Develop to Main (#6)

* change repo name to lowercase in image name in compose file * change image name to lower case * Change ssh agent version in deploy script * Change openssh to appleboy runner * Refactor deployment process and split it into build and deploy * Add proxy variables to deploy docker * Copy letsencrypt and docker compose file to vm in deploy docker script * Fix pipeline variables in deploy docker script * Change env variables copying in deploy docker script * Change excecute docker compose up script on VM * Change the origin of templates to show admin panels with css files * Change context of dockerfile in build docker pipeline * Change path to dockerfile in build docker script * Change context of dockerfiles in matrix in build docker script * Add comments to test pipelines * Change context in build docker file * Change context if dockerfile in build docker script * Add comments to text pipeline * Change dockerfile path to client * Change server dockerfile to adjust to folder structure * Fix naming error in build docker script * Feature/create interaction log (#5) * Add view to create and download eventlogs * Add download button to sidebar to download data as spreadsheet --------- Co-authored-by: David Mang <[email protected]> * Delete word cloud component * Test client pipeline --------- Co-authored-by: David Mang <[email protected]>
ls1intum · Sep 1, 2024 · eb98c0b · eb98c0b
1 parent f5246b9
commit eb98c0b
Show file tree

Hide file tree

Showing 36 changed files with 726 additions and 57 deletions.
diff --git a/.github/workflows/build_docker.yml b/.github/workflows/build_docker.yml
@@ -0,0 +1,105 @@
+name: Build Docker Image
+
+on:
+  workflow_call:
+    outputs:
+      server_image_tag: 
+        description: "The tag of the server image that was built"
+        value: ${{ jobs.build.outputs.server_image_tag }}
+      client_image_tag: 
+        description: "The tag of the client image that was built"
+        value: ${{ jobs.build.outputs.client_image_tag }}
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    strategy:
+      fail-fast: false
+      matrix:
+        include:
+          - dockerfile: ./docker/client/Dockerfile
+            image: ghcr.io/ls1intum/thaii/client
+            context: .
+            path: client
+          - dockerfile: ./docker/server/Dockerfile
+            image: ghcr.io/ls1intum/thaii/server
+            context: .
+            path: server
+    outputs:
+      server_image_tag: "${{ steps.output-tag-server.outputs.server_image_tag }}"
+      client_image_tag: "${{ steps.output-tag-client.outputs.client_image_tag }}"
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 1
+
+      - name: Get changed files in the client folder
+        id: changed-files-client-folder
+        uses: tj-actions/changed-files@v44
+        with:
+          files: client/**
+
+      - name: Get changed files in the server folder
+        id: changed-files-server-folder
+        uses: tj-actions/changed-files@v44
+        with:
+          files: server/**
+
+      - name: Log in to the Container registry
+        if: ${{ (steps.changed-files-client-folder.outputs.any_changed == 'true') || (steps.changed-files-server-folder.outputs.any_changed == 'true') }}
+        uses: docker/login-action@v3
+        with:
+          registry: ghcr.io
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Set up QEMU
+        if: ${{ (steps.changed-files-client-folder.outputs.any_changed == 'true') || (steps.changed-files-server-folder.outputs.any_changed == 'true') }}
+        uses: docker/setup-qemu-action@v3
+        with:
+          platforms: all
+
+      - name: Install Docker Buildx
+        if: ${{ (steps.changed-files-client-folder.outputs.any_changed == 'true') || (steps.changed-files-server-folder.outputs.any_changed == 'true') }}
+        id: buildx
+        uses: docker/setup-buildx-action@v3
+
+      - name: Extract metadata (tags, labels) for Docker
+        id: meta
+        uses: docker/metadata-action@v5
+        with:
+          images: ${{ matrix.image }}
+          tags: |
+            type=raw,value=latest,enable={{is_default_branch}}
+            type=ref,event=branch
+            type=ref,event=pr
+
+      - name: Build and push Docker Image
+        uses: docker/build-push-action@v5
+        if: ${{ (steps.changed-files-client-folder.outputs.any_changed == 'true' && matrix.path == 'client') || (steps.changed-files-server-folder.outputs.any_changed == 'true' && matrix.path == 'server') }}
+        with:
+          context: ${{ matrix.context }}
+          file: ${{ matrix.dockerfile }}
+          platforms: linux/amd64,linux/arm64
+          push: true
+          tags: ${{ steps.meta.outputs.tags }}
+          build-args: |
+            "VITE_API_URL=${{ vars.VITE_API_URL }}"
+            "VITE_ENABLE_TRACKING"=${{ vars.VITE_ENABLE_TRACKING }}"
+
+      - id: output-tag-client
+        run: |
+          if [[ "${{ matrix.path }}" == "client" ]] && [[ "${{ steps.changed-files-client-folder.outputs.any_changed }}" == "true" ]]; then
+            echo "client_image_tag=${{ steps.meta.outputs.version }}" >> "$GITHUB_OUTPUT"
+          elif [[ "${{ matrix.path }}" == "client" ]]; then
+            echo "client_image_tag=latest" >> "$GITHUB_OUTPUT"
+          fi
+      
+      - id: output-tag-server
+        run: |
+          if [[ "${{ matrix.path }}" == "server" ]] && [[ "${{ steps.changed-files-server-folder.outputs.any_changed }}" == "true" ]]; then
+            echo "server_image_tag=${{ steps.meta.outputs.version }}" >> "$GITHUB_OUTPUT"
+          elif [[ "${{ matrix.path }}" == "server" ]]; then
+            echo "server_image_tag=latest" >> "$GITHUB_OUTPUT"
+          fi
diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml
@@ -26,55 +26,72 @@ jobs:
 
     - name: Push Docker Images to GHCR
       run: |
-        docker push ghcr.io/${{ github.repository }}/client:latest
-        docker push ghcr.io/${{ github.repository }}/server:latest
+        docker push ghcr.io/ls1intum/thaii/client:latest
+        docker push ghcr.io/ls1intum/thaii/server:latest
 
   deploy:
     name: Deploy Application
     runs-on: ubuntu-latest
     needs: build
 
     steps:
+    - name: SSH to VM and Execute Docker-Compose Down
+      uses: appleboy/[email protected]
+      with:
+        host: ${{ secrets.SERVER_DOMAIN }}
+        username: ${{ secrets.SERVER_USER }}
+        key: ${{ secrets.SSH_KEY }}
+        script: |
+          docker compose -f compose.yml --env-file=.env down --remove-orphans --rmi all
+
     - name: Checkout Code
       uses: actions/checkout@v3
 
-    - name: Install SSH Client
-      run: sudo apt-get update && sudo apt-get install -y openssh-client
-
-    - name: Add SSH Key
-      uses: webfactory/[email protected]
-      with:
-        ssh-private-key: ${{ secrets.SSH_KEY }}
-
     - name: Copy Files to Server
-      run: |
-        scp -o StrictHostKeyChecking=no ./compose.yml ${{ secrets.SERVER_USER }}@${{ secrets.SERVER_DOMAIN }}:~/compose.yml
-        scp -o StrictHostKeyChecking=no -r ./letsencrypt ${{ secrets.SERVER_USER }}@${{ secrets.SERVER_DOMAIN }}:~/letsencrypt
+      uses: appleboy/[email protected]
+      with:
+        host: ${{ secrets.SERVER_DOMAIN }}
+        username: ${{ secrets.SERVER_USER }}
+        key: ${{ secrets.SSH_KEY }}
+        script: |
+          scp -o StrictHostKeyChecking=no ./compose.yml ${{ secrets.SERVER_USER }}@${{ secrets.SERVER_DOMAIN }}:~/compose.yml
+          scp -o StrictHostKeyChecking=no -r ./letsencrypt ${{ secrets.SERVER_USER }}@${{ secrets.SERVER_DOMAIN }}:~/letsencrypt
 
     - name: Set Up Environment Variables
-      run: |
-        ssh -o StrictHostKeyChecking=no ${{ secrets.SERVER_USER }}@${{ secrets.SERVER_DOMAIN }} << 'EOF'
-        echo "OPENAI_API_KEY=${{ secrets.OPENAI_API_KEY }}" >> .env
-        echo "DEBUG=${{ secrets.DEBUG }}" >> .env
-        echo "SECRET_KEY=${{ secrets.SECRET_KEY }}" >> .env
-        echo "POSTGRES_DB=${{ secrets.POSTGRES_DB }}" >> .env
-        echo "POSTGRES_USER=${{ secrets.POSTGRES_USER }}" >> .env
-        echo "POSTGRES_PASSWORD=${{ secrets.POSTGRES_PASSWORD }}" >> .env
-        echo "POSTGRES_HOST=${{ secrets.POSTGRES_HOST }}" >> .env
-        echo "EMAIL_USE_TLS=${{ secrets.EMAIL_USE_TLS }}" >> .env
-        echo "EMAIL_HOST=${{ secrets.EMAIL_HOST }}" >> .env
-        echo "EMAIL_HOST_USER=${{ secrets.EMAIL_HOST_USER }}" >> .env
-        echo "EMAIL_HOST_PASSWORD=${{ secrets.EMAIL_HOST_PASSWORD }}" >> .env
-        echo "DEFAULT_FROM_EMAIL=${{ secrets.DEFAULT_FROM_EMAIL }}" >> .env
-        echo "EMAIL_PORT=${{ secrets.EMAIL_PORT }}" >> .env
-        echo "DJANGO_SUPERUSER_USERNAME=${{ secrets.DJANGO_SUPERUSER_USERNAME }}" >> .env
-        echo "DJANGO_SUPERUSER_PASSWORD=${{ secrets.DJANGO_SUPERUSER_PASSWORD }}" >> .env
-        echo "DJANGO_SUPERUSER_EMAIL=${{ secrets.DJANGO_SUPERUSER_EMAIL }}" >> .env
-        EOF
+      uses: appleboy/[email protected]
+      with:
+        host: ${{ secrets.SERVER_DOMAIN }}
+        username: ${{ secrets.SERVER_USER }}
+        key: ${{ secrets.SSH_KEY }}
+        script: |
+          ssh -o StrictHostKeyChecking=no ${{ secrets.SERVER_USER }}@${{ secrets.SERVER_DOMAIN }} << 'EOF'
+          touch .env 
+          echo "OPENAI_API_KEY=${{ secrets.OPENAI_API_KEY }}" >> .env
+          echo "DEBUG=${{ secrets.DEBUG }}" >> .env
+          echo "SECRET_KEY=${{ secrets.SECRET_KEY }}" >> .env
+          echo "POSTGRES_DB=${{ secrets.POSTGRES_DB }}" >> .env
+          echo "POSTGRES_USER=${{ secrets.POSTGRES_USER }}" >> .env
+          echo "POSTGRES_PASSWORD=${{ secrets.POSTGRES_PASSWORD }}" >> .env
+          echo "POSTGRES_HOST=${{ secrets.POSTGRES_HOST }}" >> .env
+          echo "EMAIL_USE_TLS=${{ secrets.EMAIL_USE_TLS }}" >> .env
+          echo "EMAIL_HOST=${{ secrets.EMAIL_HOST }}" >> .env
+          echo "EMAIL_HOST_USER=${{ secrets.EMAIL_HOST_USER }}" >> .env
+          echo "EMAIL_HOST_PASSWORD=${{ secrets.EMAIL_HOST_PASSWORD }}" >> .env
+          echo "DEFAULT_FROM_EMAIL=${{ secrets.DEFAULT_FROM_EMAIL }}" >> .env
+          echo "EMAIL_PORT=${{ secrets.EMAIL_PORT }}" >> .env
+          echo "DJANGO_SUPERUSER_USERNAME=${{ secrets.DJANGO_SUPERUSER_USERNAME }}" >> .env
+          echo "DJANGO_SUPERUSER_PASSWORD=${{ secrets.DJANGO_SUPERUSER_PASSWORD }}" >> .env
+          echo "DJANGO_SUPERUSER_EMAIL=${{ secrets.DJANGO_SUPERUSER_EMAIL }}" >> .env
+          EOF
 
-    - name: Deploy on Server
-      run: |
-        ssh -o StrictHostKeyChecking=no ${{ secrets.SERVER_USER }}@${{ secrets.SERVER_DOMAIN }} "mkdir -p ~/"
-        ssh -o StrictHostKeyChecking=no ${{ secrets.SERVER_USER }}@${{ secrets.SERVER_DOMAIN }} "touch ~/letsencrypt/acme.json && chmod 600 ~/letsencrypt/acme.json"
-        ssh -o StrictHostKeyChecking=no ${{ secrets.SERVER_USER }}@${{ secrets.SERVER_DOMAIN }} "docker login ghcr.io -u ${{ github.actor }} --password-stdin <<< ${{ secrets.GITHUB_TOKEN }}"
-        ssh -o StrictHostKeyChecking=no ${{ secrets.SERVER_USER }}@${{ secrets.SERVER_DOMAIN }} "docker compose pull && docker compose up -d && docker compose logs"
+    - name: SSH to VM and Execute Docker-Compose Up
+      uses: appleboy/[email protected]
+      with:
+        host: ${{ secrets.SERVER_DOMAIN }}
+        username: ${{ secrets.SERVER_USER }}
+        key: ${{ secrets.SSH_KEY }}
+        script: |
+          ssh -o StrictHostKeyChecking=no ${{ secrets.SERVER_USER }}@${{ secrets.SERVER_DOMAIN }} "mkdir -p ~/"
+          ssh -o StrictHostKeyChecking=no ${{ secrets.SERVER_USER }}@${{ secrets.SERVER_DOMAIN }} "touch ~/letsencrypt/acme.json && chmod 600 ~/letsencrypt/acme.json"
+          ssh -o StrictHostKeyChecking=no ${{ secrets.SERVER_USER }}@${{ secrets.SERVER_DOMAIN }} "docker login ghcr.io -u ${{ github.actor }} --password-stdin <<< ${{ secrets.GITHUB_TOKEN }}"
+          ssh -o StrictHostKeyChecking=no ${{ secrets.SERVER_USER }}@${{ secrets.SERVER_DOMAIN }} "docker compose pull && docker compose up -d && docker compose logs"
diff --git a/.github/workflows/deploy_docker.yml b/.github/workflows/deploy_docker.yml
@@ -0,0 +1,105 @@
+name: Deploy Docker Image
+
+on:
+  workflow_call:
+    inputs:
+      environment:
+        required: true
+        type: string
+      server_image_tag:
+        default: "latest"
+        type: string
+      client_image_tag:
+        default: "latest"
+        type: string
+
+jobs:
+  deploy:
+    runs-on: ubuntu-latest
+    steps:
+    - name: SSH to VM and Execute Docker-Compose Down
+      uses: appleboy/[email protected]
+      with:
+        host: ${{ secrets.SERVER_DOMAIN }}
+        username: ${{ secrets.SERVER_USER }}
+        key: ${{ secrets.SSH_KEY }}
+        proxy_host: ${{ vars.DEPLOYMENT_GATEWAY_HOST }}
+        proxy_username: ${{ vars.DEPLOYMENT_GATEWAY_USER }}
+        proxy_key: ${{ secrets.DEPLOYMENT_GATEWAY_SSH_KEY }}
+        proxy_port: ${{ vars.DEPLOYMENT_GATEWAY_PORT }}
+        script: |
+          docker compose -f compose.yml --env-file=.env down --remove-orphans --rmi all
+
+    - name: Checkout Code
+      uses: actions/checkout@v3
+
+    - name: Copy Docker Compose File From Repo to VM Host
+      uses: appleboy/[email protected]
+      with:
+        host: ${{ secrets.SERVER_DOMAIN }}
+        username: ${{ secrets.SERVER_USER }}
+        key: ${{ secrets.SSH_KEY }}
+        proxy_host: ${{ vars.DEPLOYMENT_GATEWAY_HOST }}
+        proxy_username: ${{ vars.DEPLOYMENT_GATEWAY_USER }}
+        proxy_key: ${{ secrets.DEPLOYMENT_GATEWAY_SSH_KEY }}
+        proxy_port: ${{ vars.DEPLOYMENT_GATEWAY_PORT }}
+        source: "./compose.yml"
+        target: /home/${{ secrets.SERVER_USER }}
+
+    - name: Copy Letsencrypt File From Repo to VM Host
+      uses: appleboy/[email protected]
+      with:
+        host: ${{ secrets.SERVER_DOMAIN }}
+        username: ${{ secrets.SERVER_USER }}
+        key: ${{ secrets.SSH_KEY }}
+        proxy_host: ${{ vars.DEPLOYMENT_GATEWAY_HOST }}
+        proxy_username: ${{ vars.DEPLOYMENT_GATEWAY_USER }}
+        proxy_key: ${{ secrets.DEPLOYMENT_GATEWAY_SSH_KEY }}
+        proxy_port: ${{ vars.DEPLOYMENT_GATEWAY_PORT }}
+        source: "./letsencrypt"
+        target: /home/${{ secrets.SERVER_USER }}
+
+    - name: Set Up Environment Variables
+      uses: appleboy/[email protected]
+      with:
+        host: ${{ secrets.SERVER_DOMAIN }}
+        username: ${{ secrets.SERVER_USER }}
+        key: ${{ secrets.SSH_KEY }}
+        proxy_host: ${{ vars.DEPLOYMENT_GATEWAY_HOST }}
+        proxy_username: ${{ vars.DEPLOYMENT_GATEWAY_USER }}
+        proxy_key: ${{ secrets.DEPLOYMENT_GATEWAY_SSH_KEY }}
+        proxy_port: ${{ vars.DEPLOYMENT_GATEWAY_PORT }}
+        script: |
+          touch .env 
+          echo "OPENAI_API_KEY=${{ secrets.OPENAI_API_KEY }}" >> .env
+          echo "DEBUG=${{ secrets.DEBUG }}" >> .env
+          echo "SECRET_KEY=${{ secrets.SECRET_KEY }}" >> .env
+          echo "POSTGRES_DB=${{ secrets.POSTGRES_DB }}" >> .env
+          echo "POSTGRES_USER=${{ secrets.POSTGRES_USER }}" >> .env
+          echo "POSTGRES_PASSWORD=${{ secrets.POSTGRES_PASSWORD }}" >> .env
+          echo "POSTGRES_HOST=${{ secrets.POSTGRES_HOST }}" >> .env
+          echo "EMAIL_USE_TLS=${{ secrets.EMAIL_USE_TLS }}" >> .env
+          echo "EMAIL_HOST=${{ secrets.EMAIL_HOST }}" >> .env
+          echo "EMAIL_HOST_USER=${{ secrets.EMAIL_HOST_USER }}" >> .env
+          echo "EMAIL_HOST_PASSWORD=${{ secrets.EMAIL_HOST_PASSWORD }}" >> .env
+          echo "DEFAULT_FROM_EMAIL=${{ secrets.DEFAULT_FROM_EMAIL }}" >> .env
+          echo "EMAIL_PORT=${{ secrets.EMAIL_PORT }}" >> .env
+          echo "DJANGO_SUPERUSER_USERNAME=${{ secrets.DJANGO_SUPERUSER_USERNAME }}" >> .env
+          echo "DJANGO_SUPERUSER_PASSWORD=${{ secrets.DJANGO_SUPERUSER_PASSWORD }}" >> .env
+          echo "DJANGO_SUPERUSER_EMAIL=${{ secrets.DJANGO_SUPERUSER_EMAIL }}" >> .env
+
+    - name: SSH to VM and Execute Docker-Compose Up
+      uses: appleboy/[email protected]
+      with:
+        host: ${{ secrets.SERVER_DOMAIN }}
+        username: ${{ secrets.SERVER_USER }}
+        key: ${{ secrets.SSH_KEY }}
+        proxy_host: ${{ vars.DEPLOYMENT_GATEWAY_HOST }}
+        proxy_username: ${{ vars.DEPLOYMENT_GATEWAY_USER }}
+        proxy_key: ${{ secrets.DEPLOYMENT_GATEWAY_SSH_KEY }}
+        proxy_port: ${{ vars.DEPLOYMENT_GATEWAY_PORT }}
+        script: |
+          mkdir -p ~/
+          touch ~/letsencrypt/acme.json && chmod 600 ~/letsencrypt/acme.json
+          docker login ghcr.io -u ${{ github.actor }} --password-stdin <<< ${{ secrets.GITHUB_TOKEN }}
+          docker compose pull && docker compose up -d && docker compose logs
diff --git a/.github/workflows/prod.yml b/.github/workflows/prod.yml
@@ -0,0 +1,19 @@
+name: Build and Deploy to Prod
+
+on:
+  push:
+    branches: [develop]
+
+jobs:
+  build-prod-container:
+    uses: ./.github/workflows/build_docker.yml
+    secrets: inherit
+  deploy-prod-container:
+    needs: build-prod-container
+    uses: ./.github/workflows/deploy_docker.yml
+    secrets: inherit
+    with:
+      environment: Production
+      server_image_tag: "latest"
+      client_image_tag: "latest"
+