Build and Publish itcloud Docker Image and OpenVPN linux server #61
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # | |
| # deploy.yml | |
| # 도커 이미지 생성처리 Github Action | |
| # | |
| # [build] | |
| # | |
| # 1. <버전> 값 추출 후 환경변수로 저장 | |
| # 2. Dockerfile을 가지고 docker build 진행 | |
| # 3. 성공 후, hub.docker.com 으로 배포 (ititcloud/itcloud:<버전>) | |
| # 4. docker save 실행 후 도커이미지 tar 파일 생성 | |
| # 5. 아티팩트 배출 | |
| # a. itloud-*.tar: 도커이미지 tar 파일 | |
| # b. version.txt: <버전> 값 | |
| # | |
| # NOTE: | |
| # 모든 작업이 성공적으로 진행 될 경우 | |
| # deploy.yml가 다음으로 실행 | |
| # | |
| # [deploy] | |
| # | |
| # 1. docker-image.yml 가 성공했는지 확인 | |
| # 2. version.txt 다운로드 | |
| # a. <버전> 값 추출 | |
| # b. 환경변수 VERSION에 저장 | |
| # 3. itloud-*.tar 다운로드 | |
| # | |
| name: Build and Publish itcloud Docker Image and OpenVPN linux server | |
| on: | |
| push: | |
| tags: | |
| - 'itcloud-v*' # Triggers on tags with prefix 'v' | |
| jobs: | |
| build: | |
| runs-on: ubuntu-latest | |
| outputs: | |
| version: ${{ steps.extract_version.outputs.version }} | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v2 | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v2 | |
| - name: Login to Docker Hub | |
| uses: docker/login-action@v2 | |
| with: | |
| username: ${{ secrets.DOCKER_HUB_USERNAME }} | |
| password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }} | |
| - name: Extract version number | |
| id: extract_version | |
| run: | | |
| VERSION=$(echo "${GITHUB_REF}" | sed -E 's|refs/tags/itcloud-v(.*)|\1|') | |
| echo "VERSION=${VERSION}" >> $GITHUB_ENV | |
| echo "VERSION=${VERSION}" >> $GITHUB_OUTPUT | |
| - name: Identify the extracted version | |
| run: | | |
| echo "Extracted version: ${{ env.VERSION }}" | |
| - name: Build Docker image | |
| run: | | |
| docker buildx build --platform linux/amd64 -t ${{ secrets.DOCKER_HUB_USERNAME }}/itcloud:${{ env.VERSION }} --load . | |
| - name: Save Docker image as tarball | |
| run: | | |
| docker save ${{ secrets.DOCKER_HUB_USERNAME }}/itcloud:${{ env.VERSION }} -o itcloud-${{ env.VERSION }}.tar | |
| - name: Upload Docker image tarball as artifact | |
| uses: actions/upload-artifact@v3 | |
| with: | |
| name: itcloud-artifact | |
| path: ./itcloud-${{ env.VERSION }}.tar | |
| - name: Build and push Docker image | |
| uses: docker/build-push-action@v4 | |
| with: | |
| context: . | |
| push: true | |
| tags: ${{ secrets.DOCKER_HUB_USERNAME }}/itcloud:${{ env.VERSION }} | |
| deploy: | |
| runs-on: ubuntu-latest | |
| needs: build | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v2 | |
| - name: Extract 'version number' | |
| run: | | |
| VERSION=${{ needs.build.outputs.VERSION }} | |
| echo "VERSION=${VERSION}" >> $GITHUB_ENV | |
| - name: Identify 'version number' | |
| run: | | |
| echo "Extracted version: ${{ env.VERSION }}" | |
| - name: Download artifact | |
| uses: actions/download-artifact@v3 | |
| with: | |
| name: itcloud-artifact | |
| path: . | |
| - name: Install OpenVPN | |
| run: | | |
| sudo apt update | |
| sudo apt install -y openvpn openvpn-systemd-resolved | |
| - name: Wait for VPN to establish | |
| run: sleep 30 | |
| - name: Connect on OpenVPN | |
| uses: "kota65535/github-openvpn-connect-action@v2" | |
| with: | |
| config_file: .github/workflows/client.ovpn | |
| username: ${{ secrets.OVPN_USERNAME }} | |
| password: ${{ secrets.OVPN_PASSWORD }} | |
| - name: Verify VPN connection | |
| run: | | |
| curl -v ${{ secrets.SERVER_IP }} | |
| - name: Set up SSH | |
| run: | | |
| mkdir -p ~/.ssh | |
| echo "${{ secrets.SSH_PRIVATE_KEY }}" > ~/.ssh/id_rsa | |
| chmod 600 ~/.ssh/id_rsa | |
| echo "${{ secrets.SSH_PASSPHRASE }}" > ~/.ssh/id_rsa_passphrase | |
| chmod 600 ~/.ssh/id_rsa_passphrase | |
| echo -e "Host ${{ secrets.SERVER_IP }}\n\tStrictHostKeyChecking no\n" >> ~/.ssh/config | |
| echo -e "IdentityFile ~/.ssh/id_rsa\n\tIdentitiesOnly yes\n\tAddKeysToAgent yes\n\tIdentityFile ~/.ssh/id_rsa_passphrase" >> ~/.ssh/config | |
| - name: Transfer Docker image tarball using scp | |
| run: | | |
| scp -o StrictHostKeyChecking=no ./itcloud-${{ env.VERSION }}.tar ${{ secrets.SSH_USER }}@${{ secrets.SERVER_IP }}:${{ secrets.PATH_REMOTE_KEEP_TARBALL }} | |
| - name: Load Docker image on server | |
| run: | | |
| ssh -o StrictHostKeyChecking=no ${{ secrets.SSH_USER }}@${{ secrets.SERVER_IP }} "docker load -i ${{ secrets.PATH_REMOTE_KEEP_TARBALL }}/itcloud-${{ env.VERSION }}.tar" | |
| - name: Disconnect VPN | |
| run: | | |
| sudo killall openvpn |