-
Notifications
You must be signed in to change notification settings - Fork 2
132 lines (112 loc) · 4.67 KB
/
main.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
name: build and deploy prod
on:
push:
branches:
- main
jobs:
front_build:
name: build & Push Docker image to Docker Hub
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: Extract branch name
shell: bash
run: echo "name=${GITHUB_REF#refs/heads/}" >> $GITHUB_ENV
id: extract_branch
- name: Prepare
id: prep
run: |
echo "image=dappforce/subsocial-web-app:postever-${{ env.name }}-$(echo $GITHUB_SHA | head -c7)" >> $GITHUB_ENV
- name: Set up Docker Buildx
id: buildx
uses: docker/setup-buildx-action@master
- name: Login to DockerHub
uses: docker/login-action@master
with:
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }}
- name: Cache Docker layers
uses: actions/cache@v3
with:
path: /tmp/.buildx-cache
key: ${{ runner.os }}-single-buildx-${{ github.sha }}
restore-keys: |
${{ runner.os }}-single-buildx
- name: Build production image
uses: docker/build-push-action@v3
with:
context: .
builder: ${{ steps.buildx.outputs.name }}
file: docker/Dockerfile
push: true
build-args: |
GH_NEXTAUTH_URL=https://post4ever.app
GH_NEXT_PUBLIC_AUTH_URL=https://post4ever.app
GH_NEXT_PUBLIC_OFFCHAIN_URL=https://api.subsocial.network
GH_NEXT_PUBLIC_P4E_SPACE=10102
GH_SUBSOCIAL_NODE_URL=wss://para.f3joule.space
GH_IPFS_URL=https://gw.crustfiles.app
GH_NEXT_PUBLIC_AUTH_HEADER=c3ViLTVGQTluUURWZzI2N0RFZDhtMVp5cFhMQm52TjdTRnhZd1Y3bmRxU1lHaU45VFRwdToweDEwMmQ3ZmJhYWQwZGUwNzFjNDFmM2NjYzQzYmQ0NzIxNzFkZGFiYWM0MzEzZTc5YTY3ZWExOWM0OWFlNjgyZjY0YWUxMmRlY2YyNzhjNTEwZGY4YzZjZTZhYzdlZTEwNzY2N2YzYTBjZjM5OGUxN2VhMzAyMmRkNmEyYjc1OTBi
GH_NEXT_PUBLIC_GA_MEASUREMENT_ID=G-FH5CM21YGC
GH_TWITTER_CLIENT_ID=${{ secrets.GH_TWITTER_CLIENT_ID }}
GH_TWITTER_CLIENT_SECRET=${{ secrets.GH_TWITTER_CLIENT_SECRET }}
GH_TWITTER_BEARER_TOKEN=${{ secrets.GH_TWITTER_BEARER_TOKEN }}
GH_NEXTAUTH_SECRET=${{ secrets.GH_NEXTAUTH_SECRET }}
tags: |
${{ env.image }}
docker.io/dappforce/subsocial-web-app:postever-master-latest
cache-from: type=local,src=/tmp/.buildx-cache
cache-to: type=local,dest=/tmp/.buildx-cache-new
- name: Move cache
run: |
rm -rf /tmp/.buildx-cache
mv /tmp/.buildx-cache-new /tmp/.buildx-cache
pro_deploy:
name: pro-deploy
needs: front_build
runs-on: ubuntu-latest
steps:
- name: Checkout main
uses: actions/checkout@v3
- name: Extract branch name
shell: bash
run: echo "name=${GITHUB_REF#refs/heads/}" >> $GITHUB_ENV
id: extract_branch
- name: Install doctl
uses: digitalocean/action-doctl@v2
with:
token: ${{ secrets.DIGITALOCEAN_ACCESS_TOKEN_PROD }}
- name: Save DigitalOcean kubeconfig with short-lived credentials
run: doctl kubernetes cluster kubeconfig save --expiry-seconds 600 ${{ secrets.K8S_PROD }}
- name: Update deploy file
run: TAG=postever-${{ env.name }}-$(echo $GITHUB_SHA | head -c7) && sed -i 's|<IMAGE>|dappforce/subsocial-web-app:'${TAG}'|' $GITHUB_WORKSPACE/deployment/production/deployment.yaml
- name: Deploy to DigitalOcean Kubernetes
run: kubectl apply -f $GITHUB_WORKSPACE/deployment/production/
- name: Verify deployment
run: kubectl -n post-ever rollout status deployment/post-ever
- name: add replicas
run: kubectl -n post-ever scale deployment/post-ever --replicas=2
- name: Verify deployment
run: kubectl -n post-ever rollout status deployment/post-ever
front-bk-prod-deploy:
name: bk-prod-deploy
needs: front_build
runs-on: ubuntu-latest
if: ${{ github.ref == 'refs/heads/main' }}
steps:
- name: Checkout main
uses: actions/checkout@v3
- name: Extract branch name
shell: bash
run: echo "name=${GITHUB_REF#refs/heads/}" >> $GITHUB_ENV
id: extract_branch
- name: executing remote ssh commands
uses: appleboy/ssh-action@master
with:
host: ${{ secrets.BACKUP_HOST }}
username: ${{ secrets.BACKUP_USERNAME }}
key: ${{ secrets.BACKUP_KEY }}
port: ${{ secrets.BACKUP_PORT }}
script: |
cd /root/post-ever
./update.sh