Merge pull request #35 from parlemonde/feat/invitation_link #51
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# This workflow deploy the app on prod. | |
name: Deployment | |
# Triggered on every push on master | |
on: | |
push: | |
branches: [master] | |
jobs: | |
server_tsc: | |
runs-on: ubuntu-latest | |
steps: | |
# [1] checkout repo. | |
- uses: actions/checkout@v2 | |
# [2] get node. | |
- name: Use Node.js | |
uses: actions/setup-node@v1 | |
with: | |
node-version: '18.14.2' | |
# [3] install dependencies. | |
- name: Install dependencies | |
run: yarn | |
# [4] test typescript. | |
- name: Run typescript | |
run: yarn typescript:server | |
deploy: | |
runs-on: ubuntu-latest | |
needs: server_tsc # check server types before building. | |
steps: | |
- uses: actions/checkout@v2 | |
- name: Create SSH key | |
run: | | |
mkdir -p ~/.ssh/ | |
echo "$SSH_PRIVATE_KEY" > ../private.key | |
eval "$(ssh-agent -s)" | |
sudo chmod 600 ../private.key | |
ssh-add ../private.key | |
rm -rf ~/.ssh/known_hosts | |
echo "$SSH_KNOWN_HOSTS" > ~/.ssh/known_hosts | |
shell: bash | |
env: | |
SSH_PRIVATE_KEY: ${{secrets.SSH_PRIVATE_KEY}} | |
SSH_KNOWN_HOSTS: ${{secrets.SSH_KNOWN_HOSTS}} | |
SSH_KEY_PATH: ${{ github.workspace }}/../private.key | |
- name: Create .env file | |
env: | |
HOST_URL: ${{ secrets.HOST }} | |
PLM_CLIENT_ID: ${{ secrets.CLIENT_ID }} | |
run: | | |
cat << EOF > .env | |
NEXT_PUBLIC_BASE_APP=/api | |
NEXT_PUBLIC_HOST_URL=$HOST_URL | |
NEXT_PUBLIC_PLM_HOST=https://prof.parlemonde.org | |
NEXT_PUBLIC_CLIENT_ID=$PLM_CLIENT_ID | |
EOF | |
- name: Add IP to AWS security group | |
uses: sohelamin/aws-security-group-add-ip-action@master | |
with: | |
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
aws-region: "eu-west-3" | |
aws-security-group-id: ${{ secrets.AWS_SECURITY_GROUP_ID }} | |
port: "22" | |
description: "GitHub Action" | |
- name: Configure AWS credentials | |
uses: aws-actions/configure-aws-credentials@v1 | |
with: | |
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
aws-region: eu-west-3 | |
- name: Login to Amazon ECR | |
id: login-ecr | |
uses: aws-actions/amazon-ecr-login@v1 | |
- name: Build, tag, and push image to Amazon ECR | |
env: | |
ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }} | |
run: | | |
docker build -t $ECR_REGISTRY/clap:latest . | |
docker push $ECR_REGISTRY/clap:latest | |
- name: Pull and run the docker image on the server | |
run: ssh -i $SSH_KEY_PATH $server "ECR_REGISTRY=$ECR_REGISTRY IMAGE=$ECR_REGISTRY/clap:latest exec sh" < ./deploy.sh | |
env: | |
ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }} | |
server: ${{secrets.SERVER}} | |
SSH_KEY_PATH: ${{ github.workspace }}/../private.key |