82 lines (79 loc) · 3.96 KB
/
dodeploy.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
name: deploy
on:
push:
branches:
- master
- use-ssl # remove after getting SSL to work
jobs:
build:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v1
- name: Use Node.js 12.18
uses: actions/setup-node@v1
with:
node-version: '12.18'
# - name: Install yarn and run unittest
# run: yarn && yarn test
# env:
# CI: true
- name: Publish to Github Packages Registry
uses: elgohr/Publish-Docker-Github-Action@master
env:
GITHUB_USERNAME: ${{ secrets.GITHUB_USERNAME }}
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
AUTH0_DOMAIN: ${{ secrets.AUTH0_DOMAIN }}
AUTH0_CLIENT_ID: ${{ secrets.AUTH0_CLIENT_ID }} # remove auth0 here ?
AUTH0_CLIENT_SECRET: ${{ secrets.AUTH0_CLIENT_SECRET }}
REDIRECT_URI: ${{ secrets.REDIRECT_URI }}
POST_LOGOUT_REDIRECT_URI: ${{ secrets.POST_LOGOUT_REDIRECT_URI }}
SESSION_COOKIE_SECRET: ${{ secrets.SESSION_COOKIE_SECRET }}
PGHOST: ${{ secrets.PGHOST }}
PGUSER: ${{ secrets.PGUSER }}
PGPORT: ${{ secrets.PGPORT }}
PGPASSWORD: ${{ secrets.PGPASSWORD }}
PGDATABASE: ${{ secrets.PGDATABASE }}
PGSSLMODE: ${{ secrets.PGSSLMODE }}
SSH_DATABASE_CERTIFICATE: ${{ secrets.SSH_DATABASE_CERTIFICATE }}
with:
name: olaven/krets/image #${{ secrets.GITHUB_REPOSITORY }}/image
registry: docker.pkg.github.com
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
dockerfile: Dockerfile
tags: latest
buildargs: GITHUB_USERNAME,GITHUB_TOKEN,AUTH0_DOMAIN,AUTH0_CLIENT_ID,AUTH0_CLIENT_SECRET,REDIRECT_URI,POST_LOGOUT_REDIRECT_URI,SESSION_COOKIE_SECRET,PGHOST,PGUSER,PGPORT,PGPASSWORD,PGDATABASE,PGSSLMODE,SSH_DATABASE_CERTIFICATE,
- name: Deploy package to digitalocean
uses: appleboy/ssh-action@master
env:
GITHUB_USERNAME: ${{ github.actor }}
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
AUTH0_DOMAIN: ${{ secrets.AUTH0_DOMAIN }}
AUTH0_CLIENT_ID: ${{ secrets.AUTH0_CLIENT_ID }}
AUTH0_CLIENT_SECRET: ${{ secrets.AUTH0_CLIENT_SECRET }}
REDIRECT_URI: ${{ secrets.REDIRECT_URI }}
POST_LOGOUT_REDIRECT_URI: ${{ secrets.POST_LOGOUT_REDIRECT_URI }}
SESSION_COOKIE_SECRET: ${{ secrets.SESSION_COOKIE_SECRET }}
PGHOST: ${{ secrets.PGHOST }}
PGUSER: ${{ secrets.PGUSER }}
PGPORT: ${{ secrets.PGPORT }}
PGPASSWORD: ${{ secrets.PGPASSWORD }}
PGDATABASE: ${{ secrets.PGDATABASE }}
PGSSLMODE: ${{ secrets.PGSSLMODE }}
HTTPS_SERVER_PRIVKEY: ${{ secrets.HTTPS_SERVER_PRIVKEY }} #paths on server (should rename server path secrets to something more readable)
HTTPS_SERVER_FULLCHAIN: ${{ secrets.HTTPS_SERVER_FULLCHAIN }}
HTTPS_SERVER_CHAIN: ${{ secrets.HTTPS_SERVER_CHAIN }}
with:
host: ${{ secrets.DO_DROPLET_HOST }}
username: ${{ secrets.DO_DROPLET_USERNAME }}
password: ${{ secrets.DO_DROPLET_PASSWORD }}
port: ${{ secrets.DO_DROPLET_PORT }}
envs: HTTPS_SERVER_PRIVKEY,HTTPS_SERVER_FULLCHAIN,HTTPS_SERVER_CHAIN,GITHUB_USERNAME,GITHUB_TOKEN,AUTH0_DOMAIN,AUTH0_CLIENT_ID,AUTH0_CLIENT_SECRET,REDIRECT_URI,POST_LOGOUT_REDIRECT_URI,SESSION_COOKIE_SECRET,PGHOST,PGUSER,PGPORT,PGPASSWORD,PGDATABASE,PGSSLMODE,SSH_DATABASE_CERTIFICATE
script: | # reading key values from paths
export SSL_PRIVKEY=$(cat $HTTPS_SERVER_PRIVKEY) #
export SSL_FULLCHAIN=$(cat $HTTPS_SERVER_FULLCHAIN)
export SSL_CHAIN=$(cat $HTTPS_SERVER_CHAIN)
docker stop $(docker ps -a -q)
echo $GITHUB_TOKEN | docker login --username $GITHUB_USERNAME --password-stdin docker.pkg.github.com
docker pull docker.pkg.github.com/olaven/krets/image:latest
docker run -dit -p 80:3000 docker.pkg.github.com/olaven/krets/image:latest -e SSL_PRIVKEY -e SSL_FULLCHAIN -e SSL_CHAIN