deploy_push #364
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: test_deplpoy | |
on: | |
push: | |
repository_dispatch: | |
types: [deploy_push] | |
jobs: | |
prep: | |
name: Prep | |
runs-on: ubuntu-latest | |
outputs: | |
build_cache_key: ${{ steps.prep_mardock_build_cache.outputs.key }} | |
build_cache_label: ${{ steps.prep_mardock_build_cache.outputs.label }} | |
steps: | |
# mardock の site build キャッシュのキー. | |
# 毎回異なる値にするためと、 | |
# 後続の job でも使うために output へ設定しておく. | |
- id: prep_mardock_build_cache | |
run: | | |
echo "::set-output name=key::$(date +%s%N)" | |
echo "::set-output name=label::mardock-build-cache" | |
push_universal_image_to_ghcr: | |
name: Push mardock universal image to GitHub Container Registry | |
needs: prep | |
if: ${{ github.event_name == 'push' && startsWith(github.ref, 'refs/heads/') }} | |
outputs: | |
universal_image_digest: ${{ steps.push_universal_image.outputs.digest }} | |
universal_prod_image_digest: ${{ steps.push_universal_prod_image.outputs.digest }} | |
runs-on: ubuntu-latest | |
# matrix に分割すると edge と edge_prod で runner_base の layer が | |
# 共有されない. 今回は共有されることを優先した. | |
# strategy: | |
# matrix: | |
# variant_suffix: ["", "_prod"] | |
steps: | |
- id: prep | |
run: | | |
TAG1="ghcr.io/${GITHUB_REPOSITORY}:$(date "+%Y-%m")-$(echo ${GITHUB_REF} | sed -e 's/refs\/heads\///; s/\//-/g')" | |
TAG2="ghcr.io/${GITHUB_REPOSITORY}:edge" | |
TAG3="ghcr.io/${GITHUB_REPOSITORY}:main" | |
test "${GITHUB_REF}" = "refs/heads/main" \ | |
&& TAGS="${TAG1}%0A${TAG2}%0A${TAG3}" \ | |
|| TAGS="${TAG1}%0A${TAG2}" | |
echo "::set-output name=tags::${TAGS}" | |
- id: prep_prod | |
run: | | |
TAG1="ghcr.io/${GITHUB_REPOSITORY}:$(date "+%Y-%m")-$(echo ${GITHUB_REF} | sed -e 's/refs\/heads\///; s/\//-/g')-prod" | |
TAG2="ghcr.io/${GITHUB_REPOSITORY}:edge-prod" | |
TAG3="ghcr.io/${GITHUB_REPOSITORY}:main-prod" | |
test "${GITHUB_REF}" = "refs/heads/main" \ | |
&& TAGS="${TAG1}%0A${TAG2}%0A${TAG3}" \ | |
|| TAGS="${TAG1}%0A${TAG2}" | |
echo "::set-output name=tags::${TAGS}" | |
- name: Check out the repo | |
uses: actions/checkout@v2 | |
- name: Copy files to docker/universal | |
run: cp -r package.json yarn.lock LICENSE scripts docker/universal/ | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@v1 | |
# https://github.com/docker/build-push-action/blob/master/docs/advanced/cache.md | |
- name: Cache Docker layers | |
uses: actions/cache@v3 | |
with: | |
path: /tmp/.buildx-cache | |
key: ${{ runner.os }}-buildx-universal1-${{ github.sha }} | |
restore-keys: | | |
${{ runner.os }}-buildx-universal1- | |
- name: Login to GitHub Container Registry | |
uses: docker/login-action@v1 | |
with: | |
registry: ghcr.io | |
username: ${{ github.repository_owner }} | |
password: ${{ secrets.GITHUB_TOKEN }} | |
- name: Cache builder stage | |
uses: docker/build-push-action@v2 | |
with: | |
context: ./docker/universal | |
build-args: | | |
NO_CACHE_CLONE=${{ github.sha }} | |
BRANCH=${{ github.ref }} | |
target: builder | |
cache-from: type=local,src=/tmp/.buildx-cache | |
cache-to: type=local,dest=/tmp/.buildx-cache-new | |
- name: Push Universal Image to GitHub Container Registry | |
id: push_universal_image | |
uses: docker/build-push-action@v2 | |
with: | |
context: ./docker/universal | |
build-args: | | |
NO_CACHE_CLONE=${{ github.sha }} | |
BRANCH=${{ github.ref }} | |
push: true | |
target: runner | |
tags: ${{ steps.prep.outputs.tags }} | |
# universal は edge をキャッシュとして使う. | |
# main とそれ以外のブランチで build されるので layer が共有 | |
# されると期待. | |
cache-from: type=registry,ref=ghcr.io/${{ github.repository}}:edge | |
cache-to: type=inline | |
- name: Push Universal prod Image to GitHub Container Registry | |
id: push_universal_prod_image | |
uses: docker/build-push-action@v2 | |
with: | |
context: ./docker/universal | |
build-args: | | |
NO_CACHE_CLONE=${{ github.sha }} | |
BRANCH=${{ github.ref }} | |
push: true | |
target: runner_prod | |
tags: ${{ steps.prep_prod.outputs.tags }} | |
# universal は edge をキャッシュとして使う. | |
# main とそれ以外のブランチで build されるので layer が共有 | |
# されると期待. | |
cache-from: type=registry,ref=ghcr.io/${{ github.repository}}:edge-prod | |
cache-to: type=inline | |
# Temp fix | |
# https://github.com/docker/build-push-action/issues/252 | |
# https://github.com/moby/buildkit/issues/1896 | |
- name: Move cache | |
run: | | |
rm -rf /tmp/.buildx-cache | |
mv /tmp/.buildx-cache-new /tmp/.buildx-cache | |
set_ids: | |
name: Set image ids from digest or tag | |
needs: [ push_universal_image_to_ghcr] | |
if: ${{ always() && !cancelled() }} | |
outputs: | |
universal_image_id: ${{ steps.formatter.outputs.id }} | |
universal_prod_image_id: ${{ steps.formatter.outputs.prod_id }} | |
runs-on: ubuntu-latest | |
steps: | |
- name: Set digest to outputs with prefix('@' or ':') | |
id: formatter | |
run: | | |
test "${GITHUB_EVENT_NAME}" = "push" \ | |
&& ID="@${DIGEST}" \ | |
|| ID=":main" | |
echo "::set-output name=id::${ID}" | |
test "${GITHUB_EVENT_NAME}" = "push" \ | |
&& PROD_ID="@${PROD_DIGEST}" \ | |
|| PROD_ID=":main-prod" | |
echo "::set-output name=prod_id::${PROD_ID}" | |
env: | |
DIGEST: ${{ needs.push_universal_image_to_ghcr.outputs.universal_image_digest }} | |
PROD_DIGEST: ${{ needs.push_universal_image_to_ghcr.outputs.universal_prod_image_digest }} | |
deploy_site_to_gh_pages: | |
name: Deploy site to GitHub Pages | |
needs: [prep, set_ids] | |
# スキップは継続させるが、落ちている(出力が無い)場合は継続しない. | |
if: ${{ needs.set_ids.outputs.universal_prod_image_id != '' && always() && !cancelled() }} | |
# CMS からのトリガーが重複(記事を手動で連続して公開した等) | |
# した場合を想定. | |
concurrency: | |
group: ${{ needs.set_ids.outputs.universal_image_id }} | |
cancel-in-progress: true | |
outputs: | |
success: ${{ steps.status.outputs.success }} | |
runs-on: ubuntu-latest | |
environment: ${{ github.ref == 'refs/heads/main' && 'pages' || 'pages-staging' }} | |
services: | |
mardock_builder: | |
image: ghcr.io/${{ github.repository }}${{ needs.set_ids.outputs.universal_image_id }} | |
volumes: | |
- /tmp/next:/home/mardock/mardock/.next | |
- /tmp/public:/home/mardock/mardock/public | |
- /tmp/mardock:/home/mardock/mardock/.mardock | |
options: --init | |
env: | |
GITHUB_REPOSITORY: ${{ github.repository }} | |
MARDOCK_KEEP_SERVICE: keep | |
LANG: ja_JP.UTF-8 | |
API_BASE_URL: ${{ secrets.API_BASE_URL }} | |
GET_API_KEY: ${{ secrets.GET_API_KEY }} | |
STAGING: ${{ github.ref == 'refs/heads/main' && '' || '1' }} | |
STAGING_DIR: ${{ secrets.STAGING_DIR }} | |
steps: | |
- name: check image id | |
run: | | |
echo "${IMAGE_ID}" | |
echo "${PROD_IMAGE_ID}" | |
env: | |
IMAGE_ID: ${{ needs.set_ids.outputs.universal_image_id }} | |
PROD_IMAGE_ID: ${{ needs.set_ids.outputs.universal_prod_image_id }} | |
# mardock の site build キャッシュ. | |
# key と restore-key の階層を一致させないことで毎回キャッシュを更新させる. | |
# (内容が変化しないときも更新がかかるので効率がわるい). | |
- name: Cache mardock build | |
uses: actions/cache@v3 | |
with: | |
path: /tmp/cache | |
key: ${{ runner.os }}-${{ needs.prep.outputs.build_cache_label }}-${{ needs.prep.outputs.build_cache_key }} | |
restore-keys: | | |
${{ runner.os }}-${{ needs.prep.outputs.build_cache_label }}- | |
- name: Restore mardock builder cahce into service container | |
run: | | |
docker exec -u root "${{ job.services.mardock_builder.id }}" chown 10000 .next public .mardock | |
test -f /tmp/cache/cache.tar.gz && cat /tmp/cache/cache.tar.gz | docker exec -i -u root "${{ job.services.mardock_builder.id }}" tar -zx -- || true | |
- name: Build site inside service container | |
run: | | |
docker exec "${{ job.services.mardock_builder.id }}" /docker-entrypoint build | |
- name: Send archived cache to runner file system | |
run: | | |
test -d /tmp/cache || mkdir /tmp/cache | |
docker exec "${{ job.services.mardock_builder.id }}" tar -cz .next public .mardock -- > /tmp/cache/cache.tar.gz | |
- name: Export site as static from service container | |
run: | | |
docker exec "${{ job.services.mardock_builder.id }}" /docker-entrypoint export | |
- name: Add nojekyll | |
run: | | |
docker exec "${{ job.services.mardock_builder.id }}" touch .mardock/out/.nojekyll | |
- name: Deploy to GitHub Pages | |
uses: peaceiris/actions-gh-pages@v3 | |
with: | |
github_token: ${{ secrets.GITHUB_TOKEN }} | |
publish_dir: /tmp/mardock/out | |
publish_branch: gh-pages | |
destination_dir: ${{ secrets.STAGING_DIR }} | |
force_orphan: ${{ github.ref == 'refs/heads/main' }} | |
- name: Set success to outputs | |
id: status | |
run: echo "::set-output name=success::true" | |
push_site_image_to_ghcr: | |
name: Push mardock site image to GitHub Container Registry | |
needs: [prep, set_ids, deploy_site_to_gh_pages] | |
# スキップは継続させるが、落ちている(出力が無い)場合は継続しない. | |
if: ${{ needs.deploy_site_to_gh_pages.outputs.success != '' && always() && !cancelled() }} | |
runs-on: ubuntu-latest | |
strategy: | |
# 各 variant(stage) で共通のデータもあるり(public ディレクトリ等)、 | |
# stage もある程度考慮しているが、matrix で build しているので | |
# layer が共通されない. 今回は諦めた. | |
matrix: | |
variant: | |
- suffix: "" | |
base_image_id: ${{ needs.set_ids.outputs.universal_prod_image_id }} | |
- suffix: "-with-cache" | |
base_image_id: ${{ needs.set_ids.outputs.universal_prod_image_id }} | |
- suffix: "-only-cache" | |
base_image_id: ${{ needs.set_ids.outputs.universal_image_id }} | |
steps: | |
- id: prep | |
run: | | |
TAG1="ghcr.io/${GITHUB_REPOSITORY}_site:$(date "+%Y-%m")-$(echo ${GITHUB_REF} | sed -e 's/refs\/heads\///; s/\//-/g')${VARIANT_SUFFIX}" | |
TAG2="ghcr.io/${GITHUB_REPOSITORY}_site:edge${VARIANT_SUFFIX}" | |
TAG3="ghcr.io/${GITHUB_REPOSITORY}_site:main${VARIANT_SUFFIX}" | |
test "${GITHUB_REF}" = "refs/heads/main" \ | |
&& TAGS="${TAG1}%0A${TAG2}%0A${TAG3}" \ | |
|| TAGS="${TAG1}%0A${TAG2}" | |
echo "::set-output name=tags::${TAGS}" | |
env: | |
VARIANT_SUFFIX: ${{ matrix.variant.suffix }} | |
- name: Check out the repo | |
uses: actions/checkout@v2 | |
# mardock の site build キャッシュ. | |
# deploy の job で保存されているので更新はされない. | |
- name: Cache mardock build | |
uses: actions/cache@v3 | |
with: | |
path: /tmp/cache | |
key: ${{ runner.os }}-${{ needs.prep.outputs.build_cache_label }}-${{ needs.prep.outputs.build_cache_key }} | |
restore-keys: | | |
${{ runner.os }}-${{ needs.prep.outputs.build_cache_label }}- | |
- name: Copy files to docker/site | |
run: cp -r /tmp/cache/cache.tar.gz docker/site/ | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@v1 | |
- name: Login to GitHub Container Registry | |
uses: docker/login-action@v1 | |
with: | |
registry: ghcr.io | |
username: ${{ github.repository_owner }} | |
password: ${{ secrets.GITHUB_TOKEN }} | |
- name: Push Site Image to GitHub Container Registry | |
uses: docker/build-push-action@v2 | |
with: | |
context: ./docker/site | |
build-args: | | |
BASE_IMAGE=ghcr.io/${{ github.repository }}${{ matrix.variant.base_image_id }} | |
push: true | |
target: site_runner${{ matrix.variant.suffix }} | |
tags: ${{ steps.prep.outputs.tags }} | |
#cache-from: type=local,src=/tmp/.buildx-cache | |
#cache-to: type=local,dest=/tmp/.buildx-cache-new | |
cache-from: type=registry,ref=ghcr.io/${{ github.repository}}_site:edge${{ matrix.variant.suffix }} | |
cache-to: type=inline |