|
1 | | -# Workflow for deploying ontologies_api to stage/prod systems via capistrano. |
2 | | -# This workflow runs after a successeful execution of the unit test workflow and it |
3 | | -# can also be triggered manually. |
| 1 | +# Workflow to deploy OntoPortal API to stage/prod systems |
4 | 2 | # |
5 | 3 | # Required github secrets: |
6 | 4 | # |
7 | | -# CONFIG_REPO - github repo containing config and customizations for the API. Format 'author/private_config_repo' |
| 5 | +# CONFIG_REPO - github repo containing config and customizations for API. Format 'author/private_config_repo' |
8 | 6 | # it is used for getting capistrano deployment configuration for stages on the github actions runner and |
9 | | -# PRIVATE_CONFIG_REPO env var is constructed from it which is used by capistrano on the remote servers for pulling configs. |
| 7 | +# PRIVATE_CONFIG_REPO env var is constructed from it which is used by capistrano on the API hosts for pulling configs. |
10 | 8 | # |
11 | | -# GH_PAT - github Personal Access Token for accessing PRIVATE_CONFIG_REPO |
| 9 | +# GH_PAT - github Personal Access Token for accessing private config repo |
12 | 10 | # |
13 | | -# SSH_JUMPHOST - ssh jump/proxy host though which deployments have to though if app servers are hosted on private network. |
| 11 | +# SSH_JUMPHOST - ssh jump/proxy host though which deployments have to though if API nodes live on private network. |
| 12 | +# SSH_JUMPHOST_USER - username to use to connect to the ssh jump/proxy. |
14 | 13 | # |
15 | | -# DEPLOY_ENC_KEY - key for decrypting deploymnet ssh key residing in config/deploy_id_rsa_enc (see miloserdow/capistrano-deploy) |
16 | | -# this SSH key is used for accessing jump host, UI nodes, and private github repo. |
| 14 | +# DEPLOY_ENC_KEY - key for decrypting deploymnet ssh key residing in config/ |
| 15 | +# this SSH key is used for accessing jump host, API nodes, and private github repo. |
17 | 16 |
|
18 | 17 | name: Capistrano Deployment |
19 | 18 | # Controls when the action will run. |
20 | 19 | on: |
21 | | - # Trigger deployment to staging after unit test action completes |
22 | | - workflow_run: |
23 | | - workflows: ["Ruby Unit Tests"] |
24 | | - types: |
25 | | - - completed |
26 | | - branches: [master, develop] |
| 20 | + push: |
| 21 | + branches: |
| 22 | + - stage |
| 23 | + - test |
27 | 24 | # Allows running this workflow manually from the Actions tab |
28 | 25 | workflow_dispatch: |
29 | | - branches: [master, develop] |
30 | 26 | inputs: |
31 | 27 | BRANCH: |
32 | | - description: 'Branch/tag to deploy' |
33 | | - default: develop |
| 28 | + description: "Branch/tag to deploy" |
| 29 | + options: |
| 30 | + - stage |
| 31 | + - test |
| 32 | + - master |
| 33 | + default: stage |
34 | 34 | required: true |
35 | 35 | environment: |
36 | | - description: 'target environment to deploy to' |
| 36 | + description: "target environment to deploy to" |
37 | 37 | type: choice |
38 | 38 | options: |
39 | 39 | - staging |
40 | | - - production |
41 | | - default: staging |
42 | | - |
| 40 | + - agroportal |
| 41 | + - test |
| 42 | + default: stage |
43 | 43 | jobs: |
44 | 44 | deploy: |
45 | 45 | runs-on: ubuntu-latest |
46 | | - # run deployment only if "Ruby Unit Tests" workflow completes sucessefully or when manually triggered |
47 | | - if: ${{ (github.event.workflow_run.conclusion == 'success') || (github.event_name == 'workflow_dispatch') }} |
48 | 46 | env: |
49 | | - BUNDLE_WITHOUT: default #install gems required primarily for the deployment in order to speed this workflow |
| 47 | + BUNDLE_WITHOUT: default #install gems required primarely for deployment in order to speed up workflow |
50 | 48 | PRIVATE_CONFIG_REPO: ${{ format('[email protected]:{0}.git', secrets.CONFIG_REPO) }} |
51 | 49 | # Steps represent a sequence of tasks that will be executed as part of the job |
52 | 50 | steps: |
53 | | - - name: set branch/tag and environment to deploy from inputs |
54 | | - run: | |
55 | | - # workflow_dispatch default input doesn't get set on push so we need to set defaults |
56 | | - # via shell parameter expansion |
57 | | - # https://dev.to/mrmike/github-action-handling-input-default-value-5f2g |
58 | | - USER_INPUT_BRANCH=${{ inputs.branch }} |
59 | | - echo "BRANCH=${USER_INPUT_BRANCH:-develop}" >> $GITHUB_ENV |
60 | | - USER_INPUT_ENVIRONMENT=${{ inputs.environment }} |
61 | | - echo "TARGET=${USER_INPUT_ENVIRONMENT:-staging}" >> $GITHUB_ENV |
62 | | - # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it |
63 | | - - uses: actions/checkout@v3 |
64 | | - - uses: ruby/setup-ruby@v1 |
65 | | - with: |
66 | | - ruby-version: 2.7.6 # Not needed with a .ruby-version file |
67 | | - bundler-cache: true # runs 'bundle install' and caches installed gems automatically |
68 | | - - name: get-deployment-config |
69 | | - uses: actions/checkout@v3 |
70 | | - with: |
71 | | - repository: ${{ secrets.CONFIG_REPO }} # repository containing deployment settings |
72 | | - token: ${{ secrets.GH_PAT }} # `GH_PAT` is a secret that contains your PAT |
73 | | - path: deploy_config |
74 | | - - name: copy-deployment-config |
75 | | - run: cp -r deploy_config/ontologies_api/* . |
76 | | - # add ssh hostkey so that capistrano doesn't complain |
77 | | - - name: Add jumphost's hostkey to Known Hosts |
78 | | - run: | |
79 | | - mkdir -p ~/.ssh |
80 | | - ssh-keyscan -H ${{ secrets.SSH_JUMPHOST }} > ~/.ssh/known_hosts |
81 | | - shell: bash |
82 | | - - uses: miloserdow/capistrano-deploy@master |
83 | | - with: |
84 | | - target: ${{ env.TARGET }} # which environment to deploy |
85 | | - deploy_key: ${{ secrets.DEPLOY_ENC_KEY }} # Name of the variable configured in Settings/Secrets of your github project |
| 51 | + - name: set branch/tag and environment to deploy from inputs |
| 52 | + run: | |
| 53 | + # workflow_dispatch default input doesn't get set on push so we need to set defaults |
| 54 | + # via shell parameter expansion |
| 55 | + # https://dev.to/mrmike/github-action-handling-input-default-value-5f2g |
| 56 | + USER_INPUT_BRANCH=${{ inputs.branch }} |
| 57 | + echo "BRANCH=${USER_INPUT_BRANCH:github.head_ref:-master}" >> $GITHUB_ENV |
| 58 | +
|
| 59 | + USER_INPUT_ENVIRONMENT=${{ inputs.environment }} |
| 60 | + echo "TARGET=${USER_INPUT_ENVIRONMENT:-staging}" >> $GITHUB_ENV |
| 61 | +
|
| 62 | + CONFIG_REPO=${{ secrets.CONFIG_REPO }} |
| 63 | + GH_PAT=${{ secrets.GH_PAT }} |
| 64 | + echo "PRIVATE_CONFIG_REPO=https://${GH_PAT}@github.com/${CONFIG_REPO}" >> $GITHUB_ENV |
| 65 | +
|
| 66 | + echo "SSH_JUMPHOST=${{ secrets.SSH_JUMPHOST }}" >> $GITHUB_ENV |
| 67 | + echo "SSH_JUMPHOST_USER=${{ secrets.SSH_JUMPHOST_USER }}" >> $GITHUB_ENV |
| 68 | + # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it |
| 69 | + - uses: actions/checkout@v3 |
| 70 | + - uses: ruby/setup-ruby@v1 |
| 71 | + with: |
| 72 | + ruby-version: 2.7.8 # Not needed with a .ruby-version file |
| 73 | + bundler-cache: true # runs 'bundle install' and caches installed gems automatically |
| 74 | + - name: get-deployment-config |
| 75 | + uses: actions/checkout@v3 |
| 76 | + with: |
| 77 | + repository: ${{ secrets.CONFIG_REPO }} # repository containing deployment settings |
| 78 | + token: ${{ secrets.GH_PAT }} # `GH_PAT` is a secret that contains your PAT |
| 79 | + path: deploy_config |
| 80 | + - name: copy-deployment-config |
| 81 | + run: cp -r deploy_config/ontologies_api/${{ inputs.environment }}/* . |
| 82 | + # add ssh hostkey so that capistrano doesn't complain |
| 83 | + - name: Add jumphost's hostkey to Known Hosts |
| 84 | + run: | |
| 85 | + mkdir -p ~/.ssh |
| 86 | + echo "${{ secrets.SSH_JUMPHOST }}" |
| 87 | + ssh-keyscan -H ${{ secrets.SSH_JUMPHOST }} > ~/.ssh/known_hosts |
| 88 | + shell: bash |
| 89 | + - uses: miloserdow/capistrano-deploy@master |
| 90 | + with: |
| 91 | + target: ${{ env.TARGET }} # which environment to deploy |
| 92 | + deploy_key: ${{ secrets.DEPLOY_ENC_KEY }} # Name of the variable configured in Settings/Secrets of your github project |
0 commit comments