To-Staging #40
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# This workflow push the branch on the staging server to be tested. | |
name: To-Staging | |
# Manual trigger | |
on: workflow_dispatch | |
jobs: | |
deploy: | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v2 | |
- name: Create SSH key | |
run: | | |
mkdir -p ~/.ssh/ | |
echo "$SSH_PRIVATE_KEY" > ../private.key | |
eval "$(ssh-agent -s)" | |
sudo chmod 600 ../private.key | |
ssh-add ../private.key | |
rm -rf ~/.ssh/known_hosts | |
echo "$SSH_KNOWN_HOSTS" > ~/.ssh/known_hosts | |
shell: bash | |
env: | |
SSH_PRIVATE_KEY: ${{secrets.SSH_PRIVATE_KEY}} | |
SSH_KNOWN_HOSTS: ${{secrets.SSH_KNOWN_HOSTS}} | |
SSH_KEY_PATH: ${{ github.workspace }}/../private.key | |
- name: Create .env file | |
env: | |
HOST_URL: ${{ secrets.STAGING_HOST }} | |
PLM_CLIENT_ID: ${{ secrets.STAGING_CLIENT_ID }} | |
run: | | |
cat << EOF > .env | |
NEXT_PUBLIC_BASE_APP=/api | |
NEXT_PUBLIC_HOST_URL=$HOST_URL | |
NEXT_PUBLIC_PLM_HOST=https://prof.parlemonde.org | |
NEXT_PUBLIC_CLIENT_ID=$PLM_CLIENT_ID | |
EOF | |
- name: Add IP to AWS security group | |
uses: sohelamin/aws-security-group-add-ip-action@master | |
with: | |
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
aws-region: eu-west-3 | |
aws-security-group-id: ${{ secrets.AWS_SECURITY_GROUP_ID_STAGING }} | |
port: "22" | |
description: "GitHub Action" | |
- name: Configure AWS credentials | |
uses: aws-actions/configure-aws-credentials@v1 | |
with: | |
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
aws-region: eu-west-3 | |
- name: Login to Amazon ECR | |
id: login-ecr | |
uses: aws-actions/amazon-ecr-login@v1 | |
- name: Build, tag, and push image to Amazon ECR | |
env: | |
ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }} | |
run: | | |
docker build -t $ECR_REGISTRY/clap:staging . | |
docker push $ECR_REGISTRY/clap:staging | |
- name: Pull and run the docker image on the server | |
run: ssh -i $SSH_KEY_PATH $server "ECR_REGISTRY=$ECR_REGISTRY IMAGE=$ECR_REGISTRY/clap:staging exec sh" < ./deploy.sh | |
env: | |
ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }} | |
server: ${{secrets.STAGING_SERVER}} | |
SSH_KEY_PATH: ${{ github.workspace }}/../private.key |