Dennis
88260e1e9a
Build & Deploy / Build & Push Docker Images (push) Has been cancelled
Build & Deploy / Deploy on Server (push) Has been cancelled
Docker Integration / Docker Compose Build (push) Has been cancelled
Frontend CI / Lint, Test & Build (20) (push) Has been cancelled
Frontend CI / Lint, Test & Build (22) (push) Has been cancelled
Add GHCR image build/push and SSH-based server deployment workflow, production compose/env templates, and deployment script. Also fix frontend container healthcheck target and extend Docker CI with frontend health verification. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
114 lines
3.6 KiB
YAML
114 lines
3.6 KiB
YAML
name: Build & Deploy
|
|
|
|
on:
|
|
push:
|
|
branches: [main]
|
|
workflow_dispatch:
|
|
|
|
permissions:
|
|
contents: read
|
|
packages: write
|
|
|
|
concurrency:
|
|
group: production-deploy
|
|
cancel-in-progress: true
|
|
|
|
jobs:
|
|
build-and-push-images:
|
|
name: Build & Push Docker Images
|
|
runs-on: ubuntu-latest
|
|
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
|
|
- name: Set image namespace
|
|
id: vars
|
|
run: echo "owner_lc=${GITHUB_REPOSITORY_OWNER,,}" >> "$GITHUB_OUTPUT"
|
|
|
|
- name: Setup Docker Buildx
|
|
uses: docker/setup-buildx-action@v3
|
|
|
|
- name: Login to GHCR
|
|
uses: docker/login-action@v3
|
|
with:
|
|
registry: ghcr.io
|
|
username: ${{ github.actor }}
|
|
password: ${{ secrets.GITHUB_TOKEN }}
|
|
|
|
- name: Build and push backend image
|
|
uses: docker/build-push-action@v6
|
|
with:
|
|
context: ./backend
|
|
file: ./backend/Dockerfile
|
|
push: true
|
|
tags: |
|
|
ghcr.io/${{ steps.vars.outputs.owner_lc }}/cloudlense-backend:latest
|
|
ghcr.io/${{ steps.vars.outputs.owner_lc }}/cloudlense-backend:${{ github.sha }}
|
|
|
|
- name: Build and push frontend image
|
|
uses: docker/build-push-action@v6
|
|
with:
|
|
context: ./frontend
|
|
file: ./frontend/Dockerfile
|
|
push: true
|
|
build-args: |
|
|
NEXT_PUBLIC_SUPABASE_URL=https://placeholder.supabase.co
|
|
NEXT_PUBLIC_SUPABASE_ANON_KEY=placeholder-key
|
|
SUPABASE_SERVICE_ROLE_KEY=placeholder-service-key
|
|
tags: |
|
|
ghcr.io/${{ steps.vars.outputs.owner_lc }}/cloudlense-frontend:latest
|
|
ghcr.io/${{ steps.vars.outputs.owner_lc }}/cloudlense-frontend:${{ github.sha }}
|
|
|
|
deploy-to-server:
|
|
name: Deploy on Server
|
|
runs-on: ubuntu-latest
|
|
needs: build-and-push-images
|
|
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
|
|
- name: Upload production compose file
|
|
uses: appleboy/scp-action@v0.1.7
|
|
with:
|
|
host: ${{ secrets.DEPLOY_HOST }}
|
|
username: ${{ secrets.DEPLOY_USER }}
|
|
key: ${{ secrets.DEPLOY_SSH_KEY }}
|
|
port: ${{ secrets.DEPLOY_PORT || '22' }}
|
|
source: "devops/docker-compose.prod.yml"
|
|
target: ${{ secrets.DEPLOY_PATH }}
|
|
strip_components: 1
|
|
|
|
- name: Upload deploy script
|
|
uses: appleboy/scp-action@v0.1.7
|
|
with:
|
|
host: ${{ secrets.DEPLOY_HOST }}
|
|
username: ${{ secrets.DEPLOY_USER }}
|
|
key: ${{ secrets.DEPLOY_SSH_KEY }}
|
|
port: ${{ secrets.DEPLOY_PORT || '22' }}
|
|
source: "devops/scripts/deploy-prod.sh"
|
|
target: ${{ secrets.DEPLOY_PATH }}
|
|
strip_components: 2
|
|
|
|
- name: Deploy containers
|
|
uses: appleboy/ssh-action@v1.2.0
|
|
env:
|
|
DEPLOY_PATH: ${{ secrets.DEPLOY_PATH }}
|
|
GHCR_USERNAME: ${{ secrets.GHCR_USERNAME }}
|
|
GHCR_READ_TOKEN: ${{ secrets.GHCR_READ_TOKEN }}
|
|
IMAGE_TAG: ${{ github.sha }}
|
|
GHCR_OWNER: ${{ github.repository_owner }}
|
|
with:
|
|
host: ${{ secrets.DEPLOY_HOST }}
|
|
username: ${{ secrets.DEPLOY_USER }}
|
|
key: ${{ secrets.DEPLOY_SSH_KEY }}
|
|
port: ${{ secrets.DEPLOY_PORT || '22' }}
|
|
envs: DEPLOY_PATH,GHCR_USERNAME,GHCR_READ_TOKEN,IMAGE_TAG,GHCR_OWNER
|
|
script_stop: true
|
|
script: |
|
|
set -euo pipefail
|
|
cd "${DEPLOY_PATH}"
|
|
chmod +x deploy-prod.sh
|
|
GHCR_OWNER="$(echo "${GHCR_OWNER}" | tr '[:upper:]' '[:lower:]')" ./deploy-prod.sh
|
|
curl -fsS "http://localhost:5000/health" >/dev/null
|
|
curl -fsS "http://localhost:3000" >/dev/null
|