try 81 #79
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build and Deploy Docker Image on Server | ||
| on: | ||
| push | ||
| env: | ||
| SSH_PRIVATE_KEY: ${{ secrets.SSH_PRIVATE_KEY }} | ||
| SERVER_USER: ${{ secrets.SERVER_USER }} | ||
| SERVER_HOST: ${{ secrets.SERVER_HOST }} | ||
| KNOWN_HOSTS: ${{ secrets.KNOWN_HOSTS }} | ||
| CONFIG_FILE: "applications/main.json" | ||
| jobs: | ||
| build-and-deploy: | ||
| environment: Test | ||
| runs-on: ubuntu-latest | ||
| steps: | ||
| - name: Checkout code | ||
| uses: actions/checkout@v4 | ||
| with: | ||
| submodules: 'recursive' | ||
| - name: Set up Node.js | ||
| uses: actions/setup-node@v4 | ||
| with: | ||
| node-version: "22" | ||
| - name: Create .env file from JSON config | ||
| run: | | ||
| function process_secrets { | ||
| local data="$1" | ||
| local secrets="$2" | ||
| echo "$data" | jq -r 'to_entries[] | "\(.value)=\(.key)"' | while IFS='=' read -r value key; do | ||
| export SECRET_KEY=$value | ||
| echo "key is: $key, value is: $value, secret is: ${{ secrets[format(value)] }}" | ||
| secret_value=$(jq -r --arg key "$value" '.[$key]' <<< "$secrets") | ||
| echo "$value=$secret_value" | ||
| done | ||
| } | ||
| secrets_from_file=$(cat "$CONFIG_FILE" | jq -r '.secrets') | ||
| # { | ||
| echo "# Environment variables" | ||
| jq -r '.envs | to_entries[] | "\(.key)=\(.value)"' "$CONFIG_FILE" | ||
| echo | ||
| echo "# Secrets" | ||
| process_secrets "$(jq -r '.' <<< "$secrets_from_file")" ${{ secrets }} | ||
| # } > .env | ||
| echo "Created .env file" | ||
| - name: Set up SSH | ||
| uses: webfactory/[email protected] | ||
| with: | ||
| ssh-private-key: ${{ env.SSH_PRIVATE_KEY }} | ||
| - name: Add server to known hosts | ||
| run: | | ||
| mkdir -p ~/.ssh | ||
| echo "$KNOWN_HOSTS" > ~/.ssh/known_hosts | ||
| - name: Deploy on Server | ||
| run: | | ||
| ssh -t $SERVER_USER@$SERVER_HOST << 'EOF' | ||
| mkdir -p /home/server/starter-kit | ||
| EOF | ||
| scp -r * $SERVER_USER@$SERVER_HOST:/home/server/starter-kit | ||
| scp .env $SERVER_USER@$SERVER_HOST:/home/server/starter-kit/.env | ||
| ssh -t $SERVER_USER@$SERVER_HOST << 'EOF' | ||
| cd /home/server/starter-kit | ||
| pwd | ||
| echo "Starting deployment process..." | ||
| sh deploy.sh | ||
| EOF | ||
