Deploy production #1024
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Deploy production | |
on: | |
workflow_dispatch: ~ | |
schedule: | |
- cron: '30 7 * * 1,2,3,4,5' # At 08:30 (UTC, => 08:30 / 09:30 in Europe/Paris depending on the DST), each day of the week. | |
push: | |
branches: | |
- master | |
concurrency: | |
group: ${{ github.workflow }}-${{ github.ref }} | |
cancel-in-progress: true | |
jobs: | |
deploy-production: | |
name: 'π§ Build & deploy π' | |
runs-on: ubuntu-latest | |
timeout-minutes: 10 | |
environment: | |
name: production | |
url: ${{ vars.WEBSITE_URL }} | |
steps: | |
- name: 'Checkout' | |
uses: actions/checkout@v4 | |
- name: 'Configure deployer SSH key' | |
uses: webfactory/ssh-agent@v0.8.0 | |
with: | |
ssh-private-key: ${{ secrets.SSH_DEPLOY_KEY_PRODUCTION }} | |
# https://github.com/actions/setup-node | |
- name: 'Setup node' | |
uses: actions/setup-node@v3 | |
with: | |
node-version: '16' | |
cache: 'npm' | |
- name: 'Setup PHP' | |
uses: shivammathur/setup-php@v2 | |
with: | |
coverage: "none" | |
ini-values: "memory_limit=-1" | |
php-version: "8.1" | |
- name: 'Cache resized images' | |
uses: actions/cache@v3 | |
with: | |
path: public/resized | |
key: resized-images-${{ github.workflow }}-${{ secrets.CACHE_VERSION }} | |
- name: 'Determine composer cache directory' | |
id: composer-cache | |
run: echo "dir=$(composer config cache-files-dir)" >> $GITHUB_OUTPUT | |
- name: 'Cache composer dependencies' | |
uses: actions/cache@v3 | |
with: | |
path: ${{ steps.composer-cache.outputs.dir }} | |
key: ${{ runner.os }}-composer-${{ hashFiles('**/composer.lock') }} | |
restore-keys: ${{ runner.os }}-composer- | |
- name: 'Install dependencies' | |
run: | | |
echo "::group::composer install" | |
composer install --no-progress --ansi | |
echo "::endgroup::" | |
echo "::group::npm install" | |
npm install --color=always --no-progress --no-audit --no-fund | |
echo "::endgroup::" | |
- name: 'Warmup' | |
run: | | |
echo "::group::warmup production env" | |
npx encore production --color | |
bin/console cache:clear --ansi | |
bin/console cache:warmup --ansi | |
echo "::endgroup::" | |
env: | |
APP_ENV: prod | |
- name: 'Build static site' | |
run: | | |
bin/console stenope:build --no-interaction -vv --ansi --ignore-content-not-found | |
bin/console app:generate-redirections --target=site --no-interaction -vv --ansi > build/redirections-site.conf | |
bin/console app:generate-redirections --target=blog --no-interaction -vv --ansi > build/redirections-blog.conf | |
env: | |
APP_ENV: prod | |
ROUTER_DEFAULT_URI: ${{ vars.WEBSITE_URL }} | |
INCLUDE_SAMPLES: 0 | |
SHOW_UNPUBLISHED_ARTICLES: 0 | |
MATOMO_ID: ${{ vars.MATOMO_ID }} | |
- name: 'π Deploy' | |
run: | | |
rsync build/ ${{ secrets.DEPLOY_USER }}@${{ secrets.DEPLOY_HOST }}:${{ vars.DEPLOY_PATH }} \ | |
--human-readable \ | |
--compress \ | |
--archive \ | |
--delete \ | |
--rsh "ssh -o StrictHostKeyChecking=no" \ | |
--itemize-changes \ | |
; | |
- name: 'Reload Nginx config' | |
run: ssh ${{ secrets.DEPLOY_USER }}@${{ secrets.DEPLOY_HOST }} 'sudo /bin/systemctl reload nginx' |