feat(workflows): add CI/CD workflows for backend and frontend

rshdhere · rshdhere · commit 442c4f840d0e · 2025-12-27T17:26:01.000+05:30
- Implement backend deployment to VPS with Node.js and PM2 management
- Create frontend deployment to AWS S3 with CloudFront cache invalidation
- Include installation and build steps for both backend and frontend projects
- Set up workflow triggers on main and master branches for code changes
diff --git a/.github/workflows/backend.yml b/.github/workflows/backend.yml
@@ -0,0 +1,124 @@
+name: Deploy Backend to VPS
+
+on:
+  push:
+    branches:
+      - main
+      - master
+    paths:
+      - 'backend/**'
+  workflow_dispatch:
+
+jobs:
+  deploy:
+    name: Deploy to VPS
+    runs-on: ubuntu-latest
+    
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Setup Node.js
+        uses: actions/setup-node@v4
+        with:
+          node-version: '20'
+          cache: 'npm'
+          cache-dependency-path: backend/package-lock.json
+
+      - name: Install dependencies
+        working-directory: ./backend
+        run: npm ci
+
+      - name: Build TypeScript
+        working-directory: ./backend
+        run: npm run build
+
+      - name: Create deployment package
+        run: |
+          cd backend
+          tar -czf ../backend-deploy.tar.gz \
+            dist/ \
+            package.json \
+            package-lock.json \
+            node_modules/
+
+      - name: Deploy to VPS
+        uses: appleboy/scp-action@v0.1.7
+        with:
+          host: ${{ secrets.VPS_HOST }}
+          username: ${{ secrets.VPS_USER }}
+          key: ${{ secrets.VPS_SSH_KEY }}
+          port: ${{ secrets.VPS_SSH_PORT || 22 }}
+          source: "backend-deploy.tar.gz"
+          target: "/tmp"
+
+      - name: Extract and restart service
+        uses: appleboy/ssh-action@v1.0.3
+        with:
+          host: ${{ secrets.VPS_HOST }}
+          username: ${{ secrets.VPS_USER }}
+          key: ${{ secrets.VPS_SSH_KEY }}
+          port: ${{ secrets.VPS_SSH_PORT || 22 }}
+          script: |
+            # Set deployment directory
+            DEPLOY_DIR="${{ secrets.VPS_DEPLOY_PATH || '/root/copy-paste.space/backend' }}"
+            
+            # Navigate to deployment directory
+            cd "$DEPLOY_DIR"
+            
+            # Backup current dist and node_modules if they exist
+            if [ -d "dist" ] || [ -d "node_modules" ]; then
+              BACKUP_DIR="backup-$(date +%Y%m%d-%H%M%S)"
+              mkdir -p "../backups/$BACKUP_DIR"
+              [ -d "dist" ] && mv dist "../backups/$BACKUP_DIR/"
+              [ -d "node_modules" ] && mv node_modules "../backups/$BACKUP_DIR/"
+            fi
+            
+            # Extract new deployment
+            tar -xzf /tmp/backend-deploy.tar.gz -C "$DEPLOY_DIR"
+            
+            # Ensure .env file exists (copy from backup if needed)
+            if [ ! -f ".env" ] && [ -d "../backups" ]; then
+              LATEST_BACKUP=$(ls -td ../backups/backup-* 2>/dev/null | head -1)
+              if [ -n "$LATEST_BACKUP" ] && [ -f "$LATEST_BACKUP/.env" ]; then
+                cp "$LATEST_BACKUP/.env" .env
+              fi
+            fi
+            
+            # Install production dependencies
+            npm ci --production || npm install --production
+            
+            # Restart PM2 service
+            if pm2 describe cp-backend-production > /dev/null 2>&1; then
+              # Process exists, reload it (zero-downtime restart)
+              pm2 reload cp-backend-production --update-env
+            else
+              # Process doesn't exist, start it
+              pm2 start dist/server.js \
+                --name cp-backend-production \
+                --cwd "$DEPLOY_DIR" \
+                --update-env
+              pm2 save
+            fi
+            
+            # Cleanup old backups (keep last 5)
+            if [ -d "../backups" ]; then
+              ls -td ../backups/backup-* 2>/dev/null | tail -n +6 | xargs rm -rf
+            fi
+            
+            # Cleanup temp file
+            rm -f /tmp/backend-deploy.tar.gz
+
+      - name: Health check
+        uses: appleboy/ssh-action@v1.0.3
+        with:
+          host: ${{ secrets.VPS_HOST }}
+          username: ${{ secrets.VPS_USER }}
+          key: ${{ secrets.VPS_SSH_KEY }}
+          port: ${{ secrets.VPS_SSH_PORT || 22 }}
+          script: |
+            sleep 5
+            # Check PM2 process status
+            pm2 status cp-backend-production
+            pm2 info cp-backend-production
+
diff --git a/.github/workflows/frontend.yml b/.github/workflows/frontend.yml
@@ -0,0 +1,82 @@
+name: Deploy Frontend to AWS S3 + CloudFront
+
+on:
+  push:
+    branches:
+      - main
+      - master
+    paths:
+      - 'frontend/**'
+  workflow_dispatch:
+
+jobs:
+  deploy:
+    name: Deploy to AWS S3 and CloudFront
+    runs-on: ubuntu-latest
+    
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Setup Node.js
+        uses: actions/setup-node@v4
+        with:
+          node-version: '18'
+          cache: 'npm'
+          cache-dependency-path: frontend/package-lock.json
+
+      - name: Install dependencies
+        working-directory: ./frontend
+        run: npm ci
+
+      - name: Build frontend
+        working-directory: ./frontend
+        env:
+          VITE_BACKEND_URI: ${{ secrets.VITE_BACKEND_URI }}
+          VITE_POSTHOG_API_KEY: ${{ secrets.VITE_POSTHOG_API_KEY }}
+          VITE_POSTHOG_SECURE_PATH: ${{ secrets.VITE_POSTHOG_SECURE_PATH }}
+          VITE_PUBLIC_POSTHOG_HOST: ${{ secrets.VITE_PUBLIC_POSTHOG_HOST || 'https://us.i.posthog.com' }}
+        run: npm run build
+
+      - name: Configure AWS credentials
+        uses: aws-actions/configure-aws-credentials@v4
+        with:
+          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
+          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+          aws-region: ${{ secrets.AWS_REGION || 'us-east-1' }}
+
+      - name: Deploy to S3
+        working-directory: ./frontend
+        run: |
+          aws s3 sync dist/ s3://${{ secrets.AWS_S3_BUCKET_NAME }} \
+            --delete \
+            --cache-control "public, max-age=31536000, immutable" \
+            --exclude "*.html" \
+            --exclude "*.json"
+          
+          # Upload HTML files with no-cache
+          aws s3 sync dist/ s3://${{ secrets.AWS_S3_BUCKET_NAME }} \
+            --delete \
+            --cache-control "no-cache, no-store, must-revalidate" \
+            --exclude "*" \
+            --include "*.html" \
+            --include "*.json"
+
+      - name: Invalidate CloudFront cache
+        env:
+          CLOUDFRONT_DIST_ID: ${{ secrets.AWS_CLOUDFRONT_DISTRIBUTION_ID }}
+        run: |
+          if [ -n "$CLOUDFRONT_DIST_ID" ]; then
+            aws cloudfront create-invalidation \
+              --distribution-id "$CLOUDFRONT_DIST_ID" \
+              --paths "/*"
+          else
+            echo "Skipping CloudFront invalidation: Distribution ID not set"
+          fi
+
+      - name: Deployment summary
+        run: |
+          echo "✅ Frontend deployed successfully!"
+          echo "S3 Bucket: ${{ secrets.AWS_S3_BUCKET_NAME }}"
+          echo "CloudFront Distribution: ${{ secrets.AWS_CLOUDFRONT_DISTRIBUTION_ID }}"
+
