Merge pull request #768 from informatyzacja/dependabot/npm_and_yarn/b… #360
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CD | |
| on: | |
| push: | |
| branches: | |
| - main | |
| jobs: | |
| deploy: | |
| name: Deploy | |
| runs-on: ubuntu-latest | |
| environment: | |
| name: production | |
| url: https://parlament.samorzad.pwr.edu.pl | |
| steps: | |
| - name: Wait for build | |
| uses: lewagon/wait-on-check-action@v1.3.1 | |
| with: | |
| ref: ${{ github.sha }} | |
| repo-token: ${{ secrets.GITHUB_TOKEN }} | |
| running-workflow-name: wait-for-check-regexp | |
| check-regexp: build.? | |
| - name: Deploy to remote host | |
| uses: appleboy/ssh-action@v0.1.10 | |
| env: | |
| CI: true | |
| with: | |
| host: ${{ secrets.HOST }} | |
| username: ${{ secrets.USERNAME }} | |
| key: ${{ secrets.KEY }} | |
| port: ${{ secrets.PORT }} | |
| proxy_host: ${{ secrets.PROXY_HOST }} | |
| proxy_username: ${{ secrets.PROXY_USERNAME }} | |
| proxy_key: ${{ secrets.KEY }} | |
| envs: CI | |
| script: | | |
| cd ${{ secrets.APP_DIR }} | |
| git pull | |
| rm .env | |
| touch .env | |
| echo DATABASE_HOST="postgres" >> .env | |
| echo DATABASE_NAME="${{ secrets.DATABASE_NAME }}" >> .env | |
| echo DATABASE_USERNAME="${{ secrets.DATABASE_USERNAME }}" >> .env | |
| echo DATABASE_PASSWORD="${{ secrets.DATABASE_PASSWORD }}" >> .env | |
| echo DATABASE_FOLDER="${{ secrets.DATABASE_FOLDER }}" >> .env | |
| echo NEXT_PUBLIC_API_URL="${{ vars.NEXT_PUBLIC_API_URL }}" >> .env | |
| echo NEXT_PUBLIC_OAUTH_DOMAIN="${{ vars.NEXT_PUBLIC_OAUTH_DOMAIN }}" >> .env | |
| echo NEXT_PUBLIC_USOS_BASE_URL="${{ vars.NEXT_PUBLIC_USOS_BASE_URL }}" >> .env | |
| echo NEXT_PUBLIC_USOS_SCOPES="${{ vars.NEXT_PUBLIC_USOS_SCOPES }}" >> .env | |
| echo NEXT_PUBLIC_USOS_FIELDS="${{ vars.NEXT_PUBLIC_USOS_FIELDS }}" >> .env | |
| echo NEXTAUTH_URL="${{ vars.NEXTAUTH_URL }}" >> .env | |
| echo NEXTAUTH_SECRET="${{ secrets.NEXTAUTH_SECRET }}" >> .env | |
| echo USOS_CLIENT_ID="${{ secrets.USOS_CLIENT_ID }}" >> .env | |
| echo USOS_CLIENT_SECRET="${{ secrets.USOS_CLIENT_SECRET }}" >> .env | |
| echo NODE_ENV="production" >> .env | |
| echo STRAPI_URL="${{ vars.NEXT_PUBLIC_API_URL }}" >> .env | |
| echo WEB_URL="${{ vars.NEXTAUTH_URL }}" >> .env | |
| echo JWT_SECRET="${{ secrets.JWT_SECRET }}" >> .env | |
| echo STRAPI_PUBLIC_FOLDER_FOR_DOCKER="${{ secrets.STRAPI_PUBLIC_FOLDER }}" >> .env | |
| echo API_TOKEN_SALT="${{ secrets.API_TOKEN_SALT }}" >> .env | |
| echo AUTH_SECRET="${{ secrets.AUTH_SECRET }}" >> .env | |
| docker compose pull && docker compose up -d | |
| docker system prune -f | |
| release: | |
| name: Release | |
| runs-on: ubuntu-latest | |
| needs: deploy | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v3 | |
| with: | |
| fetch-depth: 0 | |
| persist-credentials: false | |
| - name: Setup node | |
| uses: actions/setup-node@v3 | |
| with: | |
| node-version: 20 | |
| cache: 'yarn' | |
| - name: Setup yarn | |
| run: yarn set version 3.6.1 | |
| - name: Install deps | |
| uses: ./.github/actions/yarn-install | |
| - name: Release | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.CI_GITHUB_TOKEN }} | |
| GIT_AUTHOR_NAME: ${{ vars.GIT_AUTHOR_NAME }} | |
| GIT_AUTHOR_EMAIL: ${{ vars.GIT_AUTHOR_EMAIL }} | |
| GIT_COMMITTER_NAME: ${{ vars.GIT_COMMITTER_NAME }} | |
| GIT_COMMITTER_EMAIL: ${{ vars.GIT_COMMITTER_EMAIL }} | |
| run: yarn semantic-release |