Skip to content

Merge pull request #83 from itwzhp/dev #396

Merge pull request #83 from itwzhp/dev

Merge pull request #83 from itwzhp/dev #396

Workflow file for this run

name: Build and deploy
on:
push:
branches: [dev, main]
pull_request:
branches: [main]
workflow_dispatch:
env:
ENVIRONMENT_NAME: "${{ github.event_name == 'push' && github.ref_name == 'main' && 'prod' || 'dev' }}"
PACKAGE_NAME: cbp-app-package.tar.gz
DEPLOY_PATH: /var/www/vhosts/${{ github.ref_name == 'main' && 'cbp.zhp.pl/cbp.zhp.pl' || 'cbp-dev.zhp.pl/cbp-dev.zhp.pl' }} # until relase; then change to cbp.zhp.pl for sake of clarity
PHP_PATH: /opt/plesk/php/8.2/bin/php
jobs:
build:
name: Build and test
runs-on: ubuntu-latest
services:
mysql:
image: mysql:latest
env:
MYSQL_ALLOW_EMPTY_PASSWORD: yes
MYSQL_DATABASE: cbp_test
ports:
- 33306:3306 # external:internal
options: >-
--health-cmd="mysqladmin ping"
--health-interval=10s
--health-timeout=5s
--health-retries=3
steps:
###### Prepare environment
- uses: actions/checkout@v4
- name: Setup Node.js
uses: actions/setup-node@v4
with:
node-version: '18.x'
- name: Login to Azure
uses: azure/login@v2
with:
creds: ${{ secrets.AZURE_CREDENTIALS }}
- name: Install PHP versions
uses: shivammathur/setup-php@v2
with:
php-version: '8.2'
########### Restore caches
- name: Cache node_modules directory
uses: actions/cache@v4
id: node_modules-cache
with:
path: node_modules
key: ${{ runner.OS }}-build-${{ hashFiles('**/package.json') }}-${{ hashFiles('**/package-lock.json') }}
- name: Get Composer Cache Directory
id: composer-cache
run: |
echo "::set-output name=dir::$(composer config cache-files-dir)"
- name: Cache PHP composer cache
uses: actions/cache@v4
with:
path: ${{ steps.composer-cache.outputs.dir }}
key: ${{ runner.os }}-composer-${{ hashFiles('**/composer.lock') }}
restore-keys: |
${{ runner.os }}-composer-
- name: Cache PHP dependencies
uses: actions/cache@v4
id: vendor-cache
with:
path: vendor
key: ${{ runner.OS }}-build-${{ hashFiles('**/composer.lock') }}
###### Validate bicep
- name: Validate Bicep
uses: azure/arm-deploy@v2
with:
scope: resourcegroup
subscriptionId: ${{ vars.AZURE_SUBSCRIPTION_ID }}
resourceGroupName: zhp-cbp-${{ env.ENVIRONMENT_NAME }}
template: ./infrastructure/cbp.bicep
deploymentMode: Validate
parameters: environment=${{ env.ENVIRONMENT_NAME }}
###### Install dependencies
- name: Copy .env
run: php -r "file_exists('.env') || copy('.env.example', '.env');"
- name: Install Composer Dependencies
if: steps.vendor-cache.outputs.cache-hit != 'true'
run: composer install -q --no-ansi --no-interaction --no-scripts --no-progress --prefer-dist
- name: Install NPM Dependencies
if: steps.node_modules-cache.outputs.cache-hit != 'true'
run: npm ci
###### Build
- name: Build frontend
run: npm run build
# - name: Generate key
# run: php artisan key:generate
##### Tests
# - name: Run Migrations
# env:
# DB_CONNECTION: mysql
# DB_DATABASE: cbp_test
# DB_PORT: 33306
# DB_USER: root
# run: |
# chmod -R 777 storage bootstrap/cache
# php artisan migrate
# php artisan db:seed
#
# - name: Check code style
# run: vendor/bin/pint --config vendor/apsg/coding-standards/pint.json --test
# - name: Execute tests (Unit and Feature tests) via PestPHP
# env:
# DB_CONNECTION: mysql
# DB_DATABASE: cbp_test
# DB_PORT: 33306
# DB_USER: root
# run: vendor/bin/pest --parallel
##### Prepare & Publish artifact
- name: Clear package cache/sessions after testing
run: rm -rf ./storage/framework/sessions/* ./storage/framework/views/*
- name: Compress package
run: tar --exclude="./tests" --exclude="./node_modules" --exclude="./vendor" --exclude=".git" --exclude="./.env" --exclude=".github" --exclude="${{ env.PACKAGE_NAME }}" --exclude="./storage/logs" --exclude="./storage/debugbar" -cvf ${{ env.PACKAGE_NAME }} .
- name: Publish build artifact
uses: actions/upload-artifact@v4
with:
name: ${{ env.PACKAGE_NAME }}
path: ${{ env.PACKAGE_NAME }}
- name: Publish bicep artifact
uses: actions/upload-artifact@v4
with:
name: cbp.bicep
path: ./infrastructure/cbp.bicep
deploy-azure:
name: Deploy Azure storage
if: github.event_name == 'push'
needs: build
runs-on: ubuntu-latest
steps:
- name: Login to Azure
uses: azure/login@v2
with:
creds: ${{ secrets.AZURE_CREDENTIALS }}
- name: Download bicep artifact
uses: actions/download-artifact@v4
with:
name: cbp.bicep
- name: Deploy Bicep
uses: azure/arm-deploy@v2
with:
scope: resourcegroup
subscriptionId: ${{ vars.AZURE_SUBSCRIPTION_ID }}
resourceGroupName: zhp-cbp-${{ env.ENVIRONMENT_NAME }}
template: cbp.bicep
parameters: environment=${{ env.ENVIRONMENT_NAME }}
deploy-dev:
name: Deploy to the DEV site
runs-on: ubuntu-latest
environment: dev
needs: [build , deploy-azure]
if: github.event_name == 'push' && github.ref != 'refs/heads/main'
env:
SSH_COMMAND: 'ssh -o "StrictHostKeyChecking=no" ${{ secrets.SERVER_USERNAME }}@${{ secrets.SERVER }} -p ${{ secrets.SERVER_PORT }}'
steps:
- name: Setup SSH
uses: webfactory/[email protected]
with:
ssh-private-key: ${{ secrets.SSH_KEY }}
- name: Download artifact
uses: actions/download-artifact@v4
with:
name: ${{ env.PACKAGE_NAME }}
- name: Copy new version into server
run: scp -o "StrictHostKeyChecking=no" -P ${{ secrets.SERVER_PORT }} -r ./$PACKAGE_NAME ${{ secrets.SERVER_USERNAME }}@${{ secrets.SERVER }}:/tmp
- name: Ensure deploy folder presence
run: ${{ env.SSH_COMMAND }} "mkdir --parents ${{ env.DEPLOY_PATH }}"
- name: Extract package to tmp
run: |
${{ env.SSH_COMMAND }} "mkdir -p /tmp/new_cbp_${ENVIRONMENT_NAME}"
${{ env.SSH_COMMAND }} "tar --no-overwrite-dir -m -xvf /tmp/$PACKAGE_NAME -C /tmp/new_cbp_${ENVIRONMENT_NAME}"
- name: Remove old and move new package
run: ${{ env.SSH_COMMAND }} "rm -rf $DEPLOY_PATH/* && rsync -arv /tmp/new_cbp_${ENVIRONMENT_NAME}/ $DEPLOY_PATH/"
- name: Install composer
run: ${{ env.SSH_COMMAND }} "cd $DEPLOY_PATH && $PHP_PATH composer.phar install"
- name: Decrypt env
run: ${{ env.SSH_COMMAND }} "cd $DEPLOY_PATH && $PHP_PATH artisan env:decrypt --env=${ENVIRONMENT_NAME} --key=${{ secrets.DECRYPT_KEY }} --force --filename=.env"
- name: Run db migrations
run: ${{ env.SSH_COMMAND }} "cd $DEPLOY_PATH && $PHP_PATH artisan migrate --force --seed"
- name: Clear cache
run: ${{ env.SSH_COMMAND }} "cd $DEPLOY_PATH && $PHP_PATH artisan cache:clear"
- name: Optimize
run: ${{ env.SSH_COMMAND }} "cd $DEPLOY_PATH && $PHP_PATH artisan optimize"
- name: Remove old tar.gz and unpacked files after installation
run: |
${{ env.SSH_COMMAND }} "rm -f /tmp/$PACKAGE_NAME"
${{ env.SSH_COMMAND }} "rm -rf /tmp/new_cbp_${ENVIRONMENT_NAME}"
deploy-prod:
name: Deploy to the PROD site
runs-on: ubuntu-latest
environment: prod
needs: [build , deploy-azure]
if: github.event_name == 'push' && github.ref == 'refs/heads/main'
env:
SSH_COMMAND: 'ssh -o "StrictHostKeyChecking=no" ${{ secrets.SERVER_USERNAME }}@${{ secrets.SERVER }} -p ${{ secrets.SERVER_PORT }}'
steps:
- name: Setup SSH
uses: webfactory/[email protected]
with:
ssh-private-key: ${{ secrets.SSH_KEY }}
- name: Download artifact
uses: actions/download-artifact@v4
with:
name: ${{ env.PACKAGE_NAME }}
- name: Copy new version into server
run: scp -o "StrictHostKeyChecking=no" -P ${{ secrets.SERVER_PORT }} -r ./$PACKAGE_NAME ${{ secrets.SERVER_USERNAME }}@${{ secrets.SERVER }}:/tmp
- name: Ensure deploy folder presence
run: ${{ env.SSH_COMMAND }} "mkdir --parents ${{ env.DEPLOY_PATH }}"
- name: Extract package to tmp
run: |
${{ env.SSH_COMMAND }} "mkdir -p /tmp/new_cbp_${ENVIRONMENT_NAME}"
${{ env.SSH_COMMAND }} "tar --no-overwrite-dir -m -xvf /tmp/$PACKAGE_NAME -C /tmp/new_cbp_${ENVIRONMENT_NAME}"
- name: Remove old and move new package
run: ${{ env.SSH_COMMAND }} "rm -rf $DEPLOY_PATH/* && rsync -arv /tmp/new_cbp_${ENVIRONMENT_NAME}/ $DEPLOY_PATH/"
- name: Install composer
run: ${{ env.SSH_COMMAND }} "cd $DEPLOY_PATH && $PHP_PATH composer.phar install"
- name: Decrypt env
run: ${{ env.SSH_COMMAND }} "cd $DEPLOY_PATH && $PHP_PATH artisan env:decrypt --env=${ENVIRONMENT_NAME} --key=${{ secrets.DECRYPT_KEY }} --force --filename=.env"
- name: Run db migrations
run: ${{ env.SSH_COMMAND }} "cd $DEPLOY_PATH && $PHP_PATH artisan migrate --force --seed"
- name: Clear cache
run: ${{ env.SSH_COMMAND }} "cd $DEPLOY_PATH && $PHP_PATH artisan cache:clear"
- name: Optimize
run: ${{ env.SSH_COMMAND }} "cd $DEPLOY_PATH && $PHP_PATH artisan optimize"
- name: Remove old tar.gz and unpacked files after installation
run: |
${{ env.SSH_COMMAND }} "rm -f /tmp/$PACKAGE_NAME"
${{ env.SSH_COMMAND }} "rm -rf /tmp/new_cbp_${ENVIRONMENT_NAME}"