nginx WIP #300
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# This is a workflow which builds image and deploys to DO | |
name: CI/CD pipeline | |
on: | |
push: | |
branches: [master] | |
paths: | |
- '.github/workflows/**' | |
- 'compose/production/**' | |
- 'src/**' | |
- 'nginx/prod/**' | |
- 'docker-compose.prod.yaml' | |
- 'docker-compose.cert.yaml' | |
- '.services/**' | |
workflow_dispatch: | |
env: | |
BACKEND_IMAGE: registry.digitalocean.com/mr-project/backend | |
jobs: | |
build: | |
name: Build Docker Images and Deploy to k8s | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout master | |
uses: actions/checkout@v3 | |
- name: Set environment variables | |
run: | | |
echo "BACKEND_IMAGE=$(echo ${{env.BACKEND_IMAGE}} )" >> $GITHUB_ENV | |
- name: Install doctl | |
uses: digitalocean/action-doctl@v2 | |
with: | |
token: ${{ secrets.DIGITAL_OCEAN_ACCESS_TOKEN }} | |
- name: Build images | |
run: | | |
docker build -f $GITHUB_WORKSPACE/compose/production/backend/Dockerfile -t ${{ env.BACKEND_IMAGE }}:latest . | |
- name: Log in to DO Container Registry | |
run: doctl registry login --expiry-seconds 800 | |
- name: Push image to DigitalOcean Container Registry | |
run: docker push ${{ env.BACKEND_IMAGE }}:latest | |
deploy: | |
runs-on: ubuntu-latest | |
needs: build | |
if: github.ref == 'refs/heads/master' | |
steps: | |
- uses: actions/checkout@v3 | |
- name: Add the private SSH key to the ssh-agent | |
env: | |
SSH_AUTH_SOCK: /tmp/ssh_agent.sock | |
run: | | |
mkdir -p ~/.ssh | |
ssh-agent -a $SSH_AUTH_SOCK > /dev/null | |
ssh-keyscan github.com >> ~/.ssh/known_hosts | |
ssh-add - <<< "${{ secrets.SSH_KEY }}" | |
- name: Deploy Application | |
env: | |
SSH_AUTH_SOCK: /tmp/ssh_agent.sock | |
run: | | |
ssh -o StrictHostKeyChecking=no ubuntu@${{ secrets.DIGITAL_OCEAN_IP_ADDRESS }} < ./.services/.deploy/deploy.sh |