Docker Deployment #71
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Docker Deployment | |
| on: | |
| workflow_dispatch: | |
| inputs: | |
| environment: | |
| type: environment | |
| required: true | |
| env: | |
| DEPLOYMENT_NAME: nwdl | |
| DEPLOY_PATH: /var/www/nwdl | |
| # gotchas: | |
| # ssh host should have custom user just for this purpose, which needs | |
| # to have his own home directory | |
| # sudo useradd -m user_name | |
| # sudo passwd user_name | |
| # sudo usermod -aG docker user_name | |
| # sudo usermod -aG www-data user_name | |
| # the DEPLOY_PATH needs to have specific permissions | |
| # https://serverfault.com/questions/124800/how-to-setup-linux-permissions-for-the-www-folder | |
| # sudo mkdir $DEPLOY_PATH | |
| # sudo chgrp -R www-data $DEPLOY_PATH | |
| # sudo chmod -R 2774 $DEPLOY_PATH | |
| jobs: | |
| build: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Set up Docker | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Build and Export | |
| uses: docker/build-push-action@v5 | |
| with: | |
| context: . | |
| tags: ${{ env.DEPLOYMENT_NAME }}:prod | |
| build-args: RAILS_MASTER_KEY=${{ secrets.RAILS_MASTER_KEY }} | |
| target: production | |
| outputs: type=docker,dest=/tmp/compressed.tar | |
| - name: Save Image | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: compressed_image_artifact | |
| path: /tmp/compressed.tar | |
| if-no-files-found: error | |
| deploy: | |
| runs-on: ubuntu-latest | |
| environment: ${{ github.event.inputs.environment }} | |
| needs: build | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Set up Docker | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Load Image | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: compressed_image_artifact | |
| path: . | |
| - name: List files for debugging | |
| run: ls -la | |
| - name: Preparing SSH & Clear Previos Deployment | |
| uses: appleboy/ssh-action@master | |
| with: | |
| host: ${{ secrets.DEPLOY_HOST }} | |
| username: ${{ secrets.DEPLOY_USERNAME }} | |
| password: ${{ secrets.DEPLOY_PASSWORD }} | |
| script: | | |
| docker-compose -f ${{ env.DEPLOY_PATH }}/docker-compose.yml -f ${{ env.DEPLOY_PATH }}/docker-compose.production.yml down || true | |
| docker-compose -f ${{ env.DEPLOY_PATH }}/docker-compose.yml -f ${{ env.DEPLOY_PATH }}/docker-compose.production.yml rm || true | |
| rm -rf ${{ env.DEPLOY_PATH }}/* || true | |
| mkdir -p ${{ env.DEPLOY_PATH }} | |
| - name: SCP Compressed Container & Dependencies | |
| uses: appleboy/scp-action@master | |
| with: | |
| host: ${{ secrets.DEPLOY_HOST }} | |
| username: ${{ secrets.DEPLOY_USERNAME }} | |
| password: ${{ secrets.DEPLOY_PASSWORD }} | |
| source: "compressed.tar,docker-compose.yml,docker-compose.production.yml" | |
| target: ${{ env.DEPLOY_PATH }} | |
| overwrite: true | |
| - name: Start Deployed Container | |
| uses: appleboy/ssh-action@master | |
| with: | |
| host: ${{ secrets.DEPLOY_HOST }} | |
| username: ${{ secrets.DEPLOY_USERNAME }} | |
| password: ${{ secrets.DEPLOY_PASSWORD }} | |
| script: | | |
| touch ${{ env.DEPLOY_PATH }}/.env | |
| echo 'DOCKER_IMAGE_NAME=${{ env.DEPLOYMENT_NAME }}' >> ${{ env.DEPLOY_PATH }}/.env | |
| echo 'RAILS_MASTER_KEY=${{ secrets.RAILS_MASTER_KEY }}' >> ${{ env.DEPLOY_PATH }}/.env | |
| echo 'POSTGRES_USER=${{ secrets.POSTGRES_USER }}' >> ${{ env.DEPLOY_PATH }}/.env | |
| echo 'POSTGRES_PASSWORD=${{ secrets.POSTGRES_PASSWORD }}' >> ${{ env.DEPLOY_PATH }}/.env | |
| mv ${{ env.DEPLOY_PATH }}/docker-compose.production.yml ${{ env.DEPLOY_PATH }}/docker-compose.override.yml | |
| docker image load -q -i ${{ env.DEPLOY_PATH }}/compressed.tar | |
| docker-compose -f ${{ env.DEPLOY_PATH }}/docker-compose.yml -f ${{ env.DEPLOY_PATH }}/docker-compose.override.yml up -d -V |