Skip to content

Workflow for Production Environment Deployment #4

Workflow for Production Environment Deployment

Workflow for Production Environment Deployment #4

name: Workflow for Production Environment Deployment
on:
workflow_dispatch:
env:
CONFIG_ENV: ${{ secrets.CONFIG_ENV }}
TARGET_PLATFORMS: ${{ secrets.TARGET_PLATFORMS }}
REGISTRY: ${{ secrets.REGISTRY }}
REGISTRY_USER: ${{ secrets.REGISTRY_USER }}
REGISTRY_IMAGE: ${{ secrets.REGISTRY_IMAGE }}
REGISTRY_ACCESS_TOKEN: ${{ secrets.REGISTRY_ACCESS_TOKEN }}
jobs:
Prod-Deployment:
name: Production Deployment
runs-on: ubuntu-22.04
steps:
- name: Checkout Sources
uses: actions/checkout@v3
- name: Sign in to Container Registry
run: echo $REGISTRY_ACCESS_TOKEN | docker login -u $REGISTRY_USER --password-stdin $REGISTRY
- name: Build and Tag Image
run: |
docker build \
--platform $TARGET_PLATFORMS \
-t "$REGISTRY/$REGISTRY_IMAGE:${{ github.sha }}" .
docker tag "$REGISTRY/$REGISTRY_IMAGE:${{ github.sha }}" "$REGISTRY/$REGISTRY_IMAGE:stable"
- name: Publish to Container Registry
run: docker push "$REGISTRY/$REGISTRY_IMAGE:stable"
- name: Pull Latest Image and Run Container
uses: appleboy/ssh-action@v0.1.10
with:
host: ${{ secrets.SSH_HOST }}
username: ${{ secrets.SSH_USER }}
key: ${{ secrets.SSH_PRIVATEKEY }}
envs: CONFIG_ENV,REGISTRY_ACCESS_TOKEN,REGISTRY_USER,REGISTRY,REGISTRY_IMAGE
script: |
mkdir -pv ./app/lexicapi-prod
cd ./app/lexicapi-prod
echo $CONFIG_ENV | tr ' ' '\n' > .env
mkdir ./log
sudo chown :lexica ./log && sudo chmod 0775 ./log && sudo chmod g+s ./log
echo $REGISTRY_ACCESS_TOKEN | docker login -u $REGISTRY_USER --password-stdin $REGISTRY
docker rm -f lexicapi-prod
docker pull "$REGISTRY/$REGISTRY_IMAGE:stable"
docker run -d --name lexicapi-prod \
--restart always \
-v "$(pwd)/.env:/app/lexicapi/.env:ro" \
-v "$(pwd)/log:/app/lexicapi/log:z" \
-p "8081:8081" \
"$REGISTRY/$REGISTRY_IMAGE:stable"
- name: Get Release Date
id: get_release_date
run: echo "RELEASE_DATE=$(TZ='Asia/Jakarta' date +'%A %d-%m-%Y %T WIB')" >> "$GITHUB_OUTPUT"
- name: Mark as Stable
uses: ncipollo/release-action@v1
with:
allowUpdates: true
body: "Stable release updated at ${{ steps.get_release_date.outputs.RELEASE_DATE }}"
token: ${{ secrets.GH_TOKEN }}
tag: stable