Add production CI/CD deployment pipeline
Build & Deploy / Build & Push Docker Images (push) Has been cancelled
Build & Deploy / Deploy on Server (push) Has been cancelled
Docker Integration / Docker Compose Build (push) Has been cancelled
Frontend CI / Lint, Test & Build (20) (push) Has been cancelled
Frontend CI / Lint, Test & Build (22) (push) Has been cancelled
Build & Deploy / Build & Push Docker Images (push) Has been cancelled
Build & Deploy / Deploy on Server (push) Has been cancelled
Docker Integration / Docker Compose Build (push) Has been cancelled
Frontend CI / Lint, Test & Build (20) (push) Has been cancelled
Frontend CI / Lint, Test & Build (22) (push) Has been cancelled
Add GHCR image build/push and SSH-based server deployment workflow, production compose/env templates, and deployment script. Also fix frontend container healthcheck target and extend Docker CI with frontend health verification. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
This commit is contained in:
Dennis
@@ -0,0 +1,113 @@
|
||||
name: Build & Deploy
|
||||
|
||||
on:
|
||||
push:
|
||||
branches: [main]
|
||||
workflow_dispatch:
|
||||
|
||||
permissions:
|
||||
contents: read
|
||||
packages: write
|
||||
|
||||
concurrency:
|
||||
group: production-deploy
|
||||
cancel-in-progress: true
|
||||
|
||||
jobs:
|
||||
build-and-push-images:
|
||||
name: Build & Push Docker Images
|
||||
runs-on: ubuntu-latest
|
||||
|
||||
steps:
|
||||
- uses: actions/checkout@v4
|
||||
|
||||
- name: Set image namespace
|
||||
id: vars
|
||||
run: echo "owner_lc=${GITHUB_REPOSITORY_OWNER,,}" >> "$GITHUB_OUTPUT"
|
||||
|
||||
- name: Setup Docker Buildx
|
||||
uses: docker/setup-buildx-action@v3
|
||||
|
||||
- name: Login to GHCR
|
||||
uses: docker/login-action@v3
|
||||
with:
|
||||
registry: ghcr.io
|
||||
username: ${{ github.actor }}
|
||||
password: ${{ secrets.GITHUB_TOKEN }}
|
||||
|
||||
- name: Build and push backend image
|
||||
uses: docker/build-push-action@v6
|
||||
with:
|
||||
context: ./backend
|
||||
file: ./backend/Dockerfile
|
||||
push: true
|
||||
tags: |
|
||||
ghcr.io/${{ steps.vars.outputs.owner_lc }}/cloudlense-backend:latest
|
||||
ghcr.io/${{ steps.vars.outputs.owner_lc }}/cloudlense-backend:${{ github.sha }}
|
||||
|
||||
- name: Build and push frontend image
|
||||
uses: docker/build-push-action@v6
|
||||
with:
|
||||
context: ./frontend
|
||||
file: ./frontend/Dockerfile
|
||||
push: true
|
||||
build-args: |
|
||||
NEXT_PUBLIC_SUPABASE_URL=https://placeholder.supabase.co
|
||||
NEXT_PUBLIC_SUPABASE_ANON_KEY=placeholder-key
|
||||
SUPABASE_SERVICE_ROLE_KEY=placeholder-service-key
|
||||
tags: |
|
||||
ghcr.io/${{ steps.vars.outputs.owner_lc }}/cloudlense-frontend:latest
|
||||
ghcr.io/${{ steps.vars.outputs.owner_lc }}/cloudlense-frontend:${{ github.sha }}
|
||||
|
||||
deploy-to-server:
|
||||
name: Deploy on Server
|
||||
runs-on: ubuntu-latest
|
||||
needs: build-and-push-images
|
||||
|
||||
steps:
|
||||
- uses: actions/checkout@v4
|
||||
|
||||
- name: Upload production compose file
|
||||
uses: appleboy/scp-action@v0.1.7
|
||||
with:
|
||||
host: ${{ secrets.DEPLOY_HOST }}
|
||||
username: ${{ secrets.DEPLOY_USER }}
|
||||
key: ${{ secrets.DEPLOY_SSH_KEY }}
|
||||
port: ${{ secrets.DEPLOY_PORT || '22' }}
|
||||
source: "devops/docker-compose.prod.yml"
|
||||
target: ${{ secrets.DEPLOY_PATH }}
|
||||
strip_components: 1
|
||||
|
||||
- name: Upload deploy script
|
||||
uses: appleboy/scp-action@v0.1.7
|
||||
with:
|
||||
host: ${{ secrets.DEPLOY_HOST }}
|
||||
username: ${{ secrets.DEPLOY_USER }}
|
||||
key: ${{ secrets.DEPLOY_SSH_KEY }}
|
||||
port: ${{ secrets.DEPLOY_PORT || '22' }}
|
||||
source: "devops/scripts/deploy-prod.sh"
|
||||
target: ${{ secrets.DEPLOY_PATH }}
|
||||
strip_components: 2
|
||||
|
||||
- name: Deploy containers
|
||||
uses: appleboy/ssh-action@v1.2.0
|
||||
env:
|
||||
DEPLOY_PATH: ${{ secrets.DEPLOY_PATH }}
|
||||
GHCR_USERNAME: ${{ secrets.GHCR_USERNAME }}
|
||||
GHCR_READ_TOKEN: ${{ secrets.GHCR_READ_TOKEN }}
|
||||
IMAGE_TAG: ${{ github.sha }}
|
||||
GHCR_OWNER: ${{ github.repository_owner }}
|
||||
with:
|
||||
host: ${{ secrets.DEPLOY_HOST }}
|
||||
username: ${{ secrets.DEPLOY_USER }}
|
||||
key: ${{ secrets.DEPLOY_SSH_KEY }}
|
||||
port: ${{ secrets.DEPLOY_PORT || '22' }}
|
||||
envs: DEPLOY_PATH,GHCR_USERNAME,GHCR_READ_TOKEN,IMAGE_TAG,GHCR_OWNER
|
||||
script_stop: true
|
||||
script: |
|
||||
set -euo pipefail
|
||||
cd "${DEPLOY_PATH}"
|
||||
chmod +x deploy-prod.sh
|
||||
GHCR_OWNER="$(echo "${GHCR_OWNER}" | tr '[:upper:]' '[:lower:]')" ./deploy-prod.sh
|
||||
curl -fsS "http://localhost:5000/health" >/dev/null
|
||||
curl -fsS "http://localhost:3000" >/dev/null
|
||||
@@ -19,13 +19,17 @@ jobs:
|
||||
|
||||
- name: Start services
|
||||
run: |
|
||||
docker compose -f devops/docker-compose.yml up -d db backend
|
||||
sleep 15
|
||||
docker compose -f devops/docker-compose.yml up -d db backend frontend
|
||||
sleep 30
|
||||
|
||||
- name: Verify backend health
|
||||
run: |
|
||||
docker compose -f devops/docker-compose.yml exec -T backend node -e "const h=require('http');h.get('http://localhost:5000/health',(r)=>{let d='';r.on('data',c=>d+=c);r.on('end',()=>{console.log(d);process.exit(r.statusCode===200?0:1)})}).on('error',e=>{console.error(e);process.exit(1)})"
|
||||
|
||||
- name: Verify frontend health
|
||||
run: |
|
||||
curl -fsS http://localhost:3000 >/dev/null
|
||||
|
||||
- name: Cleanup
|
||||
if: always()
|
||||
run: docker compose -f devops/docker-compose.yml down -v
|
||||
|
||||
Reference in New Issue
Block a user