Add db support to GitHub workflow #2
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build and deploy with Database | |
| on: | |
| push: | |
| branches: | |
| - main | |
| pull_request: | |
| branches: | |
| - main | |
| workflow_dispatch: | |
| inputs: | |
| environment: | |
| description: 'Environment to deploy to' | |
| type: environment | |
| required: true | |
| env: | |
| OUTPUT_PATH_ENGINE_NODE: './build/engine/' | |
| OUTPUT_PATH_MS_SERVER: './src/management-system-v2/.next/' | |
| DOCKER_PATH_MS_SERVER: './src/management-system-v2' | |
| jobs: | |
| install: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Set up Node.js | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: 20 | |
| check-latest: true | |
| cache: 'yarn' | |
| - run: yarn install --frozen-lockfile --ignore-engines | |
| - uses: actions/cache@v4 | |
| timeout-minutes: 2 | |
| id: cache-install | |
| with: | |
| path: ./* | |
| key: ${{ github.sha }}-${{ github.run_number }} | |
| # check-migration-changes: | |
| # runs-on: ubuntu-latest | |
| # outputs: | |
| # create_db: ${{ steps.check.outputs.create_db }} | |
| # steps: | |
| # - uses: actions/checkout@v4 | |
| # with: | |
| # fetch-depth: 2 | |
| # - name: Check for migration file changes | |
| # id: check | |
| # run: | | |
| # if git diff --name-only HEAD~1 HEAD | grep 'src/management-system-v2/prisma/migrations/.*\.sql'; then | |
| # echo "create_db=true" >> $GITHUB_OUTPUT | |
| # else | |
| # echo "create_db=false" >> $GITHUB_OUTPUT | |
| # fi | |
| lint: | |
| runs-on: ubuntu-latest | |
| needs: install | |
| steps: | |
| - uses: actions/cache@v4 | |
| timeout-minutes: 2 | |
| id: restore-install | |
| with: | |
| path: ./* | |
| key: ${{ github.sha }}-${{ github.run_number }} | |
| - name: Set up Node.js | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: 20 | |
| check-latest: true | |
| cache: 'yarn' | |
| - run: yarn prettier --check . | |
| generate-db-name: | |
| #needs: [check-migration-changes] | |
| runs-on: ubuntu-latest | |
| # if: needs.check-migration-changes.outputs.create_db == 'true' | |
| outputs: | |
| dbname: ${{ steps.gen-db-name.outputs.DB_NAME }} | |
| steps: | |
| - name: Drop Old Database (If Exists) | |
| env: | |
| VM_USER: proceed-ci | |
| PRIVATE_KEY: ${{ secrets.VM_SSH_KEY }} | |
| run: | | |
| echo "$PRIVATE_KEY" > private_key.pem | |
| chmod 600 private_key.pem | |
| DB_NAME="proceed_db_${{ github.ref_name }}" | |
| ssh -i private_key.pem -o StrictHostKeyChecking=no $VM_USER@${{secrets.VM_IP}} << EOF | |
| sudo docker exec postgres_database_proceed psql -U ${{secrets.DB_USER}} -d proceed_db -c "DROP DATABASE IF EXISTS $DB_NAME;" | |
| EOF | |
| - name: Generate unique database name | |
| id: gen-db-name | |
| run: echo "DB_NAME=proceed_db_${{ github.ref_name }}" >> $GITHUB_OUTPUT | |
| create-db: | |
| needs: [generate-db-name] | |
| runs-on: ubuntu-latest | |
| # if: needs.check-migration-changes.outputs.create_db == 'true' | |
| outputs: | |
| database_url: ${{ steps.set-db-url.outputs.DATABASE_URL }} | |
| steps: | |
| - name: Create new database | |
| env: | |
| VM_USER: proceed-ci | |
| PRIVATE_KEY: ${{ secrets.VM_SSH_KEY }} | |
| run: | | |
| echo "$PRIVATE_KEY" > private_key.pem | |
| chmod 600 private_key.pem | |
| ssh -i private_key.pem -o StrictHostKeyChecking=no $VM_USER@${{secrets.VM_IP}} << EOF | |
| sudo docker exec postgres_database_proceed psql -U ${{secrets.DB_USER}} -d proceed_db -c "CREATE DATABASE ${{ needs.generate-db-name.outputs.dbname }};" | |
| EOF | |
| rm private_key.pem | |
| - name: Set DATABASE_URL as an output | |
| id: set-db-url | |
| run: echo "DATABASE_URL=postgresql://${{secrets.DB_USER}}:${{secrets.DB_PASSWORD}}@${{secrets.VM_IP}}:5432/${{ needs.generate-db-name.outputs.dbname }}?schema=public" >> $GITHUB_OUTPUT | |
| - uses: actions/cache@v4 | |
| timeout-minutes: 2 | |
| id: restore-install | |
| with: | |
| path: ./* | |
| key: ${{ github.sha }}-${{ github.run_number }} | |
| - name: Apply Prisma Migrations | |
| env: | |
| DATABASE_URL: ${{ steps.set-db-url.outputs.DATABASE_URL }} | |
| run: cd src/management-system-v2 && yarn prisma migrate deploy | |
| # reuse-db: | |
| # needs: [check-migration-changes] | |
| # runs-on: ubuntu-latest | |
| # if: needs.check-migration-changes.outputs.create_db == 'false' | |
| # outputs: | |
| # dbname: ${{ steps.get-db-name.outputs.DB_NAME }} | |
| # steps: | |
| # - name: Get DB Name | |
| # id: get-db-name | |
| # run: echo "DB_NAME=proceed_db_${{ github.ref_name }}" >> $GITHUB_OUTPUT | |
| buildMS: | |
| runs-on: ubuntu-latest | |
| env: | |
| IMAGE_TAG: ${{ inputs.environment == 'Production' && 'latest' || 'edge' }} | |
| outputs: | |
| tag: ${{ steps.set_tag.outputs.tag }} | |
| needs: [lint, create-db] | |
| if: | | |
| always() && | |
| needs.lint.result == 'success' && | |
| needs.create-db.result == 'success' | |
| steps: | |
| - uses: actions/cache@v4 | |
| timeout-minutes: 2 | |
| id: restore-install | |
| with: | |
| path: ./* | |
| key: ${{ github.sha }}-${{ github.run_number }} | |
| - name: Set up Node.js | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: 20 | |
| check-latest: true | |
| cache: 'yarn' | |
| - run: yarn build-ms | |
| - id: set_tag | |
| run: | | |
| TAG=$(git describe --tags --always --dirty --abbrev=7) | |
| if [[ "$GITHUB_REF" == "refs/heads/main" ]]; then | |
| echo "tag=${{ env.IMAGE_TAG }}" >> $GITHUB_OUTPUT | |
| else | |
| echo "tag=$TAG" >> $GITHUB_OUTPUT | |
| fi | |
| - name: Kaniko build | |
| uses: aevea/action-kaniko@master | |
| with: | |
| image: proceed/ms-server | |
| username: ${{ secrets.DOCKERHUB_USERNAME }} | |
| password: ${{ secrets.DOCKERHUB_PASSWORD }} | |
| path: ${{ env.DOCKER_PATH_MS_SERVER }} | |
| tag: ${{ steps.set_tag.outputs.tag }} | |
| deploy: | |
| runs-on: ubuntu-latest | |
| needs: [buildMS, create-db, generate-db-name] | |
| permissions: | |
| contents: read | |
| id-token: write | |
| pull-requests: write | |
| issues: write | |
| env: | |
| MS_TAG: ${{ needs.buildMS.outputs.tag }} | |
| SERVICE_NAME: ${{ inputs.environment == 'Production' && 'ms-server-production' || 'ms-server-staging' }} | |
| SUBDOMAIN: ${{ inputs.environment == 'Production' && 'app' || 'staging' }} | |
| DATABASE_URL: postgresql://${{ secrets.DB_USER }}:${{ secrets.DB_PASSWORD }}@${{ secrets.VM_IP }}:5432/${{ needs.generate-db-name.outputs.dbname }}?schema=public | |
| steps: | |
| - uses: 'google-github-actions/auth@v2' | |
| with: | |
| project_id: 'proceed-bpms' | |
| workload_identity_provider: 'projects/1062024918148/locations/global/workloadIdentityPools/github-ci/providers/github' | |
| service_account: '[email protected]' | |
| - id: 'deploy' | |
| if: ${{ github.ref == 'refs/heads/main' }} | |
| uses: 'google-github-actions/deploy-cloudrun@v2' | |
| with: | |
| service: ${{ env.SERVICE_NAME }} | |
| image: 'docker.io/proceed/ms-server:${{ env.MS_TAG }}' | |
| env_vars: | | |
| NEXTAUTH_URL=https://${{ env.SUBDOMAIN }}.proceed-labs.org | |
| DATABASE_URL=${{ env.DATABASE_URL }} | |
| region: 'europe-west1' | |
| revision_traffic: LATEST=100 | |
| - id: 'deploy-preview' | |
| if: ${{ github.event_name == 'pull_request' }} | |
| name: Preview Cloud Run Deployment | |
| uses: OhKai/preview-cloudrun@main | |
| with: | |
| service: ${{ env.SERVICE_NAME }} | |
| image: docker.io/proceed/ms-server:${{ env.MS_TAG }} | |
| token: ${{ secrets.GITHUB_TOKEN }} | |
| region: 'europe-west1' | |
| env_vars: | | |
| DATABASE_URL=${{ env.DATABASE_URL }} | |
| githubEnvironment: | |
| runs-on: ubuntu-latest | |
| needs: deploy | |
| if: ${{ github.ref == 'refs/heads/main' }} | |
| environment: | |
| name: ${{ inputs.environment || 'Staging' }} | |
| url: ${{ inputs.environment == 'Production' && 'https://app.proceed-labs.org' || 'https://staging.proceed-labs.org' }} | |
| steps: | |
| - run: echo "${{ inputs.environment || 'Staging' }}" |