114 lines
4.1 KiB
YAML
114 lines
4.1 KiB
YAML
name: Build, Push and Deploy
|
|
|
|
on:
|
|
push:
|
|
branches:
|
|
- main
|
|
|
|
jobs:
|
|
build-and-deploy:
|
|
runs-on: ubuntu-latest
|
|
|
|
steps:
|
|
- name: Checkout Code
|
|
uses: actions/checkout@v4
|
|
|
|
- name: Login to Container Registry
|
|
uses: docker/login-action@v3
|
|
with:
|
|
registry: ${{ vars.REGISTRY_URL }}
|
|
username: ${{ secrets.CI_GITEA_USER }}
|
|
password: ${{ secrets.CI_GITEA_TOKEN }}
|
|
|
|
- name: Extract metadata for Docker
|
|
id: meta
|
|
run: |
|
|
echo "image_tag=${{ vars.REGISTRY_URL }}/${{ vars.NAMESPACE }}/${{ vars.REPO_NAME }}:${{ github.sha }}" >> $GITHUB_OUTPUT
|
|
echo "image_latest=${{ vars.REGISTRY_URL }}/${{ vars.NAMESPACE }}/${{ vars.REPO_NAME }}:latest" >> $GITHUB_OUTPUT
|
|
|
|
- name: Build and Push Docker Image
|
|
uses: docker/build-push-action@v5
|
|
with:
|
|
context: .
|
|
file: ./docker/Dockerfile
|
|
push: true
|
|
tags: |
|
|
${{ steps.meta.outputs.image_tag }}
|
|
${{ steps.meta.outputs.image_latest }}
|
|
|
|
- name: Deploy to Remote Server
|
|
uses: appleboy/ssh-action@v1.0.3
|
|
with:
|
|
host: ${{ secrets.SSH_HOST }}
|
|
username: ${{ secrets.SSH_USERNAME }}
|
|
key: ${{ secrets.SSH_PRIVATE_KEY }}
|
|
port: ${{ secrets.SSH_PORT }}
|
|
script: |
|
|
# Navigate to deployment directory
|
|
cd ${{ secrets.DEPLOY_PATH }}
|
|
|
|
# Create .env file with all secrets
|
|
cat > .env << 'EOF'
|
|
# Deployment
|
|
REGISTRY_URL=${{ vars.REGISTRY_URL }}
|
|
NAMESPACE=${{ vars.NAMESPACE }}
|
|
REPO_NAME=${{ vars.REPO_NAME }}
|
|
IMAGE_TAG=${{ github.sha }}
|
|
CI_GITEA_USER=${{ secrets.CI_GITEA_USER }}
|
|
CI_GITEA_TOKEN=${{ secrets.CI_GITEA_TOKEN }}
|
|
|
|
# Application
|
|
APP_PORT=${{ secrets.APP_PORT }}
|
|
SPRING_PROFILES_ACTIVE=${{ secrets.SPRING_PROFILES_ACTIVE }}
|
|
APPLICATION_NAME=${{ secrets.APPLICATION_NAME }}
|
|
CORS_ALLOWED_ORIGINS=${{ secrets.CORS_ALLOWED_ORIGINS }}
|
|
|
|
# PostgreSQL Configuration
|
|
POSTGRES_HOST=${{ secrets.POSTGRES_HOST }}
|
|
POSTGRES_PORT=${{ secrets.POSTGRES_PORT }}
|
|
POSTGRES_DB=${{ secrets.POSTGRES_DB }}
|
|
POSTGRES_USER=${{ secrets.POSTGRES_USER }}
|
|
POSTGRES_PASSWORD=${{ secrets.POSTGRES_PASSWORD }}
|
|
|
|
# Keycloak Configuration
|
|
KEYCLOAK_URL=${{ secrets.KEYCLOAK_URL }}
|
|
KEYCLOAK_REALM=${{ secrets.KEYCLOAK_REALM }}
|
|
KEYCLOAK_ISSUER_URI=${{ secrets.KEYCLOAK_ISSUER_URI }}
|
|
|
|
# MinIO (S3) Configuration
|
|
MINIO_ENDPOINT=${{ secrets.MINIO_ENDPOINT }}
|
|
MINIO_ACCESS_KEY=${{ secrets.MINIO_ACCESS_KEY }}
|
|
MINIO_SECRET_KEY=${{ secrets.MINIO_SECRET_KEY }}
|
|
|
|
# AWS S3 Configuration (if needed)
|
|
AWS_ACCESS_KEY_ID=${{ secrets.AWS_ACCESS_KEY_ID }}
|
|
AWS_SECRET_ACCESS_KEY=${{ secrets.AWS_SECRET_ACCESS_KEY }}
|
|
AWS_S3_BUCKET_NAME=${{ secrets.AWS_S3_BUCKET_NAME }}
|
|
AWS_S3_REGION=${{ secrets.AWS_S3_REGION }}
|
|
AWS_S3_ENDPOINT=${{ secrets.AWS_S3_ENDPOINT }}
|
|
|
|
# Hibernate Configuration
|
|
HIBERNATE_DDL_AUTO=${{ secrets.HIBERNATE_DDL_AUTO }}
|
|
|
|
# Java Options
|
|
JAVA_OPTS=${{ secrets.JAVA_OPTS }}
|
|
EOF
|
|
|
|
# Set proper permissions
|
|
chmod 600 .env
|
|
|
|
# Login to Container Registry
|
|
echo "${{ secrets.CI_GITEA_TOKEN }}" | docker login ${{ vars.REGISTRY_URL }} -u ${{ secrets.CI_GITEA_USER }} --password-stdin
|
|
|
|
# Pull latest image
|
|
docker compose pull
|
|
|
|
# Restart services with new image
|
|
docker compose up -d --remove-orphans
|
|
|
|
# Clean up old images
|
|
docker image prune -af --filter "until=168h"
|
|
|
|
# Show running containers
|
|
docker compose ps
|