Skip to content

Commit e5efa42

Browse files
MaypherMaypher
committed
Add github actions for deployment
1 parent 525c721 commit e5efa42

File tree

2 files changed

+151
-0
lines changed

2 files changed

+151
-0
lines changed

.github/workflows/deploy.yml

Lines changed: 149 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,149 @@
1+
name: Build and deploy Vector Interior Design Website
2+
3+
on:
4+
push:
5+
branches:
6+
- master
7+
paths-ignore:
8+
- "**/*.md"
9+
- "**/docs/*"
10+
- "**/*LICENSE"
11+
- ".vscode"
12+
13+
permissions:
14+
contents: read
15+
16+
jobs:
17+
deploy:
18+
name: Build and deploy Vector site
19+
runs-on: ubuntu-latest
20+
steps:
21+
- name: Checkout locally
22+
if: ${{ env.ACT }}
23+
uses: actions/checkout@v4
24+
with:
25+
repository: Maypher/Vector-Interior-Design
26+
ref: "development"
27+
token: "${{ secrets.GITHUB_PAT }}"
28+
- name: Checkout
29+
if: ${{ !env.ACT }}
30+
uses: actions/checkout@v4
31+
- name: Setup ssh key
32+
run: |
33+
set -e
34+
mkdir -p ~/.ssh
35+
echo "${{ secrets.ssh_key }}" > ~/.ssh/id_rsa
36+
chmod 600 ~/.ssh/id_rsa
37+
ip=$(echo "${{ secrets.ssh_connection }}" | cut -d'@' -f2)
38+
ssh-keyscan -H "$ip" >> ~/.ssh/known_hosts
39+
- name: Make directories
40+
run: |
41+
ssh -i ~/.ssh/id_rsa ${{ secrets.ssh_connection }} "
42+
set -e
43+
mkdir -p /vectorapp/
44+
cd /vectorapp
45+
mkdir -p app
46+
"
47+
- name: "Install htpasswd"
48+
if: ${{ !env.ACT }}
49+
run: apt-get update && apt-get -y install apache2-utils
50+
- name: Install dependencies locally
51+
if: ${{ env.ACT }}
52+
run: |
53+
sudo apt-get update
54+
sudo apt-get install ca-certificates curl
55+
sudo install -m 0755 -d /etc/apt/keyrings
56+
sudo curl -fsSL https://download.docker.com/linux/ubuntu/gpg -o /etc/apt/keyrings/docker.asc
57+
sudo chmod a+r /etc/apt/keyrings/docker.asc
58+
59+
# Add the repository to Apt sources:
60+
echo \
61+
"deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/ubuntu \
62+
$(. /etc/os-release && echo "${UBUNTU_CODENAME:-$VERSION_CODENAME}") stable" | \
63+
sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
64+
sudo apt-get update
65+
66+
apt-get update && apt-get -y install rsync apache2-utils docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin
67+
- name: Update Registry Dockerfile
68+
run: |
69+
cd $GITHUB_WORKSPACE/registry/
70+
71+
# Check if the registry dockerfile has changed
72+
local_checksum=$(sha256sum "Dockerfile" | awk '{print $1}')
73+
remote_checksum=$(ssh "${{ secrets.ssh_connection }}" "sha256sum '/vectorapp/registry/Dockerfile' 2>/dev/null" | awk '{print $1}')
74+
75+
# If so update it and restart the server
76+
if [[ $local_checksum != $remote_checksum ]]; then
77+
78+
# Make a password file
79+
mkdir password
80+
cd password
81+
touch htpasswd
82+
83+
# Generate a bcrypt for the password and store in the file
84+
htpasswd -bnBC 10 "${{ secrets.registry_username }}" "${{ secrets.registry_password }}" | tr -d '\n' > htpasswd
85+
86+
cd ..
87+
88+
# Sync all data to the vps
89+
rsync -aqc . ${{ secrets.ssh_connection }}:/vectorapp/app/registry/
90+
91+
# Rebuild docker image
92+
ssh -i ~/.ssh/id_rsa ${{ secrets.ssh_connection }} "
93+
cd /vectorapp/app/registry
94+
95+
docker stop 'vector-registry' || true
96+
docker rm 'vector-registry' || true
97+
docker build -t 'vector-registry' . --target 'base'
98+
docker run -d --mount "type=bind,src=\${PWD}/password,dst=/auth/htpasswd" -p 127.0.0.1:5000:5000 -v registry-data:/var/lib/registry --name 'vector-registry' 'vector-registry'
99+
"
100+
else
101+
echo "Registry Dockerfile hasn't changed skipping update"
102+
fi
103+
- name: Copy docker-compose and env variables
104+
run: |
105+
mkdir secrets
106+
cd secrets
107+
echo "${{ secrets.admin_password }}" > "admin_password.txt"
108+
echo "${{ secrets.user_password }}" > "user_password.txt"
109+
echo "${{ secrets.postgres_password }}" > "postgres_password.txt"
110+
echo "${{ secrets.nginx_forward_secret }}" > "nginx_forward_secret.txt"
111+
cd ..
112+
113+
echo "${{ vars.PRODUCTION_VARIABLES }}" > ".env"
114+
115+
rsync -aqc docker-compose.yml docker-compose.prod.yml .env secrets ${{ secrets.ssh_connection }}:/vectorapp/app/compose/
116+
- name: Build and push changes
117+
run: |
118+
source .env
119+
registry_host="https://$REGISTRY_URL"
120+
echo "$registry_host"
121+
echo "${{ secrets.registry_password }}" | docker login $registry_host --username ${{ secrets.registry_username }} --password-stdin
122+
docker compose --profile prod -f docker-compose.yml -f docker-compose.prod.yml --env-file .env build
123+
docker compose --profile prod -f docker-compose.yml -f docker-compose.prod.yml --env-file .env push -q
124+
- name: Pull changes
125+
run: |
126+
ssh -i ~/.ssh/id_rsa ${{ secrets.ssh_connection }} "
127+
cd /vectorapp/app/compose
128+
129+
source .env
130+
131+
echo "${{ secrets.registry_password }}" | docker login https://$REGISTRY_URL --username ${{ secrets.registry_username }} --password-stdin
132+
133+
docker compose --profile prod pull
134+
docker compose --profile prod -f docker-compose.yml -f docker-compose.prod.yml up --force-recreate -d
135+
docker image prune -f
136+
"
137+
- name: Install cleanup dependencies
138+
uses: actions/setup-python@v5
139+
with:
140+
python-version: '3.13'
141+
cache: 'pip'
142+
- name: Cleanup registry
143+
run: |
144+
cd registry/cleanup
145+
pip install -r requirements-build.txt
146+
147+
source ../../.env
148+
149+
python registry.py -l "${{ secrets.registry_username }}:${{ secrets.registry_password }}" -r "https://$REGISTRY_URL" --delete --num 5 --keep-tags "latest"

.gitignore

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -7,3 +7,5 @@ secrets
77
conf
88
.env*
99
password
10+
.secrets
11+
.vars

0 commit comments

Comments
 (0)