deploy.yml

name: Deploy Workflows

on:
  push:
    branches: [ "develop" ]
  pull_request:
    branches: [ "develop" ]

permissions:
  contents: read

jobs:
  build:
    runs-on: ubuntu-latest

    steps:
      - name: Checkout
        uses: actions/checkout@v3

      - name: Run chmod to allow gradlew executable
        run: chmod +x ./gradlew

      - name: Set up JDK 17
        uses: actions/setup-java@v3
        with:
          java-version: '17'
          distribution: 'temurin'

      - name: Copy secret
        env:
          GCP_SECRET: ${{ secrets.GCP_CREDENTIALS }}
          GCP_SECRET_DIR: src/main/resources
          GCP_SECRET_DIR_FILE_NAME: gcp-credentials.json
        run: echo $GCP_SECRET | base64 --decode > $GCP_SECRET_DIR/$GCP_SECRET_DIR_FILE_NAME

      - name: Set environment properties
        run: |
          cd ./src/main/resources
          touch ./application.yaml
          echo "${{ secrets.SECRET_ENV }}" >> ./application.yml
        shell: bash

      - name: Build with Gradle
        uses: gradle/gradle-build-action@bd5760595778326ba7f1441bcf7e88b49de61a25
        with:
          arguments: clean build -x test

      - name: Docker build and push
        run: |
          docker login -u ${{ secrets.DOCKER_USERNAME }} -p ${{ secrets.DOCKER_PASSWORD }}
          docker build --build-arg SPRING_PROFILES_ACTIVE=prod -t gces_backend .
          docker tag gces_backend gces/gces_backend:${GITHUB_SHA::7}
          docker push gces/gces_backend:${GITHUB_SHA::7}

      - name: Deploy to server
        uses: appleboy/ssh-action@master
        with:
          host: ${{ secrets.HOST_IP }}
          username: ${{ secrets.SSH_USERNAME }}
          key: ${{ secrets.SSH_PRIVATE_KEY }}
          passphrase: ${{ secrets.SSH_PASSPHRASE }}
          envs: GITHUB_SHA
          script: |
            sudo docker pull gces/gces_backend:${GITHUB_SHA::7}
            sudo docker tag gces/gces_backend:${GITHUB_SHA::7} gces_backend
            sudo docker-compose up -d