🚀 Create deployment pipeline (#6)

closes #2

.github/workflows/build-deploy.yml

@@ -0,0 +1,89 @@
+name: Docker
+
+# This workflow uses actions that are not certified by GitHub.
+# They are provided by a third-party and are governed by
+# separate terms of service, privacy policy, and support
+# documentation.
+
+on:
+  push:
+    branches: ["main"]
+
+env:
+  # Use docker.io for Docker Hub if empty
+  REGISTRY: ghcr.io
+  # github.repository as <account>/<repo>
+  IMAGE_NAME: ${{ github.repository }}
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      packages: write
+      # This is used to complete the identity challenge
+      # with sigstore/fulcio when running outside of PRs.
+      id-token: write
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v3
+
+      # Workaround: https://github.com/docker/build-push-action/issues/461
+      - name: Setup Docker buildx
+        uses: docker/setup-buildx-action@79abd3f86f79a9d68a23c75a09a9a85889262adf
+
+      # Login against a Docker registry except on PR
+      # https://github.com/docker/login-action
+      - name: Log into registry ${{ env.REGISTRY }}
+        if: github.event_name != 'pull_request'
+        uses: docker/login-action@28218f9b04b4f3f62068d7b6ce6ca5b26e35336c
+        with:
+          registry: ${{ env.REGISTRY }}
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      # Build and push Docker image with Buildx (don't push on PR)
+      # https://github.com/docker/build-push-action
+      - name: Build and push Frontend Docker image
+        id: build-and-push-frontend
+        uses: docker/build-push-action@ac9327eae2b366085ac7f6a2d02df8aa8ead720a
+        with:
+          context: ./frontend
+          push: ${{ github.event_name != 'pull_request' }}
+          tags: ghcr.io/importantus/rsswipe-frontend:main
+          build-args: |
+            VITE_BACKEND_URL=https://backend.rsswipe.mcloud.digital
+
+      - name: Build and push Backend Docker image
+        id: build-and-push-backend
+        uses: docker/build-push-action@ac9327eae2b366085ac7f6a2d02df8aa8ead720a
+        with:
+          context: ./backend
+          push: ${{ github.event_name != 'pull_request' }}
+          tags: ghcr.io/importantus/rsswipe-backend:main
+
+  restart-deployments:
+    runs-on: ubuntu-latest
+    needs: build
+    container:
+      image: thlmylab/swakkd:stable
+      env:
+        KUBECONFIG_CONTENT: ${{ secrets.KUBECONFIG }}
+        KUBECONFIG: "/github/home/.kube/config"
+    permissions:
+      contents: read
+    steps:
+      - uses: actions/checkout@v3
+      - run: mkdir -p ~/.kube/ && echo "$KUBECONFIG_CONTENT" > ~/.kube/config
+      - name: Get Deployments
+        id: get-deployments
+        run: |
+          kubectl get deployments -n simple-tools -l "restart in (please)" -o jsonpath="{range .items[*]}{.metadata.name}{'\n'}{end}" >deployments.txt
+
+      - name: Restart Deployments
+        run: |
+          while IFS= read -r deployment; do 
+            kubectl rollout restart deployment/$deployment -n simple-tools;
+            echo "Restarted $deployment";
+          done < deployments.txt

backend/package.json

@@ -4,8 +4,8 @@
   "private": true,
   "scripts": {
     "build": "tsc",
-    "serve": "npm run setupPrisma && npm run build && node ./dist",
-    "setupPrisma": "npx prisma migrate deploy && npx prisma generate",
+    "serve": "echo 'Starting...' && npm run setupPrisma && echo 'Transpiling typescript' && npm run build && echo 'Running...' && node ./dist",
+    "setupPrisma": "echo 'Setting up database' && npx prisma migrate deploy && echo 'Generating prisma client' && npx prisma generate && echo 'Finished setting up database'",
     "dev": "nodemon ./src/index.ts"
   },
   "devDependencies": {

backend/src/helper/environment.ts

@@ -11,11 +11,12 @@ export const environment = {
     // because we don't have access to the secret management in deployment
     jwtSecret: constructEnv("JWT_SECRET", "secret"),
     jwtExpiration: constructEnv("JWT_EXPIRATION", "30d"),
-    dbHost: constructEnv("DB_HOST"),
-    dbPort: constructEnv("DB_PORT"),
-    dbDatabase: constructEnv("DB_DATABASE"),
-    dbUser: constructEnv("DB_USER"),
-    dbPassword: constructEnv("DB_PASSWORD"),
+    // dbHost: constructEnv("DB_HOST"),
+    // dbPort: constructEnv("DB_PORT"),
+    // dbDatabase: constructEnv("DB_DATABASE"),
+    // dbUser: constructEnv("DB_USER"),
+    // dbPassword: constructEnv("DB_PASSWORD"),
+    dbUrl: constructEnv("DATABASE_URL"),
     status: constructEnv("STATUS", "production"),
     backendPort: constructEnv("BACKEND_PORT", "8080"),
     feedUpdateInterval: constructEnv("FEED_UPDATE_INTERVAL", (1000 * 60 * 10).toString()),

backend/src/prismaClient.ts

@@ -5,7 +5,7 @@ export const getPrismaClient = () => {
     return new PrismaClient({
         datasources: {
             db: {
-                url: `mysql://${environment.dbUser}:${environment.dbPassword}@${environment.dbHost}:${environment.dbPort}/${environment.dbDatabase}`,
+                url: environment.dbUrl,
             }
         }
     });

frontend/Dockerfile

@@ -4,12 +4,11 @@ WORKDIR /build
 COPY package.json package-lock.json ./
 RUN npm install
 
-ARG BACKEND_URL
-ENV VITE_BACKEND_URL=$BACKEND_URL
+ARG VITE_BACKEND_URL
 
 COPY . .
 RUN npm run build
 
 FROM git.mylab.th-luebeck.de:4181/vwprg/teaching/docker-archive/nginx:alpine as running
 COPY nginx.conf /etc/nginx/nginx.conf
-COPY --from=building /build/dist /frontend/
+COPY --from=building /build/dist /frontend/