/workflows/actions/cache-name | |
- name: CD:Server - Download CI output | |
id: cd-deploy-download-server-cache | |
uses: actions/cache/restore@v3 | |
continue-on-error: true | |
with: | |
path: | | |
./server/build/libs | |
key: ${{ env.SERVER_CACHE_ID }} | |
- name: CD:Deploy - Login to Docker container registry | |
uses: docker/login-action@v2 | |
with: | |
registry: ${{ env.registryUrlDomain }} | |
username: ${{ github.actor }} | |
password: ${{ env.GITHUB_TOKEN }} | |
- name: CD:Deploy - Abort without fail if Docker image unchanged | |
shell: bash | |
run: | | |
if [[ -z "${{ env.imageId }}" ]]; then | |
exit | |
fi | |
- name: CD:AWS - Deploy | |
id: cd-aws-deploy | |
uses: ./.github/workflows/actions/deploy-aws | |
with: | |
GITHUB_TOKEN: ${{ env.GITHUB_TOKEN }} | |
registryUrl: ${{ env.registryUrl }} | |
AWS_ACCESS_KEY_ID: ${{ env.AWS_ACCESS_KEY_ID }} | |
AWS_SECRET_ACCESS_KEY: ${{ env.AWS_SECRET_ACCESS_KEY }} | |
AWS_REGION: ${{ env.AWS_REGION }} | |
AWS_SSH_KEY: ${{ env.AWS_SSH_KEY }} | |
AWS_INSTANCE_URL: ${{ env.AWS_INSTANCE_URL }} | |
AWS_SERVER_KEYSTORE_PASSWORD: ${{ env.AWS_SERVER_KEYSTORE_PASSWORD }} | |
# - name: CD:Azure - Deploy | |
# id: cd-azure-deploy | |
# uses: ./.github/workflows/actions/deploy-azure | |
# with: | |
# GITHUB_TOKEN: ${{ env.GITHUB_TOKEN }} | |
# registryUrl: ${{ env.registryUrl }} | |
# - name: Deploy application to Render.com | |
# run: | | |
# ls -FlAh | |
# ./index.sh deployRenderIO |