-
Notifications
You must be signed in to change notification settings - Fork 1
71 lines (60 loc) · 2.02 KB
/
deploy.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
---
name: Prod Deploy
on:
push:
branches: [main]
jobs:
wait-for-tests:
name: Wait for CI
runs-on: ubuntu-latest
steps:
- name: Wait for all other workflows
uses: lewagon/[email protected]
with:
ref: ${{ github.ref }}
running-workflow-name: Wait for CI
repo-token: ${{ secrets.GITHUB_TOKEN }}
wait-interval: 10
deploy:
name: Deploy
runs-on: ubuntu-latest
environment: production
needs: [wait-for-tests]
steps:
- uses: actions/checkout@v2
- name: dig +short myip.opendns.com @resolver1.opendns.com
run: dig +short myip.opendns.com @resolver1.opendns.com
- name: Add NSG Rule
uses: venura9/manage-nsg@master
id: rule
with:
azure-credentials: ${{ secrets.AZURE_CREDENTIALS }}
rule-nsg-resource-group-name: threes-game
rule-nsg-name: threes-server-nsg
rule-inbound-port: '22'
- name: Print Created NSG Rule Name
run: echo "Rule Name ${{ steps.rule.outputs.rule_name }}"
- name: Run Deploy Playbook
uses: dawidd6/action-ansible-playbook@v2
with:
playbook: deploy.yml
directory: ./infra/ansible
key: ${{ secrets.APP_SERVER_SSH_PRIVATE_KEY }}
inventory: |
[all]
${{ vars.APP_SERVER_HOSTNAME }} ansible_connection=ssh ansible_user=app_server_user
requirements: galaxy-requirements.yml
options: |
-e AZ_SP_ID=${{ secrets.AZ_SP_ID }}
-e AZ_SP_PW=${{ secrets.AZ_SP_PW }}
-e AZ_SP_TENANT=${{ secrets.AZ_SP_TENANT }}
-e AZ_VAULT=${{ secrets.AZ_VAULT }}
--verbose
- name: Remove NSG Rule
uses: venura9/manage-nsg@master
if: always()
with:
azure-credentials: ${{ secrets.AZURE_CREDENTIALS }}
rule-id-for-removal: ${{ steps.rule.outputs.rule_name }}
rule-nsg-resource-group-name: threes-game
rule-nsg-name: threes-server-nsg