prod-cicd3 #19
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI/CD Deploy to Windows VM | |
| on: | |
| push: | |
| branches: | |
| - main # deploy to PROD | |
| - TestDeployment # deploy to TEST ENV-PROD deployment | |
| jobs: | |
| build-and-deploy: | |
| runs-on: windows-latest | |
| steps: | |
| # 1. Checkout | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| # 2. Setup .NET | |
| - name: Setup .NET | |
| uses: actions/setup-dotnet@v4 | |
| with: | |
| dotnet-version: '8.0.x' | |
| # 3. Build & publish | |
| - name: Publish app | |
| run: dotnet publish -c Release -o ./publish | |
| # 4. Set environment variables correctly | |
| - name: Set environment variables | |
| shell: pwsh | |
| run: | | |
| if ("${{ github.ref_name }}" -eq "TestDeployment") { | |
| "VM_HOST=${{ secrets.PROD_VM_HOST }}" | Out-File -FilePath $env:GITHUB_ENV -Append | |
| "VM_USER=${{ secrets.PROD_VM_USER }}" | Out-File -FilePath $env:GITHUB_ENV -Append | |
| "VM_PASSWORD=${{ secrets.PROD_VM_PASSWORD }}" | Out-File -FilePath $env:GITHUB_ENV -Append | |
| } else { | |
| "VM_HOST=${{ secrets.PROD_VM_HOST }}" | Out-File -FilePath $env:GITHUB_ENV -Append | |
| "VM_USER=${{ secrets.PROD_VM_USER }}" | Out-File -FilePath $env:GITHUB_ENV -Append | |
| "VM_PASSWORD=${{ secrets.PROD_VM_PASSWORD }}" | Out-File -FilePath $env:GITHUB_ENV -Append | |
| } | |
| # 5. Debug check (just to confirm secrets are being set — safe version) | |
| - name: Debug env | |
| shell: pwsh | |
| run: | | |
| Write-Host "VM_HOST = $env:VM_HOST" | |
| Write-Host "VM_USER = $env:VM_USER" | |
| if ($env:VM_PASSWORD) { | |
| Write-Host "VM_PASSWORD is set (length = $($env:VM_PASSWORD.Length))" | |
| } else { | |
| Write-Host "VM_PASSWORD is EMPTY!" | |
| } | |
| # 6. Copy files to VM | |
| - name: Copy files | |
| shell: pwsh | |
| run: | | |
| # Allow connecting to remote host | |
| Set-Item -Path WSMan:\localhost\Client\TrustedHosts -Value $env:VM_HOST -Force | |
| $securePassword = ConvertTo-SecureString $env:VM_PASSWORD -AsPlainText -Force | |
| $creds = New-Object System.Management.Automation.PSCredential ($env:VM_USER, $securePassword) | |
| #Ignore certificate issues | |
| $opts = New-PSSessionOption -SkipCACheck -SkipCNCheck -SkipRevocationCheck | |
| $session = New-PSSession -ComputerName $env:VM_HOST -UseSSL -SessionOption $opts -Credential $creds | |
| # Clear old files on VM | |
| Invoke-Command -Session $session -ScriptBlock { | |
| Remove-Item "C:\inetpub\wwwroot\MigrationToolV1.0" -Recurse -Force -ErrorAction SilentlyContinue | |
| New-Item -ItemType Directory -Path "C:\inetpub\wwwroot\MigrationToolV1.0" -Force | |
| } | |
| Copy-Item -Path "./publish/*" -Destination "C:\inetpub\wwwroot\MigrationToolV1.0" -Recurse -ToSession $session | |
| Remove-PSSession $session | |
| # 7. Restart IIS | |
| - name: Restart IIS | |
| shell: pwsh | |
| run: | | |
| Set-Item -Path WSMan:\localhost\Client\TrustedHosts -Value $env:VM_HOST -Force | |
| $securePassword = ConvertTo-SecureString $env:VM_PASSWORD -AsPlainText -Force | |
| $creds = New-Object System.Management.Automation.PSCredential ($env:VM_USER, $securePassword) | |
| $opts = New-PSSessionOption -SkipCACheck -SkipCNCheck -SkipRevocationCheck | |
| Invoke-Command -ComputerName $env:VM_HOST -UseSSL -SessionOption $opts -Credential $creds -ScriptBlock {iisreset} | |