This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Baphomet Server Deploy | |
| on: | |
| push: | |
| branches: | |
| - master | |
| jobs: | |
| build: | |
| runs-on: self-hosted | |
| steps: | |
| - name: Checkout Source | |
| uses: actions/checkout@v4 | |
| - name: Set Environment Variables | |
| shell: powershell | |
| run: | | |
| Write-Output "Setting environment variables..." | |
| function Encode-Base64 { | |
| param ( | |
| [string]$Text | |
| ) | |
| $bytes = [System.Text.Encoding]::UTF8.GetBytes($Text) | |
| [System.Convert]::ToBase64String($bytes) | |
| } | |
| $envVars = @" | |
| ATLAS_DB_PASSWORD=${{ secrets.ATLAS_DB_PASSWORD }} | |
| ATLAS_DB_USERNAME=${{ secrets.ATLAS_DB_USERNAME }} | |
| ATLAS_CLUSTER=${{ secrets.ATLAS_CLUSTER }} | |
| ATLAS_DB=${{ secrets.ATLAS_DB }} | |
| ACCESS_TOKEN_SECRET=${{ secrets.ACCESS_TOKEN_SECRET }} | |
| REFRESH_TOKEN_SECRET=${{ secrets.REFRESH_TOKEN_SECRET }} | |
| SSL_CERT=$(Encode-Base64 "${{ secrets.SSL_CERT }}") | |
| SSL_PRIVATE_KEY=$(Encode-Base64 "${{ secrets.SSL_PRIVATE_KEY }}") | |
| SSL_CERT_INTERMEDIATE=$(Encode-Base64 "${{ secrets.SSL_CERT_INTERMEDIATE }}") | |
| SSL_KEY_PATH=./keyfile.key | |
| SSL_CERT_PATH=./certfile.cer | |
| SSL_CA_PATH=./intermediate.cer | |
| "@ | |
| $envVars | Out-File -FilePath ".env" -Encoding utf8 | |
| Write-Output "Environment variables set." | |
| - name: Verify `.env` File | |
| shell: powershell | |
| run: | | |
| Write-Output "Verifying .env file contents..." | |
| Get-Content -Path ".env" | |
| - name: Verify Working Directory and `.env` File Creation | |
| shell: powershell | |
| run: | | |
| Write-Output "Current directory: $(Get-Location)" | |
| if (Test-Path ".env") { | |
| Write-Output ".env file exists:" | |
| Get-Content ".env" | |
| } else { | |
| Write-Output ".env file does not exist." | |
| exit 1 | |
| } | |
| - name: Install Docker Compose (if needed) | |
| shell: powershell | |
| run: | | |
| if (-not (Get-Command docker-compose -ErrorAction SilentlyContinue)) { | |
| $installPath = "${{ runner.temp }}/docker-compose.exe" | |
| Invoke-WebRequest -Uri "https://github.com/docker/compose/releases/download/1.29.2/docker-compose-Windows-x86_64.exe" -OutFile $installPath | |
| Start-Process -FilePath "powershell.exe" -ArgumentList "-Command | |
| Move-Item -Path $installPath -Destination 'C:\Program Files\Docker\Docker\resources\bin\docker-compose.exe'" -Verb RunAs | |
| Write-Output "Docker Compose Installed" | |
| } else { | |
| Write-Output "Docker Compose already installed" | |
| } | |
| - name: List Files in Directory | |
| shell: powershell | |
| run: Get-ChildItem -Path . | |
| - name: Docker Login with Elevated Permissions | |
| shell: powershell | |
| run: | | |
| Start-Process -FilePath "powershell.exe" -ArgumentList "-Command echo ${{ secrets.DOCKER_PASSWORD }} | docker login -u ${{ secrets.DOCKER_USERNAME }} --password-stdin" -Verb RunAs | |
| - name: Verify Docker Login with Elevated Permissions | |
| shell: powershell | |
| run: | | |
| Start-Process -FilePath "powershell.exe" -ArgumentList "-Command docker info" -Verb RunAs | |
| Write-Output "Verifying Docker login..." | |
| - name: Build Docker Images with Elevated Privileges | |
| shell: powershell | |
| run: Start-Process -FilePath "powershell.exe" -ArgumentList "-Command docker-compose -f docker-compose.yml build" -Verb RunAs | |
| - name: Tag Docker Image with Elevated Privileges | |
| shell: powershell | |
| run: Start-Process -FilePath "docker" -ArgumentList "tag baphomet-server:latest collinlucke/baphomet-server:latest" -Verb RunAs | |
| - name: Verify `docker-push.ps1` File | |
| shell: powershell | |
| run: | | |
| if (Test-Path "./docker-push.ps1") { | |
| Write-Output "Found docker-push.ps1 script, executing it..." | |
| } else { | |
| Write-Output "docker-push.ps1 script not found." | |
| exit 1 | |
| } | |
| - name: Push Docker Images with Elevated Privileges | |
| shell: powershell | |
| run: | | |
| if (Test-Path "./docker-push.ps1") { | |
| Write-Output "Found docker-push.ps1 script, executing it with elevated privileges..." | |
| Start-Process -FilePath "powershell.exe" -ArgumentList "-Command .\docker-push.ps1" -Verb RunAs | |
| } else { | |
| Write-Output "docker-push.ps1 script not found." | |
| exit 1 | |
| } | |
| deploy: | |
| needs: build | |
| runs-on: self-hosted | |
| steps: | |
| - name: Checkout Source | |
| uses: actions/checkout@v4 | |
| - name: Install Docker Compose (if needed) | |
| shell: powershell | |
| run: | | |
| if (-not (Get-Command docker-compose -ErrorAction SilentlyContinue)) { | |
| $installPath = "${{ runner.temp }}/docker-compose.exe" | |
| Invoke-WebRequest -Uri "https://github.com/docker/compose/releases/download/1.29.2/docker-compose-Windows-x86_64.exe" -OutFile $installPath | |
| Start-Process -FilePath "powershell.exe" -ArgumentList "-Command | |
| Move-Item -Path $installPath -Destination 'C:\Program Files\Docker\Docker\resources\bin\docker-compose.exe'" -Verb RunAs | |
| Write-Output "Docker Compose Installed" | |
| } else { | |
| Write-Output "Docker Compose already installed" | |
| } | |
| - name: Pull Image from Docker Hub | |
| run: Start-Process -FilePath "powershell.exe" -ArgumentList "-Command docker-compose -f docker-compose.yml pull" -Verb RunAs | |
| - name: Delete Old Container | |
| run: Start-Process -FilePath "powershell.exe" -ArgumentList "-Command docker-compose -f docker-compose.yml rm" -Verb RunAs | |
| - name: Run Docker Container | |
| run: Start-Process -FilePath "powershell.exe" -ArgumentList "-Command docker-compose -f docker-compose.yml up -d" -Verb RunAs |