From b69a7c27ebd22aa7cd55208332a3915b39f6bb87 Mon Sep 17 00:00:00 2001
From: Mikhail Ivanov <ya.ivanov-m2014@yandex.ru>
Date: Tue, 25 Jun 2024 17:41:37 +0200
Subject: [PATCH] fixes the workflow

---
 .github/workflows/deploy.yml | 76 ++++++++++++++++++++++--------------
 docker-compose.prod.yml      |  8 ++--
 2 files changed, 50 insertions(+), 34 deletions(-)

diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml
index 67c2f73..74a095e 100644
--- a/.github/workflows/deploy.yml
+++ b/.github/workflows/deploy.yml
@@ -1,39 +1,55 @@
 name: Master branch deploy
 
 on:
+  workflow_dispatch:
   push:
     branches:
       - master
 
 jobs:
-  jobs:
-    build:
-      name: Build image
-      runs-on: ubuntu-latest
-      steps:
-        - uses: actions/checkout@master
-        - run: docker login ghcr.io -u $GITHUB_ACTOR -p ${{ secrets.GHCR_TOKEN }}
-        - run: docker build -t ghcr.io/$GITHUB_ACTOR/infomate:latest -t ghcr.io/$GITHUB_ACTOR/walter:$GITHUB_SHA .
-        - run: docker image push ghcr.io/$GITHUB_ACTOR/walter:$GITHUB_SHA
-        - run: docker image push ghcr.io/$GITHUB_ACTOR/walter:latest
+  build:
+    name: Build image
+    runs-on: ubuntu-latest
+    environment: production
+    steps:
+      - uses: actions/checkout@master
+      - run: docker login ghcr.io -u $GITHUB_ACTOR -p ${{ secrets.GHCR_TOKEN }}
+      - run: docker build -f ./infra/production/django/Dockerfile -t ghcr.io/$GITHUB_ACTOR/walter:latest -t ghcr.io/$GITHUB_ACTOR/walter:$GITHUB_SHA .
+      - run: docker image push ghcr.io/$GITHUB_ACTOR/walter:$GITHUB_SHA
+      - run: docker image push ghcr.io/$GITHUB_ACTOR/walter:latest
 
-    deploy:
-      name: Deploy
-      runs-on: ubuntu-latest
-      needs: build
-      env:
-        SSH_KEY_PATH: /tmp/ssh_key
-      steps:
-        - name: Checkout
-          uses: actions/checkout@v2
-        - name: Make envfile
-          run: export | grep "secret_" | sed "s/declare -x secret_//" > .env
-          env:
-            SECRET_KEY: ${{ secrets.SECRET_KEY }}
-            APP_HOST: ${{ env.APP_HOST }}
-        - run: echo "GITHUB_SHA=$GITHUB_SHA" >> .env
-        - run: echo "${{ secrets.PRODUCTION_SSH_KEY }}" > ${{ env.SSH_KEY_PATH }} && chmod 600 ${{ env.SSH_KEY_PATH }}
-        - run: scp -o StrictHostKeyChecking=no -i ${{ env.SSH_KEY_PATH }} -r $(pwd)/* ${{ secrets.PRODUCTION_SSH_USERNAME }}@${{ secrets.PRODUCTION_SSH_HOST }}:/home/walter/walter
-        - run: scp -o StrictHostKeyChecking=no -i ${{ env.SSH_KEY_PATH }} .env ${{ secrets.PRODUCTION_SSH_USERNAME }}@${{ secrets.PRODUCTION_SSH_HOST }}:/home/walter/walter/.env
-        - run: scp -o StrictHostKeyChecking=no -i ${{ env.SSH_KEY_PATH }} docker-compose.production.yml ${{ secrets.PRODUCTION_SSH_USERNAME }}@${{ secrets.PRODUCTION_SSH_HOST }}:/home/walter/walter/docker-compose.prod.yml
-        - run: ssh -i ${{ env.SSH_KEY_PATH }} ${{ secrets.PRODUCTION_SSH_USERNAME }}@${{ secrets.PRODUCTION_SSH_HOST }} "cd /home/walter/walter && docker login ghcr.io -u $GITHUB_ACTOR -p ${{ secrets.GHCR_TOKEN }} && docker pull ghcr.io/$GITHUB_ACTOR/walter:$GITHUB_SHA && docker-compose -f docker-compose.prod.yml --env-file=.env up -d && docker system prune --all --force"
\ No newline at end of file
+  deploy:
+    name: Deploy
+    runs-on: ubuntu-latest
+    environment: production
+    needs: build
+    env:
+      SSH_KEY_PATH: /tmp/ssh_key
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v2
+      - name: Make envfile
+        run: export | grep "secret_" | sed "s/declare -x secret_//" > .env
+        env:
+          secret_SECRET_KEY: ${{ secrets.SECRET_KEY }}
+          secret_DJANGO_ALLOWED_HOSTS: ${{ env.DJANGO_ALLOWED_HOSTS }}
+          secret_DEBUG: ${{ env.DEBUG }}
+          secret_SQL_ENGINE: ${{ env.SQL_ENGINE }}
+          secret_SQL_DATABASE: ${{ env.SQL_DATABASE }}
+          secret_SQL_USER: ${{ secrets.SQL_USER }}
+          secret_SQL_PASSWORD: ${{ secrets.SQL_PASSWORD }}
+          secret_SQL_HOST: ${{ env.SQL_HOST }}
+          secret_SQL_PORT: ${{ env.SQL_HOST }}
+          secret_RABBITMQ_DEFAULT_USER: ${{ secrets.RABBITMQ_DEFAULT_USER }}
+          secret_RABBITMQ_DEFAULT_PASS: ${{ secrets.RABBITMQ_DEFAULT_PASS }}
+          secret_CELERY_BROKER: ${{ env.CELERY_BROKER }}
+          secret_CELERY_BACKEND: ${{ env.CELERY_BACKEND }}
+          secret_CELERY_FLOWER_USER: ${{ secrets.CELERY_FLOWER_USER }}
+          secret_CELERY_FLOWER_PASSWORD: ${{ secrets.CELERY_FLOWER_PASSWORD }}
+          secret_CHANNELS_REDIS: ${{ env.CHANNELS_REDIS }}
+      - run: echo "GITHUB_SHA=$GITHUB_SHA" >> .env
+      - run: echo "${{ secrets.PRODUCTION_SSH_KEY }}" > ${{ env.SSH_KEY_PATH }} && chmod 600 ${{ env.SSH_KEY_PATH }}
+      - run: scp -o StrictHostKeyChecking=no -i ${{ env.SSH_KEY_PATH }} -r $(pwd)/* ${{ secrets.PRODUCTION_SSH_USERNAME }}@${{ secrets.PRODUCTION_SSH_HOST }}:/home/walter/walter
+      - run: scp -o StrictHostKeyChecking=no -i ${{ env.SSH_KEY_PATH }} .env ${{ secrets.PRODUCTION_SSH_USERNAME }}@${{ secrets.PRODUCTION_SSH_HOST }}:/home/walter/walter/.env
+      - run: scp -o StrictHostKeyChecking=no -i ${{ env.SSH_KEY_PATH }} docker-compose.prod.yml ${{ secrets.PRODUCTION_SSH_USERNAME }}@${{ secrets.PRODUCTION_SSH_HOST }}:/home/walter/walter/docker-compose.prod.yml
+      - run: ssh -i ${{ env.SSH_KEY_PATH }} ${{ secrets.PRODUCTION_SSH_USERNAME }}@${{ secrets.PRODUCTION_SSH_HOST }} "cd /home/walter/walter && docker login ghcr.io -u $GITHUB_ACTOR -p ${{ secrets.GHCR_TOKEN }} && docker pull ghcr.io/$GITHUB_ACTOR/walter:$GITHUB_SHA && docker compose -f docker-compose.prod.yml --env-file=.env up -d && docker system prune --all --force"
\ No newline at end of file
diff --git a/docker-compose.prod.yml b/docker-compose.prod.yml
index 1485339..50849b1 100644
--- a/docker-compose.prod.yml
+++ b/docker-compose.prod.yml
@@ -19,7 +19,7 @@ services:
   web:
     build:
       context: .
-      dockerfile: ./infra/production/django/Dockerfile
+      dockerfile: ghcr.io/mrmegatelo/walter:${GITHUB_SHA:-latest}
     command: /start
     volumes:
       - staticfiles:/app/staticfiles
@@ -50,7 +50,7 @@ services:
   celery_worker:
     build:
       context: .
-      dockerfile: ./infra/production/django/Dockerfile
+      dockerfile: ghcr.io/mrmegatelo/walter:${GITHUB_SHA:-latest}
     image: walter_celery_worker
     command: /start-celeryworker
     volumes:
@@ -65,7 +65,7 @@ services:
   celery_beat:
     build:
       context: .
-      dockerfile: ./infra/production/django/Dockerfile
+      dockerfile: ghcr.io/mrmegatelo/walter:${GITHUB_SHA:-latest}
     image: walter_celery_beat
     command: /start-celerybeat
     volumes:
@@ -80,7 +80,7 @@ services:
   flower:
     build:
       context: .
-      dockerfile: ./infra/production/django/Dockerfile
+      dockerfile: ghcr.io/mrmegatelo/walter:${GITHUB_SHA:-latest}
     image: walter_celery_flower
     command: /start-flower
     volumes: