selfhost #66
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Master CI/CD | |
on: | |
push: | |
branches: | |
- main | |
jobs: | |
tests: | |
runs-on: ubuntu-latest | |
strategy: | |
matrix: | |
node-version: [18.x] | |
steps: | |
- uses: actions/checkout@v3 | |
- name: Use Node.js ${{ matrix.node-version }} | |
uses: actions/setup-node@v3 | |
with: | |
node-version: ${{ matrix.node-version }} | |
- name: npm install, lint and/or test | |
run: | | |
yarn | |
env: | |
CI: true | |
build: | |
needs: tests | |
runs-on: ubuntu-latest | |
steps: | |
- name: Check Out Repo | |
uses: actions/checkout@v3 | |
- name: Login to Docker Hub | |
uses: docker/login-action@v1 | |
with: | |
username: ${{ secrets.DOCKERHUB_USERNAME }} | |
password: ${{ secrets.DOCKERHUB_TOKEN }} | |
- name: Build and push | |
id: docker_build | |
uses: docker/build-push-action@v2 | |
env: | |
SENTRY_AUTH_TOKEN: ${{secrets.SENTRY_AUTH_TOKEN}} | |
with: | |
context: ./ | |
build-args: | | |
"SENTRY_AUTH_TOKEN=${{ secrets.SENTRY_AUTH_TOKEN }}" | |
file: ./Dockerfile | |
push: true | |
tags: ecency/vision-next:latest | |
- name: Image digest | |
run: echo ${{ steps.docker_build.outputs.digest }} | |
deploy-EU: | |
needs: build | |
runs-on: ubuntu-latest | |
steps: | |
- name: SSH and deploy node app | |
uses: appleboy/[email protected] | |
env: | |
USE_PRIVATE: ${{secrets.USE_PRIVATE}} | |
PRIVATE_API_ADDR: ${{secrets.PRIVATE_API_ADDR}} | |
PRIVATE_API_AUTH: ${{secrets.PRIVATE_API_AUTH}} | |
HIVESIGNER_SECRET: ${{secrets.HIVESIGNER_SECRET}} | |
SEARCH_API_ADDR: ${{secrets.SEARCH_API_ADDR}} | |
SEARCH_API_SECRET: ${{secrets.SEARCH_API_SECRET}} | |
with: | |
host: ${{ secrets.SSH_HOST_EU }} | |
username: ${{ secrets.SSH_USERNAME }} | |
key: ${{ secrets.SSH_KEY }} | |
port: ${{ secrets.SSH_PORT }} | |
envs: USE_PRIVATE,PRIVATE_API_ADDR,PRIVATE_API_AUTH,HIVESIGNER_SECRET,SEARCH_API_ADDR,SEARCH_API_SECRET | |
script: | | |
export NEXT_PUBLIC_USE_PRIVATE=$USE_PRIVATE | |
export PRIVATE_API_ADDR=$PRIVATE_API_ADDR | |
export PRIVATE_API_AUTH=$PRIVATE_API_AUTH | |
export NEXT_PUBLIC_HS_CLIENT_SECRET=$HIVESIGNER_SECRET | |
export HIVESIGNER_SECRET=$HIVESIGNER_SECRET | |
export SEARCH_API_ADDR=$SEARCH_API_ADDR | |
export SEARCH_API_SECRET=$SEARCH_API_SECRET | |
cd ~/vision-next | |
git pull origin main | |
docker system prune -f | |
docker pull ecency/api:latest | |
docker pull ecency/vision-next:latest | |
docker stack deploy -c <(docker-compose -f docker-compose.production.yml config) vision | |
deploy-US: | |
needs: build | |
runs-on: ubuntu-latest | |
steps: | |
- name: SSH and deploy node app | |
uses: appleboy/[email protected] | |
env: | |
USE_PRIVATE: ${{secrets.USE_PRIVATE}} | |
PRIVATE_API_ADDR: ${{secrets.PRIVATE_API_ADDR}} | |
PRIVATE_API_AUTH: ${{secrets.PRIVATE_API_AUTH}} | |
HIVESIGNER_SECRET: ${{secrets.HIVESIGNER_SECRET}} | |
SEARCH_API_ADDR: ${{secrets.SEARCH_API_ADDR}} | |
SEARCH_API_SECRET: ${{secrets.SEARCH_API_SECRET}} | |
with: | |
host: ${{ secrets.SSH_HOST_US }} | |
username: ${{ secrets.SSH_USERNAME }} | |
key: ${{ secrets.SSH_KEY }} | |
port: ${{ secrets.SSH_PORT }} | |
envs: USE_PRIVATE,PRIVATE_API_ADDR,PRIVATE_API_AUTH,HIVESIGNER_SECRET,SEARCH_API_ADDR,SEARCH_API_SECRET | |
script: | | |
export NEXT_PUBLIC_USE_PRIVATE=$USE_PRIVATE | |
export PRIVATE_API_ADDR=$PRIVATE_API_ADDR | |
export PRIVATE_API_AUTH=$PRIVATE_API_AUTH | |
export NEXT_PUBLIC_HS_CLIENT_SECRET=$HIVESIGNER_SECRET | |
export HIVESIGNER_SECRET=$HIVESIGNER_SECRET | |
export SEARCH_API_ADDR=$SEARCH_API_ADDR | |
export SEARCH_API_SECRET=$SEARCH_API_SECRET | |
cd ~/vision-next | |
git pull origin main | |
docker system prune -f | |
docker pull ecency/api:latest | |
docker pull ecency/vision-next:latest | |
docker stack deploy -c <(docker-compose -f docker-compose.production.yml config) vision | |
deploy-SG: | |
needs: build | |
runs-on: ubuntu-latest | |
steps: | |
- name: SSH and deploy node app | |
uses: appleboy/[email protected] | |
env: | |
USE_PRIVATE: ${{secrets.USE_PRIVATE}} | |
PRIVATE_API_ADDR: ${{secrets.PRIVATE_API_ADDR}} | |
PRIVATE_API_AUTH: ${{secrets.PRIVATE_API_AUTH}} | |
HIVESIGNER_SECRET: ${{secrets.HIVESIGNER_SECRET}} | |
SEARCH_API_ADDR: ${{secrets.SEARCH_API_ADDR}} | |
SEARCH_API_SECRET: ${{secrets.SEARCH_API_SECRET}} | |
with: | |
host: ${{ secrets.SSH_HOST_SG }} | |
username: ${{ secrets.SSH_USERNAME }} | |
key: ${{ secrets.SSH_KEY }} | |
port: ${{ secrets.SSH_PORT }} | |
envs: USE_PRIVATE,PRIVATE_API_ADDR,PRIVATE_API_AUTH,HIVESIGNER_SECRET,SEARCH_API_ADDR,SEARCH_API_SECRET | |
script: | | |
export NEXT_PUBLIC_USE_PRIVATE=$USE_PRIVATE | |
export PRIVATE_API_ADDR=$PRIVATE_API_ADDR | |
export PRIVATE_API_AUTH=$PRIVATE_API_AUTH | |
export NEXT_PUBLIC_HS_CLIENT_SECRET=$HIVESIGNER_SECRET | |
export HIVESIGNER_SECRET=$HIVESIGNER_SECRET | |
export SEARCH_API_ADDR=$SEARCH_API_ADDR | |
export SEARCH_API_SECRET=$SEARCH_API_SECRET | |
cd ~/vision-next | |
git pull origin main | |
docker system prune -f | |
docker pull ecency/api:latest | |
docker pull ecency/vision-next:latest | |
docker stack deploy -c <(docker-compose -f docker-compose.production.yml config) vision |