Workflow for Production Environment Deployment #4
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Workflow for Production Environment Deployment | |
on: | |
workflow_dispatch: | |
env: | |
CONFIG_ENV: ${{ secrets.CONFIG_ENV }} | |
TARGET_PLATFORMS: ${{ secrets.TARGET_PLATFORMS }} | |
REGISTRY: ${{ secrets.REGISTRY }} | |
REGISTRY_USER: ${{ secrets.REGISTRY_USER }} | |
REGISTRY_IMAGE: ${{ secrets.REGISTRY_IMAGE }} | |
REGISTRY_ACCESS_TOKEN: ${{ secrets.REGISTRY_ACCESS_TOKEN }} | |
jobs: | |
Prod-Deployment: | |
name: Production Deployment | |
runs-on: ubuntu-22.04 | |
steps: | |
- name: Checkout Sources | |
uses: actions/checkout@v3 | |
- name: Sign in to Container Registry | |
run: echo $REGISTRY_ACCESS_TOKEN | docker login -u $REGISTRY_USER --password-stdin $REGISTRY | |
- name: Build and Tag Image | |
run: | | |
docker build \ | |
--platform $TARGET_PLATFORMS \ | |
-t "$REGISTRY/$REGISTRY_IMAGE:${{ github.sha }}" . | |
docker tag "$REGISTRY/$REGISTRY_IMAGE:${{ github.sha }}" "$REGISTRY/$REGISTRY_IMAGE:stable" | |
- name: Publish to Container Registry | |
run: docker push "$REGISTRY/$REGISTRY_IMAGE:stable" | |
- name: Pull Latest Image and Run Container | |
uses: appleboy/ssh-action@v0.1.10 | |
with: | |
host: ${{ secrets.SSH_HOST }} | |
username: ${{ secrets.SSH_USER }} | |
key: ${{ secrets.SSH_PRIVATEKEY }} | |
envs: CONFIG_ENV,REGISTRY_ACCESS_TOKEN,REGISTRY_USER,REGISTRY,REGISTRY_IMAGE | |
script: | | |
mkdir -pv ./app/lexicapi-prod | |
cd ./app/lexicapi-prod | |
echo $CONFIG_ENV | tr ' ' '\n' > .env | |
mkdir ./log | |
sudo chown :lexica ./log && sudo chmod 0775 ./log && sudo chmod g+s ./log | |
echo $REGISTRY_ACCESS_TOKEN | docker login -u $REGISTRY_USER --password-stdin $REGISTRY | |
docker rm -f lexicapi-prod | |
docker pull "$REGISTRY/$REGISTRY_IMAGE:stable" | |
docker run -d --name lexicapi-prod \ | |
--restart always \ | |
-v "$(pwd)/.env:/app/lexicapi/.env:ro" \ | |
-v "$(pwd)/log:/app/lexicapi/log:z" \ | |
-p "8081:8081" \ | |
"$REGISTRY/$REGISTRY_IMAGE:stable" | |
- name: Get Release Date | |
id: get_release_date | |
run: echo "RELEASE_DATE=$(TZ='Asia/Jakarta' date +'%A %d-%m-%Y %T WIB')" >> "$GITHUB_OUTPUT" | |
- name: Mark as Stable | |
uses: ncipollo/release-action@v1 | |
with: | |
allowUpdates: true | |
body: "Stable release updated at ${{ steps.get_release_date.outputs.RELEASE_DATE }}" | |
token: ${{ secrets.GH_TOKEN }} | |
tag: stable |