From 786ea1f3e1062137459f6fa19cb30fb8f18d30bf Mon Sep 17 00:00:00 2001 From: Daniel Garcia Brito Date: Mon, 30 Sep 2024 17:33:58 +0100 Subject: [PATCH] chore: update cicd --- .github/workflows/cicd.yml | 67 ++++++++++++++++++-------------------- 1 file changed, 31 insertions(+), 36 deletions(-) diff --git a/.github/workflows/cicd.yml b/.github/workflows/cicd.yml index b584fad..5990d21 100644 --- a/.github/workflows/cicd.yml +++ b/.github/workflows/cicd.yml @@ -1,26 +1,28 @@ -name: Deploy using SSH - +name: Deploy using Ansible on: push: branches: - develop - master - - env: REGISTRY: ghcr.io - IMAGE_NAME: "${{ github.repository }}" - HUSKY: 0 + IMAGE_NAME: ${{ github.repository }} + DOCKERFILE: Dockerfile + jobs: build: environment: ${{ github.ref_name == 'master' && 'production' || 'staging'}} - runs-on: ubuntu-latest + permissions: + contents: read + packages: write + steps: - name: Checkout code uses: actions/checkout@v3 + - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v3 + uses: docker/setup-buildx-action@v2 - name: Login to Docker Registry uses: docker/login-action@v2 @@ -40,40 +42,33 @@ jobs: - name: Build and Push Main Image uses: docker/build-push-action@v4 with: - context: "{{defaultContext}}" + context: . push: true - file: Dockerfile - tags: "${{ steps.meta_main.outputs.tags }}" + file: ${{ env.DOCKERFILE }} + tags: ${{ steps.meta_main.outputs.tags }} labels: ${{ steps.meta_main.outputs.labels }} cache-from: type=gha cache-to: type=gha,mode=max - secrets: | - "next_env_variables=${{ secrets.NEXT_ENV_VARIABLES}}" - - deploy: environment: ${{ github.ref_name == 'master' && 'production' || 'staging'}} runs-on: ubuntu-latest - needs: [build] + needs: build steps: - - name: Deploy to Staging - uses: appleboy/ssh-action@v1.0.0 - env: - PROJECT_PATH: ${{ vars.PROJECT_PATH }} - COMPOSE_FILE: ${{ vars.COMPOSE_FILE }} - with: - host: ${{ vars.REMOTE_HOST }} - username: ${{ vars.REMOTE_USER}} - key: ${{ secrets.SSH_PRIVATE_KEY }} - port: 22 - script_stop: true - envs: PROJECT_PATH,COMPOSE_FILE - script: | - export COMPOSE_INTERACTIVE_NO_CLI=1 - cd $PROJECT_PATH - set -euxo pipefail - git pull - echo ${{ secrets.GITHUB_TOKEN }} | docker login ghcr.io -u ${{ github.actor }} --password-stdin - docker-compose -f ${{ vars.COMPOSE_FILE }} pull COMPOSE_NAME - docker-compose -f ${{ vars.COMPOSE_FILE }} up --force-recreate -d --remove-orphans COMPOSE_NAME + - name: Deploy to ${{ github.ref_name == 'master' && 'production' || 'staging'}} + uses: appleboy/ssh-action@v1.0.0 + env: + PROJECT_PATH: ${{ vars.PROJECT_PATH }} + with: + host: ${{ vars.REMOTE_HOST }} + username: ${{ vars.REMOTE_USER}} + key: ${{ secrets.SSH_PRIVATE_KEY }} + port: 22 + script_stop: true + envs: PROJECT_PATH + script: | + export COMPOSE_INTERACTIVE_NO_CLI=1 + cd $PROJECT_PATH + set -euxo pipefail + git pull + ansible-playbook -i inventory/${{ github.ref_name == 'master' && 'production' || 'staging'}} site.yml --tags deploy --extra-vars "services_to_start=['front'] docker_compose_project_github_token=${{ secrets.GITHUB_TOKEN }} docker_compose_project_github_actor=${{ github.actor }}" \ No newline at end of file