try github actions with kamal

.github/workflows/01.deploy.yml

@@ -0,0 +1,52 @@
+name: Deploy to Digital Ocean
+
+permissions:
+  id-token: write
+  contents: read
+
+on:
+  workflow_dispatch:
+  push:
+    branches:
+      - dl/kamal-2-test
+
+jobs:
+  deploy:
+    name: Deploy
+    runs-on: ubuntu-latest
+    environment: staging
+    timeout-minutes: 20
+
+    steps:
+      - uses: actions/checkout@v4
+
+      - uses: ruby/setup-ruby@v1
+        env:
+          BUNDLE_GEMFILE: ./Gemfile
+        with:
+          ruby-version: .ruby-version
+          bundler-cache: true
+
+      - uses: docker/setup-buildx-action@v3
+
+      - uses: webfactory/[email protected]
+        with:
+          ssh-private-key: ${{ secrets.DROPLET_SSH_PRIVATE_KEY }}
+
+      - name: Deploy with Kamal
+        env:
+          KAMAL_HOST: ${{ secrets.DROPLET_IP }}
+          KAMAL_REGISTRY_USERNAME: ${{ github.actor }}
+          KAMAL_REGISTRY_PASSWORD: ${{ secrets.GITHUB_TOKEN }}
+          SECRET_KEY_BASE: ${{ secrets.SECRET_KEY_BASE }}
+          AXIOM_API_KEY: ${{ secrets.AXIOM_API_KEY }}
+          DO_TOKEN: ${{ secrets.DO_TOKEN }}
+          SPACES_REGION: ${{ secrets.SPACES_REGION }}
+          SPACES_BUCKET_NAME: ${{ secrets.SPACES_BUCKET_NAME }}
+          SPACES_BUCKET_CONTENT: ${{ secrets.SPACES_BUCKET_CONTENT }}
+          SPACES_ACCESS_KEY_ID: ${{ secrets.SPACES_ACCESS_KEY_ID }}
+          SPACES_SECRET_ACCESS_KEY: ${{ secrets.SPACES_SECRET_ACCESS_KEY }}
+          RAILS_MASTER_KEY: ${{ secrets.RAILS_MASTER_KEY }}
+          DOCKER_BUILDKIT: 1
+        run: |
+          ./bin/kamal deploy

.kamal/secrets-common

@@ -0,0 +1,11 @@
+KAMAL_REGISTRY_PASSWORD=$KAMAL_REGISTRY_PASSWORD
+KAMAL_REGISTRY_USERNAME=$KAMAL_REGISTRY_USERNAME
+RAILS_MASTER_KEY=$RAILS_MASTER_KEY
+SECRET_KEY_BASE=$SECRET_KEY_BASE
+AXIOM_API_KEY=$AXIOM_API_KEY
+DO_TOKEN=$DO_TOKEN
+SPACES_REGION=$SPACES_REGION
+SPACES_BUCKET_NAME=$SPACES_BUCKET_NAME
+SPACES_BUCKET_CONTENT=$SPACES_BUCKET_CONTENT
+SPACES_ACCESS_KEY_ID=$SPACES_ACCESS_KEY_ID
+SPACES_SECRET_ACCESS_KEY=$SPACES_SECRET_ACCESS_KEY

config/deploy.yml

@@ -39,7 +39,6 @@ env:
     - KAMAL_REGISTRY_PASSWORD
     - SECRET_KEY_BASE
     - AXIOM_API_KEY
-    - GEOCODER_API_KEY
     - DO_TOKEN
     - SPACES_REGION
     - SPACES_BUCKET_NAME

load-envs.sh

@@ -0,0 +1,19 @@
+#!/bin/bash
+
+# Check if the script is being sourced
+if [[ "${BASH_SOURCE[0]}" == "${0}" ]]; then
+    echo "❌ Don't run this script directly!"
+    echo "✅ Instead, use this command:"
+    echo ""
+    echo "    source load-envs.sh"
+    echo ""
+    exit 1
+fi
+
+if [ -f .env ]; then
+    export $(cat .env | grep -v '^#' | xargs)
+    echo "✨ Environment variables loaded from .env"
+else
+    echo "❌ .env file not found"
+    exit 1
+fi