Skip to content
Permalink
master
Switch branches/tags
View runs Go to file
 
 
Cannot retrieve contributors at this time
name: Continuous Integration and Delivery
on: [push]
env:
WEB_IMAGE: ghcr.io/$(echo $GITHUB_REPOSITORY | tr '[:upper:]' '[:lower:]')/web
NGINX_IMAGE: ghcr.io/$(echo $GITHUB_REPOSITORY | tr '[:upper:]' '[:lower:]')/nginx
jobs:
build:
name: Build Docker Images
runs-on: ubuntu-latest
steps:
- name: Checkout master
uses: actions/checkout@v1
- name: Add environment variables to .env
run: |
echo "DEBUG=0" >> .env
echo "SQL_ENGINE=django.db.backends.postgresql" >> .env
echo "DATABASE=postgres" >> .env
echo "SECRET_KEY=${{ secrets.SECRET_KEY }}" >> .env
echo "SQL_DATABASE=${{ secrets.SQL_DATABASE }}" >> .env
echo "SQL_USER=${{ secrets.SQL_USER }}" >> .env
echo "SQL_PASSWORD=${{ secrets.SQL_PASSWORD }}" >> .env
echo "SQL_HOST=${{ secrets.SQL_HOST }}" >> .env
echo "SQL_PORT=${{ secrets.SQL_PORT }}" >> .env
- name: Set environment variables
run: |
echo "WEB_IMAGE=$(echo ${{env.WEB_IMAGE}} )" >> $GITHUB_ENV
echo "NGINX_IMAGE=$(echo ${{env.NGINX_IMAGE}} )" >> $GITHUB_ENV
- name: Log in to GitHub Packages
run: echo ${PERSONAL_ACCESS_TOKEN} | docker login ghcr.io -u ${{ secrets.NAMESPACE }} --password-stdin
env:
PERSONAL_ACCESS_TOKEN: ${{ secrets.PERSONAL_ACCESS_TOKEN }}
- name: Pull images
run: |
docker pull ${{ env.WEB_IMAGE }} || true
docker pull ${{ env.NGINX_IMAGE }} || true
- name: Build images
run: |
docker-compose -f docker-compose.ci.yml build
- name: Push images
run: |
docker push ${{ env.WEB_IMAGE }}
docker push ${{ env.NGINX_IMAGE }}
deploy:
name: Deploy to DigitalOcean
runs-on: ubuntu-latest
needs: build
if: github.ref == 'refs/heads/master'
steps:
- name: Checkout master
uses: actions/checkout@v1
- name: Add environment variables to .env
run: |
echo "DEBUG=0" >> .env
echo "SQL_ENGINE=django.db.backends.postgresql" >> .env
echo "DATABASE=postgres" >> .env
echo "SECRET_KEY=${{ secrets.SECRET_KEY }}" >> .env
echo "SQL_DATABASE=${{ secrets.SQL_DATABASE }}" >> .env
echo "SQL_USER=${{ secrets.SQL_USER }}" >> .env
echo "SQL_PASSWORD=${{ secrets.SQL_PASSWORD }}" >> .env
echo "SQL_HOST=${{ secrets.SQL_HOST }}" >> .env
echo "SQL_PORT=${{ secrets.SQL_PORT }}" >> .env
echo "WEB_IMAGE=${{ env.WEB_IMAGE }}" >> .env
echo "NGINX_IMAGE=${{ env.NGINX_IMAGE }}" >> .env
echo "NAMESPACE=${{ secrets.NAMESPACE }}" >> .env
echo "PERSONAL_ACCESS_TOKEN=${{ secrets.PERSONAL_ACCESS_TOKEN }}" >> .env
- name: Add the private SSH key to the ssh-agent
env:
SSH_AUTH_SOCK: /tmp/ssh_agent.sock
run: |
mkdir -p ~/.ssh
ssh-agent -a $SSH_AUTH_SOCK > /dev/null
ssh-keyscan github.com >> ~/.ssh/known_hosts
ssh-add - <<< "${{ secrets.PRIVATE_KEY }}"
- name: Build and deploy images on DigitalOcean
env:
SSH_AUTH_SOCK: /tmp/ssh_agent.sock
run: |
scp -o StrictHostKeyChecking=no -r ./.env ./docker-compose.prod.yml root@${{ secrets.DIGITAL_OCEAN_IP_ADDRESS }}:/app
ssh -o StrictHostKeyChecking=no root@${{ secrets.DIGITAL_OCEAN_IP_ADDRESS }} << 'ENDSSH'
cd /app
source .env
docker login ghcr.io -u $NAMESPACE -p $PERSONAL_ACCESS_TOKEN
docker pull $WEB_IMAGE
docker pull $NGINX_IMAGE
docker-compose -f docker-compose.prod.yml up -d
ENDSSH