Skip to content

Merge pull request #991 from parlemonde/commentary-game #345

Merge pull request #991 from parlemonde/commentary-game

Merge pull request #991 from parlemonde/commentary-game #345

Workflow file for this run

# This workflow deploy the app on prod.
name: Deployment
# Triggered on every push on master
on:
push:
branches: [master]
jobs:
server_tsc:
runs-on: ubuntu-latest
steps:
# [1] checkout repo.
- uses: actions/checkout@v2
# [2] get node.
- name: Use Node.js
uses: actions/setup-node@v2
with:
node-version: "20.11.1"
# [3] install dependencies.
- name: Install dependencies
run: yarn
# [4] test typescript.
- name: Run typescript
run: yarn typescript:server
deploy:
runs-on: ubuntu-latest
needs: server_tsc # check server types before building.
steps:
- uses: actions/checkout@v2
- name: Create SSH key
run: |
mkdir -p ~/.ssh/
echo "$SSH_PRIVATE_KEY" > ../private.key
eval "$(ssh-agent -s)"
sudo chmod 600 ../private.key
ssh-add ../private.key
rm -rf ~/.ssh/known_hosts
echo "$SSH_KNOWN_HOSTS" > ~/.ssh/known_hosts
shell: bash
env:
SSH_PRIVATE_KEY: ${{secrets.SSH_PRIVATE_KEY}}
SSH_KNOWN_HOSTS: ${{secrets.SSH_KNOWN_HOSTS}}
SSH_KEY_PATH: ${{ github.workspace }}/../private.key
- name: Create .env file
env:
HOST_URL: ${{ secrets.HOST }}
PLM_CLIENT_ID: ${{ secrets.CLIENT_ID }}
run: |
cat << EOF > .env
NEXT_PUBLIC_BASE_APP=/api
NEXT_PUBLIC_HOST_URL=$HOST_URL
NEXT_PUBLIC_PLM_HOST=https://prof.parlemonde.org
NEXT_PUBLIC_CLIENT_ID=$PLM_CLIENT_ID
EOF
- name: Create build version and tag
id: tag
uses: actions/github-script@v5
with:
github-token: ${{secrets.GITHUB_TOKEN}}
script: |
const { data: tags } = await github.request("GET /repos/{owner}/{repo}/tags", context.repo);
const maxVersion = tags.map(t => t.name.split('.').map(n => parseInt(n, 10) || 0)).filter(v => v.length === 2).sort((a,b) => b[0] - a[0] || b[1] - a[1] || -1)[0];
const newVersion = `${maxVersion[0] || 0}.${(maxVersion[1] || 0) + 1}`;
await github.rest.git.createRef({
...context.repo,
ref: `refs/tags/${newVersion}`,
sha: context.sha
});
return newVersion;
result-encoding: string
# Add IP to AWS sevurity group
- name: Add IP to AWS security group
uses: sohelamin/aws-security-group-add-ip-action@master
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: eu-west-3
aws-security-group-id: ${{ secrets.AWS_SECURITY_GROUP_ID }}
port: 22
description: GitHub Action
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v1
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: eu-west-3
- name: Login to Amazon ECR
id: login-ecr
uses: aws-actions/amazon-ecr-login@v1
- name: Build, tag, and push image to Amazon ECR
env:
ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }}
BUILD_VERSION: ${{ steps.tag.outputs.result }}
run: |
docker build --build-arg BUILD_VERSION=$BUILD_VERSION -t $ECR_REGISTRY/1village:latest .
docker push $ECR_REGISTRY/1village:latest
- name: Pull and run the docker image on the server
run: ssh -i $SSH_KEY_PATH $server "ECR_REGISTRY=$ECR_REGISTRY IMAGE=$ECR_REGISTRY/1village:latest exec sh" < ./deploy.sh
env:
ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }}
server: ${{secrets.SERVER}}
SSH_KEY_PATH: ${{ github.workspace }}/../private.key