Merge pull request #995 from parlemonde/VIL-67 #348

Workflow file for this run

	# This workflow deploy the app on prod.
	name: Deployment

	# Triggered on every push on master
	on:
	push:
	branches: [master]

	jobs:
	server_tsc:
	runs-on: ubuntu-latest
	steps:
	# [1] checkout repo.
	- uses: actions/checkout@v2

	# [2] get node.
	- name: Use Node.js
	uses: actions/setup-node@v2
	with:
	node-version: "20.11.1"

	# [3] install dependencies.
	- name: Install dependencies
	run: yarn

	# [4] test typescript.
	- name: Run typescript
	run: yarn typescript:server

	deploy:
	runs-on: ubuntu-latest
	needs: server_tsc # check server types before building.
	steps:
	- uses: actions/checkout@v2

	- name: Create SSH key
	run: \|
	mkdir -p ~/.ssh/
	echo "$SSH_PRIVATE_KEY" > ../private.key
	eval "$(ssh-agent -s)"
	sudo chmod 600 ../private.key
	ssh-add ../private.key
	rm -rf ~/.ssh/known_hosts
	echo "$SSH_KNOWN_HOSTS" > ~/.ssh/known_hosts
	shell: bash
	env:
	SSH_PRIVATE_KEY: ${{secrets.SSH_PRIVATE_KEY}}
	SSH_KNOWN_HOSTS: ${{secrets.SSH_KNOWN_HOSTS}}
	SSH_KEY_PATH: ${{ github.workspace }}/../private.key

	- name: Create .env file
	env:
	HOST_URL: ${{ secrets.HOST }}
	PLM_CLIENT_ID: ${{ secrets.CLIENT_ID }}
	run: \|
	cat << EOF > .env
	NEXT_PUBLIC_BASE_APP=/api
	NEXT_PUBLIC_HOST_URL=$HOST_URL
	NEXT_PUBLIC_PLM_HOST=https://prof.parlemonde.org
	NEXT_PUBLIC_CLIENT_ID=$PLM_CLIENT_ID
	EOF

	- name: Create build version and tag
	id: tag
	uses: actions/github-script@v5
	with:
	github-token: ${{secrets.GITHUB_TOKEN}}
	script: \|
	const { data: tags } = await github.request("GET /repos/{owner}/{repo}/tags", context.repo);
	const maxVersion = tags.map(t => t.name.split('.').map(n => parseInt(n, 10) \|\| 0)).filter(v => v.length === 2).sort((a,b) => b[0] - a[0] \|\| b[1] - a[1] \|\| -1)[0];
	const newVersion = `${maxVersion[0] \|\| 0}.${(maxVersion[1] \|\| 0) + 1}`;
	await github.rest.git.createRef({
	...context.repo,
	ref: `refs/tags/${newVersion}`,
	sha: context.sha
	});
	return newVersion;
	result-encoding: string

	# Add IP to AWS sevurity group
	- name: Add IP to AWS security group
	uses: sohelamin/aws-security-group-add-ip-action@master
	with:
	aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
	aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
	aws-region: eu-west-3
	aws-security-group-id: ${{ secrets.AWS_SECURITY_GROUP_ID }}
	port: 22
	description: GitHub Action

	- name: Configure AWS credentials
	uses: aws-actions/configure-aws-credentials@v1
	with:
	aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
	aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
	aws-region: eu-west-3

	- name: Login to Amazon ECR
	id: login-ecr
	uses: aws-actions/amazon-ecr-login@v1

	- name: Build, tag, and push image to Amazon ECR
	env:
	ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }}
	BUILD_VERSION: ${{ steps.tag.outputs.result }}
	run: \|
	docker build --build-arg BUILD_VERSION=$BUILD_VERSION -t $ECR_REGISTRY/1village:latest .
	docker push $ECR_REGISTRY/1village:latest

	- name: Pull and run the docker image on the server
	run: ssh -i $SSH_KEY_PATH $server "ECR_REGISTRY=$ECR_REGISTRY IMAGE=$ECR_REGISTRY/1village:latest exec sh" < ./deploy.sh
	env:
	ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }}
	server: ${{secrets.SERVER}}
	SSH_KEY_PATH: ${{ github.workspace }}/../private.key

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Merge pull request #995 from parlemonde/VIL-67 #348

Workflow file

Merge pull request #995 from parlemonde/VIL-67 #348

Jobs

Run details

Workflow file for this run