Skip to content

Commit

Permalink
- improve prod deployment (#313)
Browse files Browse the repository at this point in the history
* add logs to supervisor laravel queue process

* update dependabot

* composer update

* improve deployment

* update readme
  • Loading branch information
mtracz authored Jun 2, 2023
1 parent 7521107 commit 3d62f12
Show file tree
Hide file tree
Showing 16 changed files with 488 additions and 301 deletions.
1 change: 1 addition & 0 deletions .dockerignore
Original file line number Diff line number Diff line change
Expand Up @@ -8,3 +8,4 @@ public/hot
.phpunit.result.cache
.env
environment/prod/deployment/beta
environment/prod/deployment/prod
1 change: 1 addition & 0 deletions .env.example
Original file line number Diff line number Diff line change
Expand Up @@ -69,3 +69,4 @@ DOCKER_TEST_DB_PASSWORD=${DB_PASSWORD}
DOCKER_TEST_DB_ROOT_PASSWORD=${DB_ROOT_PASSWORD}

BETA_ENV_KEY=
PROD_ENV_KEY=
24 changes: 24 additions & 0 deletions .github/dependabot.yml
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,7 @@ updates:
schedule:
interval: monthly
time: "06:30"
timezone: "Europe/Warsaw"
commit-message:
prefix: "- "
target-branch: main
Expand All @@ -16,7 +17,30 @@ updates:
schedule:
interval: monthly
time: "06:30"
timezone: "Europe/Warsaw"
commit-message:
prefix: "- "
target-branch: main
open-pull-requests-limit: 1

- package-ecosystem: github-actions
directory: "/"
schedule:
interval: monthly
time: "06:30"
timezone: "Europe/Warsaw"
commit-message:
prefix: "- (github actions) "
target-branch: main
open-pull-requests-limit: 1

- package-ecosystem: docker
directory: "/environment/prod/app"
schedule:
interval: monthly
time: "06:30"
timezone: "Europe/Warsaw"
commit-message:
prefix: "- (docker dev) "
target-branch: main
open-pull-requests-limit: 1
6 changes: 3 additions & 3 deletions .github/workflows/deploy-to-beta-manually.yml
Original file line number Diff line number Diff line change
Expand Up @@ -60,9 +60,9 @@ jobs:
build-args: DEPLOYMENT_PROJECT_VERSION_ARG=${{ env.DEPLOYMENT_PROJECT_VERSION }}
labels: ${{ steps.meta.outputs.labels }}
push: true
tags: ghcr.io/${{ github.repository_owner }}/toby:beta
cache-from: type=gha, ref=ghcr.io/${{ github.repository_owner }}/toby-beta-build-cache
cache-to: type=gha, ref=ghcr.io/${{ github.repository_owner }}/toby-beta-build-cache, mode=max
tags: ghcr.io/${{ github.repository_owner }}/${{ env.REPO_NAME }}:beta
cache-from: type=gha, ref=ghcr.io/${{ github.repository_owner }}/${{ env.REPO_NAME }}-beta-build-cache
cache-to: type=gha, ref=ghcr.io/${{ github.repository_owner }}/${{ env.REPO_NAME }}-beta-build-cache, mode=max

- name: copy files via ssh
uses: appleboy/[email protected]
Expand Down
50 changes: 39 additions & 11 deletions .github/workflows/deploy-to-prod.yml
Original file line number Diff line number Diff line change
Expand Up @@ -14,10 +14,15 @@ jobs:
environment: production
runs-on: ubuntu-22.04
name: Deploy to production
env:
REPO_NAME: toby
steps:
- name: checkout
uses: actions/checkout@v3

- name: set deployment project version
run: echo "DEPLOYMENT_PROJECT_VERSION=$(bash ./environment/prod/deployment/scripts/version.sh --long)" >> $GITHUB_ENV

- name: set up Docker Buildx
uses: docker/setup-buildx-action@v2

Expand All @@ -28,19 +33,45 @@ jobs:
username: ${{ github.actor }}
password: ${{ github.token }}

- name: Docker meta
id: meta
uses: docker/metadata-action@v4
with:
images: ghcr.io/${{ github.repository_owner }}/${{ env.REPO_NAME }}
tags: |
type=raw,value=latest
type=raw,value=${{ github.ref_name }}
context: git

- name: build and push image
uses: docker/build-push-action@v4
with:
context: .
file: ./environment/prod/app/Dockerfile
build-args: DEPLOYMENT_PROJECT_VERSION_ARG=${{ env.DEPLOYMENT_PROJECT_VERSION }}
labels: ${{ steps.meta.outputs.labels }}
push: true
tags: |
ghcr.io/${{ github.repository_owner }}/toby:latest
ghcr.io/${{ github.repository_owner }}/toby:${{ github.ref_name }}
cache-from: type=gha, ref=ghcr.io/${{ github.repository_owner }}/toby-prod-build-cache
cache-to: type=gha, ref=ghcr.io/${{ github.repository_owner }}/toby-prod-build-cache, mode=max
ghcr.io/${{ github.repository_owner }}/${{ env.REPO_NAME }}:latest
ghcr.io/${{ github.repository_owner }}/${{ env.REPO_NAME }}:${{ github.ref_name }}
cache-from: type=gha, ref=ghcr.io/${{ github.repository_owner }}/${{ env.REPO_NAME }}-prod-build-cache
cache-to: type=gha, ref=ghcr.io/${{ github.repository_owner }}/${{ env.REPO_NAME }}-prod-build-cache, mode=max

- name: copy files via ssh
uses: appleboy/[email protected]
with:
timeout: 10s
command_timeout: 10m
host: ${{ secrets.VPS_OVH_BF7EC892_HOST }}
port: ${{ secrets.VPS_OVH_BF7EC892_PORT }}
username: ${{ secrets.VPS_OVH_BF7EC892_USERNAME }}
key: ${{ secrets.VPS_OVH_BF7EC892_SSH_PRIVATE_KEY }}
passphrase: ${{ secrets.VPS_OVH_BF7EC892_SSH_PRIVATE_KEY_PASSPHRASE }}
source: "./environment/prod/deployment/prod/*,./environment/prod/deployment/scripts/*"
target: ${{ secrets.TOBY_VPS_LIVE_APP_PATH }}
rm: true

- uses: appleboy/[email protected].8
- uses: appleboy/[email protected].10
env:
BRANCH_NAME: "main"
with:
Expand All @@ -53,9 +84,6 @@ jobs:
passphrase: ${{ secrets.VPS_OVH_BF7EC892_SSH_PRIVATE_KEY_PASSPHRASE }}
script_stop: true
script: |
cd ${{ secrets.TOBY_VPS_LIVE_APP_PATH }}
git fetch
git checkout --force "${{ env.BRANCH_NAME }}"
git pull
make prod-deploy
docker images --filter dangling=true | grep "ghcr.io/blumilksoftware/toby" | awk '{print $3}'| xargs --no-run-if-empty docker rmi
cd ${{ secrets.TOBY_VPS_LIVE_APP_PATH }}/environment/prod/deployment/prod
make prod-deploy PROD_ENV_KEY=${{ secrets.PROD_ENV_KEY }}
docker images --filter dangling=true | grep "ghcr.io/blumilksoftware/${{ env.REPO_NAME }}" | awk '{print $3}'| xargs --no-run-if-empty docker rmi
1 change: 1 addition & 0 deletions .gitignore
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,7 @@
.env
.env.backup
.env.beta
.env.prod
.phpunit.result.cache
docker-compose.override.yml
Homestead.json
Expand Down
42 changes: 29 additions & 13 deletions Makefile
Original file line number Diff line number Diff line change
Expand Up @@ -8,22 +8,10 @@ SHELL := /bin/bash
DOCKER_COMPOSE_FILE = docker-compose.yml
DOCKER_COMPOSE_APP_CONTAINER = php

DOCKER_COMPOSE_PROD_FILENAME = docker-compose.prod.yml
PROD_DOCKER_EXEC = docker compose --file ${DOCKER_COMPOSE_PROD_FILENAME} exec --workdir /application/environment/scripts

CURRENT_USER_ID = $(shell id --user)
CURRENT_USER_GROUP_ID = $(shell id --group)
CURRENT_DIR = $(shell pwd)

prod-deploy:
docker compose --file ${DOCKER_COMPOSE_PROD_FILENAME} up --force-recreate --detach && \
echo "App post deploy actions" && \
${PROD_DOCKER_EXEC} toby-prod-app bash post-deploy-actions.sh

prod-reload-config:
echo "App config reload" && \
${PROD_DOCKER_EXEC} toby-prod-app bash reload-config.sh

build:
@docker compose --file ${DOCKER_COMPOSE_FILE} build --pull

Expand Down Expand Up @@ -75,4 +63,32 @@ decrypt-beta-env:
&& mv .env.beta /envs \
&& rm .env.beta.encrypted"

.PHONY: prod-deploy prod-reload-config build run stop restart shell test fix queue encrypt-beta-env decrypt-beta-env
encrypt-prod-env:
@docker compose --file ${DOCKER_COMPOSE_FILE} run \
--rm \
--no-deps \
--volume ${CURRENT_DIR}/environment/prod/deployment/prod:/envs \
--entrypoint "" \
--workdir /application \
--user "${CURRENT_USER_ID}:${CURRENT_USER_GROUP_ID}" \
${DOCKER_COMPOSE_APP_CONTAINER} \
bash -c "cp /envs/.env.prod /application \
&& php artisan env:encrypt --env prod --key ${PROD_ENV_KEY} \
&& mv .env.prod.encrypted /envs \
&& rm .env.prod"

decrypt-prod-env:
@docker compose --file ${DOCKER_COMPOSE_FILE} run \
--rm \
--no-deps \
--volume ${CURRENT_DIR}/environment/prod/deployment/prod:/envs \
--entrypoint "" \
--workdir /application \
--user "${CURRENT_USER_ID}:${CURRENT_USER_GROUP_ID}" \
${DOCKER_COMPOSE_APP_CONTAINER} \
bash -c "cp /envs/.env.prod.encrypted /application \
&& php artisan env:decrypt --env prod --key ${PROD_ENV_KEY} \
&& mv .env.prod /envs \
&& rm .env.prod.encrypted"

.PHONY: build run stop restart shell test fix queue encrypt-beta-env decrypt-beta-env encrypt-prod-env decrypt-prod-env
12 changes: 6 additions & 6 deletions composer.json
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@
"keywords": ["toby", "laravel", "hr"],
"license": "MIT",
"require": {
"php": "^8.1",
"php": "^8.2",
"ext-pdo": "*",
"ext-redis": "*",
"azuyalabs/yasumi": "^2.6.0",
Expand All @@ -14,21 +14,21 @@
"fakerphp/faker": "^1.22.0",
"guzzlehttp/guzzle": "^7.7.0",
"inertiajs/inertia-laravel": "^0.6.9",
"laravel/framework": "^10.12.0",
"laravel/framework": "^10.13.0",
"laravel/sanctum": "^3.2.5",
"laravel/socialite": "^5.6.1",
"laravel/telescope": "^4.14.3",
"laravel/socialite": "^5.6.2",
"laravel/telescope": "^4.14.4",
"laravel/tinker": "^2.8.1",
"maatwebsite/excel": "^3.1.48",
"phpoffice/phpword": "^1.1.0",
"rackbeat/laravel-ui-avatars": "^1.2",
"sentry/sentry-laravel": "^3.4.0",
"sentry/sentry-laravel": "^3.4.1",
"spatie/laravel-google-calendar": "^3.6.0",
"spatie/laravel-model-states": "^2.4.6",
"spatie/laravel-slack-slash-command": "^1.11.4"
},
"require-dev": {
"blumilksoftware/codestyle": "^2.2.0",
"blumilksoftware/codestyle": "^2.3.0",
"laravel/dusk": "^7.7.1",
"mockery/mockery": "^1.5.1",
"nunomaduro/collision": "^7.5.2",
Expand Down
Loading

0 comments on commit 3d62f12

Please sign in to comment.