domrichardson
@@ -4,15 +4,20 @@ on:
|
|||||||
push:
|
push:
|
||||||
branches:
|
branches:
|
||||||
- main
|
- main
|
||||||
paths:
|
|
||||||
- "server/**"
|
|
||||||
- "web/**"
|
|
||||||
- "proto/**"
|
|
||||||
|
|
||||||
jobs:
|
jobs:
|
||||||
deploy:
|
deploy:
|
||||||
runs-on: ubuntu-docker
|
runs-on: ubuntu-docker
|
||||||
container: node:26
|
container:
|
||||||
|
image: docker:27-cli
|
||||||
|
services:
|
||||||
|
docker:
|
||||||
|
image: docker:27-dind
|
||||||
|
env:
|
||||||
|
DOCKER_TLS_CERTDIR: ""
|
||||||
|
options: --privileged
|
||||||
|
env:
|
||||||
|
DOCKER_HOST: tcp://docker:2375
|
||||||
steps:
|
steps:
|
||||||
- name: Checkout
|
- name: Checkout
|
||||||
uses: actions/checkout@v4
|
uses: actions/checkout@v4
|
||||||
@@ -20,32 +25,20 @@ jobs:
|
|||||||
- name: Log in to registry
|
- name: Log in to registry
|
||||||
run: |
|
run: |
|
||||||
echo "${{ secrets.REGISTRY_PASSWORD }}" | \
|
echo "${{ secrets.REGISTRY_PASSWORD }}" | \
|
||||||
docker login ${{ vars.GITEA_HOST }} \
|
docker login ${{ vars.DOCKER_HOST }} \
|
||||||
-u "${{ secrets.REGISTRY_USER }}" --password-stdin
|
-u "${{ secrets.REGISTRY_USER }}" --password-stdin
|
||||||
|
|
||||||
- name: Build and push server image
|
- name: Build and push server image
|
||||||
run: |
|
run: |
|
||||||
IMAGE="${{ vars.GITEA_HOST }}/${{ github.repository_owner }}/keymanager/server:latest"
|
IMAGE="${{ vars.DOCKER_HOST }}/${{ github.repository_owner }}/keymanager/server:latest"
|
||||||
docker build -t "$IMAGE" -f server/Dockerfile server/
|
docker build -t "$IMAGE" -f server/Dockerfile server/
|
||||||
docker push "$IMAGE"
|
docker push "$IMAGE"
|
||||||
|
|
||||||
- name: Build and push web image
|
- name: Build and push web image
|
||||||
run: |
|
run: |
|
||||||
IMAGE="${{ vars.GITEA_HOST }}/${{ github.repository_owner }}/keymanager/web:latest"
|
IMAGE="${{ vars.DOCKER_HOST }}/${{ github.repository_owner }}/keymanager/web:latest"
|
||||||
docker build \
|
docker build \
|
||||||
--build-arg NEXT_PUBLIC_API_URL="https://${{ vars.GITEA_HOST }}" \
|
--build-arg NEXT_PUBLIC_API_URL="https://${{ vars.DOCKER_HOST }}" \
|
||||||
-t "$IMAGE" \
|
-t "$IMAGE" \
|
||||||
-f web/Dockerfile web/
|
-f web/Dockerfile web/
|
||||||
docker push "$IMAGE"
|
docker push "$IMAGE"
|
||||||
|
|
||||||
- name: Deploy via SSH
|
|
||||||
uses: https://github.com/appleboy/ssh-action@v1
|
|
||||||
with:
|
|
||||||
host: ${{ secrets.DEPLOY_HOST }}
|
|
||||||
username: ${{ secrets.DEPLOY_USER }}
|
|
||||||
key: ${{ secrets.DEPLOY_SSH_KEY }}
|
|
||||||
script: |
|
|
||||||
cd /opt/keymanager
|
|
||||||
docker compose pull
|
|
||||||
docker compose up -d --remove-orphans
|
|
||||||
docker image prune -f
|
|
||||||
|
|||||||
Reference in New Issue
Block a user