Merge pull request #64 from KAT-ITB-2024/development #16
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Deploy Staging OSKM ITB X Dashboard | |
| on: | |
| # Runs on pushes targeting the default branch | |
| push: | |
| branches: ["staging"] | |
| # Allows you to run this workflow manually from the Actions tab | |
| # workflow_dispatch: | |
| jobs: | |
| # Build job | |
| build-and-deploy: | |
| runs-on: [self-hosted, oskm-itb-x-dashboard] | |
| environment: staging | |
| env: | |
| DATABASE_URL: ${{ secrets.DATABASE_URL }} | |
| NEXTAUTH_SECRET: ${{ secrets.NEXTAUTH_SECRET }} | |
| NEXTAUTH_URL: ${{ secrets.NEXTAUTH_URL }} | |
| MAILER_FROM: ${{ secrets.MAILER_FROM }} | |
| MAILER_CLIENT_ID: ${{ secrets.MAILER_CLIENT_ID }} | |
| MAILER_CLIENT_SECRET: ${{ secrets.MAILER_CLIENT_SECRET }} | |
| MAILER_REFRESH_TOKEN: ${{ secrets.MAILER_REFRESH_TOKEN }} | |
| NEXT_PUBLIC_DO_ACCESS_KEY: ${{ secrets.NEXT_PUBLIC_DO_ACCESS_KEY }} | |
| NEXT_PUBLIC_DO_BUCKET_NAME: ${{ secrets.NEXT_PUBLIC_DO_BUCKET_NAME }} | |
| NEXT_PUBLIC_DO_ORIGIN_ENDPOINT: ${{ secrets.NEXT_PUBLIC_DO_ORIGIN_ENDPOINT }} | |
| NEXT_PUBLIC_DO_REGION: ${{ secrets.NEXT_PUBLIC_DO_REGION }} | |
| NEXT_PUBLIC_DO_SECRET_KEY: ${{ secrets.NEXT_PUBLIC_DO_SECRET_KEY }} | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Detect package manager | |
| id: detect-package-manager | |
| run: | | |
| if [ -f "${{ github.workspace }}/yarn.lock" ]; then | |
| echo "manager=yarn" >> $GITHUB_OUTPUT | |
| echo "command=install" >> $GITHUB_OUTPUT | |
| echo "runner=yarn" >> $GITHUB_OUTPUT | |
| exit 0 | |
| elif [ -f "${{ github.workspace }}/package.json" ]; then | |
| echo "manager=npm" >> $GITHUB_OUTPUT | |
| echo "command=ci" >> $GITHUB_OUTPUT | |
| echo "runner=npx --no-install" >> $GITHUB_OUTPUT | |
| exit 0 | |
| else | |
| echo "Unable to determine package manager" | |
| exit 1 | |
| fi | |
| - name: Setup Node | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: "20" | |
| cache: ${{ steps.detect-package-manager.outputs.manager }} | |
| - name: Restore cache | |
| uses: actions/cache@v4 | |
| with: | |
| path: | | |
| .next/cache | |
| # Generate a new cache whenever packages or source files change. | |
| key: ${{ runner.os }}-nextjs-${{ hashFiles('**/package-lock.json', '**/yarn.lock') }}-${{ hashFiles('**.[jt]s', '**.[jt]sx') }} | |
| # If source files changed but packages didn't, rebuild from a prior cache. | |
| restore-keys: | | |
| ${{ runner.os }}-nextjs-${{ hashFiles('**/package-lock.json', '**/yarn.lock') }}- | |
| - name: Check secrets exist | |
| run: | | |
| if [ -z "${{ env.DATABASE_URL }}" ]; then | |
| echo "DATABASE_URL secret is missing" | |
| exit 1 | |
| fi | |
| if [ -z "${{ env.NEXTAUTH_SECRET }}" ]; then | |
| echo "NEXTAUTH_SECRET secret is missing" | |
| exit 1 | |
| fi | |
| if [ -z "${{ env.NEXTAUTH_URL }}" ]; then | |
| echo "NEXTAUTH_URL secret is missing" | |
| exit 1 | |
| fi | |
| if [ -z "${{ env.MAILER_FROM }}" ]; then | |
| echo "MAILER_FROM secret is missing" | |
| exit 1 | |
| fi | |
| if [ -z "${{ env.MAILER_CLIENT_ID }}" ]; then | |
| echo "MAILER_CLIENT_ID secret is missing" | |
| exit 1 | |
| fi | |
| if [ -z "${{ env.MAILER_CLIENT_SECRET }}" ]; then | |
| echo "MAILER_CLIENT_SECRET secret is missing" | |
| exit 1 | |
| fi | |
| if [ -z "${{ env.MAILER_REFRESH_TOKEN }}" ]; then | |
| echo "MAILER_REFRESH_TOKEN secret is missing" | |
| exit 1 | |
| fi | |
| if [ -z "${{ env.NEXT_PUBLIC_DO_ACCESS_KEY }}" ]; then | |
| echo "NEXT_PUBLIC_DO_ACCESS_KEY secret is missing" | |
| exit 1 | |
| fi | |
| if [ -z "${{ env.NEXT_PUBLIC_DO_BUCKET_NAME }}" ]; then | |
| echo "NEXT_PUBLIC_DO_BUCKET_NAME secret is missing" | |
| exit 1 | |
| fi | |
| if [ -z "${{ env.NEXT_PUBLIC_DO_ORIGIN_ENDPOINT }}" ]; then | |
| echo "NEXT_PUBLIC_DO_ORIGIN_ENDPOINT secret is missing" | |
| exit 1 | |
| fi | |
| if [ -z "${{ env.NEXT_PUBLIC_DO_REGION }}" ]; then | |
| echo "NEXT_PUBLIC_DO_REGION secret is missing" | |
| exit 1 | |
| fi | |
| if [ -z "${{ env.NEXT_PUBLIC_DO_SECRET_KEY }}" ]; then | |
| echo "NEXT_PUBLIC_DO_SECRET_KEY secret is missing" | |
| exit 1 | |
| fi | |
| - name: Remove yarn.lock | |
| run: rm -f yarn.lock | |
| - name: Remove untracked files | |
| run: | | |
| git clean -f -d | |
| - name: Install dependencies | |
| run: ${{ steps.detect-package-manager.outputs.manager }} ${{ steps.detect-package-manager.outputs.command }} | |
| - name: Build with Next.js | |
| run: ${{ steps.detect-package-manager.outputs.runner }} next build | |
| - name: Set environment variables for PM2 | |
| run: | | |
| echo DATABASE_URL=${{ env.DATABASE_URL }} >> .env | |
| echo NEXTAUTH_SECRET=${{ env.NEXTAUTH_SECRET }} >> .env | |
| echo NEXTAUTH_URL=${{ env.NEXTAUTH_URL }} >> .env | |
| echo MAILER_FROM=${{ env.MAILER_FROM }} >> .env | |
| echo MAILER_CLIENT_ID=${{ env.MAILER_CLIENT_ID }} >> .env | |
| echo MAILER_CLIENT_SECRET=${{ env.MAILER_CLIENT_SECRET }} >> .env | |
| echo MAILER_REFRESH_TOKEN=${{ env.MAILER_REFRESH_TOKEN }} >> .env | |
| echo NEXT_PUBLIC_DO_ACCESS_KEY=${{ env.NEXT_PUBLIC_DO_ACCESS_KEY }} >> .env | |
| echo NEXT_PUBLIC_DO_BUCKET_NAME=${{ env.NEXT_PUBLIC_DO_BUCKET_NAME }} >> .env | |
| echo NEXT_PUBLIC_DO_ORIGIN_ENDPOINT=${{ env.NEXT_PUBLIC_DO_ORIGIN_ENDPOINT }} >> .env | |
| echo NEXT_PUBLIC_DO_REGION=${{ env.NEXT_PUBLIC_DO_REGION }} >> .env | |
| echo NEXT_PUBLIC_DO_SECRET_KEY=${{ env.NEXT_PUBLIC_DO_SECRET_KEY }} >> .env | |
| - name: Restart pm2 | |
| run: pm2 restart pm2.config.json |