👷 ci: setup staging environment #279
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Deploy to staging environment | |
concurrency: | |
group: staging | |
cancel-in-progress: true | |
on: | |
push: | |
branches: | |
- kamal | |
workflow_dispatch: | |
jobs: | |
deploy: | |
runs-on: ubuntu-latest | |
environment: stg | |
defaults: | |
run: | |
working-directory: bot | |
env: | |
DOCKER_BUILDKIT: 1 | |
KAMAL_REGISTRY_LOGIN_SERVER: ${{ secrets.KAMAL_REGISTRY_LOGIN_SERVER }} | |
KAMAL_REGISTRY_USERNAME: ${{ secrets.KAMAL_REGISTRY_USERNAME }} | |
KAMAL_REGISTRY_PASSWORD: ${{ secrets.KAMAL_REGISTRY_PASSWORD }} | |
KAMAL_SERVER_IP: ${{ secrets.KAMAL_SERVER_IP }} | |
DATABASE_URL: ${{ secrets.DATABASE_URL }} | |
APP_ID: ${{ secrets.APP_ID }} | |
GH_APP_ID: ${{ secrets.GH_APP_ID }} | |
GH_APP_NAME: ${{ secrets.GH_APP_NAME }} | |
GH_CLIENT_ID: ${{ secrets.GH_CLIENT_ID }} | |
GH_CLIENT_SECRET: ${{ secrets.GH_CLIENT_SECRET }} | |
PRIVATE_KEY: ${{ secrets.PRIVATE_KEY }} | |
WEBHOOK_SECRET: ${{ secrets.WEBHOOK_SECRET }} | |
CODEFAIR_APP_DOMAIN: ${{ secrets.CODEFAIR_APP_DOMAIN }} | |
ZENODO_API_ENDPOINT: ${{ secrets.ZENODO_API_ENDPOINT }} | |
ZENODO_ENDPOINT: ${{ secrets.ZENODO_ENDPOINT }} | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: ruby/setup-ruby@v1 | |
with: | |
ruby-version: 3.3.1 | |
bundler-cache: true | |
- run: gem install kamal | |
- uses: webfactory/ssh-agent@v0.9.0 | |
with: | |
ssh-private-key: ${{ secrets.SSH_PRIVATE_KEY }} | |
# - name: Rename staging files | |
# run: | | |
# mv Dockerfile.staging Dockerfile | |
# mv config/deploy-staging.yml config/deploy.yml | |
- name: Login to Azure Container Registry | |
uses: azure/docker-login@v1 | |
with: | |
login-server: ${{ secrets.KAMAL_REGISTRY_LOGIN_SERVER }} | |
username: ${{ secrets.KAMAL_REGISTRY_USERNAME }} | |
password: ${{ secrets.KAMAL_REGISTRY_PASSWORD }} | |
- name: Set up Docker Buildx for cache | |
uses: docker/setup-buildx-action@v3 | |
- run: kamal version | |
- run: kamal registry login --verbose | |
# Suggestion to use lock release and redeploy after reading comments from others. Deploying two builds could cause locking issues when the first is cancelled. | |
- run: kamal lock release --verbose | |
# Setup kamal for the first time | |
- run: kamal setup | |
# Deploy the app for all other times | |
# - run: kamal redeploy --verbose |