deploy workflow polishing (#538) #9

Workflow file for this run

.github/workflows/deploy.yaml at b381524

	name: Deploy

	on:
	push:
	branches:
	- main
	- dev

	env:
	REGISTRY: ghcr.io
	IMAGE_NAME: ${{ github.repository }}

	jobs:
	detect-deployment-environment:
	runs-on: ubuntu-latest
	outputs:
	environment: ${{ steps.set-env.outputs.environment }}
	steps:
	- name: Determine deployment environment
	id: set-env
	run: \|
	if [[ "${{ github.ref }}" == "refs/heads/main" ]]; then
	echo "environment=production" >> $GITHUB_OUTPUT
	elif [[ "${{ github.ref }}" == "refs/heads/dev" ]]; then
	echo "environment=staging" >> $GITHUB_OUTPUT
	else
	echo "environment=none" >> $GITHUB_OUTPUT
	fi

	docker-build-push-node:
	runs-on: ubuntu-22.04
	permissions:
	contents: read
	packages: write
	env:
	PORT: ${{ vars.PORT }}
	steps:
	- name: Checkout repository with cached git lfs
	uses: nschloe/action-cached-lfs-checkout@v1
	- uses: actions/setup-node@v4
	with:
	node-version: 20

	- name: Install wasp
	run: curl -sSL https://get.wasp-lang.dev/installer.sh \| sh

	- name: Temporary wasp fix
	run: \|
	PATCH_FILE_PATH=$(cat $(whereis wasp \| cut -d " " -f 2) \| tail -1 \| cut -d " " -f 1 \| cut -d "=" -f 2)/Generator/templates/server/package.json
	echo $PATCH_FILE_PATH
	sed -i 's/"postinstall": "patch-package"/"postinstall": ""/' $PATCH_FILE_PATH

	- name: Log in to the Container registry
	uses: docker/login-action@v3.2.0
	with:
	registry: ${{ env.REGISTRY }}
	username: ${{ github.actor }}
	password: ${{ secrets.GITHUB_TOKEN }}

	- run: docker pull ghcr.io/$GITHUB_REPOSITORY-node:$GITHUB_REF_NAME \|\| docker pull ghcr.io/$GITHUB_REPOSITORY-node:dev \|\| true
	- name: Build wasp
	run: cd app && wasp build
	- run: docker build --build-arg PORT=$PORT -t ghcr.io/$GITHUB_REPOSITORY-node:${GITHUB_REF_NAME////-} ./app/.wasp/build/
	- name: Add tag latest if branch is main
	if: github.ref_name == 'main'
	run: docker tag ghcr.io/$GITHUB_REPOSITORY-node:$GITHUB_REF_NAME ghcr.io/$GITHUB_REPOSITORY-node:latest
	- name: Push only if branch name is main or dev
	if: github.ref_name == 'main' \|\| github.ref_name == 'dev'
	run: docker push ghcr.io/$GITHUB_REPOSITORY-node --all-tags

	docker-build-push-fastapi:
	runs-on: ubuntu-22.04
	permissions:
	contents: read
	packages: write
	steps:
	- name: Checkout repository
	uses: actions/checkout@v4
	- uses: actions/setup-node@v4
	with:
	node-version: 18

	- name: Install wasp
	run: curl -sSL https://get.wasp-lang.dev/installer.sh \| sh

	- name: Log in to the Container registry
	uses: docker/login-action@v3.2.0
	with:
	registry: ${{ env.REGISTRY }}
	username: ${{ github.actor }}
	password: ${{ secrets.GITHUB_TOKEN }}

	- run: docker pull ghcr.io/$GITHUB_REPOSITORY:$GITHUB_REF_NAME \|\| docker pull ghcr.io/$GITHUB_REPOSITORY:dev \|\| true
	- run: docker build --build-arg PORT=$PORT -t ghcr.io/$GITHUB_REPOSITORY:${GITHUB_REF_NAME////-} .
	- name: Add tag latest if branch is main
	if: github.ref_name == 'main'
	run: docker tag ghcr.io/$GITHUB_REPOSITORY:$GITHUB_REF_NAME ghcr.io/$GITHUB_REPOSITORY:latest
	- name: Push only if branch name is main or dev
	if: github.ref_name == 'main' \|\| github.ref_name == 'dev'
	run: docker push ghcr.io/$GITHUB_REPOSITORY --all-tags

	deploy-fastapi:
	runs-on: ubuntu-22.04
	defaults:
	run:
	shell: bash
	needs:
	- docker-build-push-fastapi
	- docker-build-push-node
	- detect-deployment-environment
	environment:
	name: ${{ needs.detect-deployment-environment.outputs.environment }}
	env:
	GITHUB_USERNAME: ${{ github.actor }}
	GITHUB_PASSWORD: ${{ secrets.GITHUB_TOKEN }}
	DEVELOPER_TOKEN: ${{ secrets.DEVELOPER_TOKEN }}
	DATABASE_URL: ${{ secrets.DATABASE_URL }}
	PY_DATABASE_URL: ${{ secrets.PY_DATABASE_URL }}
	FASTAGENCY_SERVER_URL: ${{ vars.FASTAGENCY_SERVER_URL }}
	DOMAIN: ${{ vars.DOMAIN }}
	SSH_KEY: ${{ secrets.SSH_KEY }}
	AZURE_API_VERSION: ${{ vars.AZURE_API_VERSION }}
	AZURE_API_ENDPOINT: ${{ vars.AZURE_API_ENDPOINT }}
	AZURE_GPT35_MODEL: ${{ vars.AZURE_GPT35_MODEL }}
	AZURE_OPENAI_API_KEY: ${{ secrets.AZURE_OPENAI_API_KEY }}
	BING_API_KEY: ${{ secrets.BING_API_KEY }}

	steps:
	- uses: actions/checkout@v3 # Don't change it to cheackout@v4. V4 is not working with container image.
	# This is to fix GIT not liking owner of the checkout dir - https://github.com/actions/runner/issues/2033#issuecomment-1204205989
	- run: chown -R $(id -u):$(id -g) $PWD

	- run: if [[ $GITHUB_REF_NAME == "main" ]]; then echo "TAG=latest" >> $GITHUB_ENV ; else echo "TAG=dev" >> $GITHUB_ENV ; fi;

	- run: echo "PATH=$PATH:/github/home/.local/bin" >> $GITHUB_ENV
	- run: "which ssh-agent \|\| ( apt-get update -y && apt-get install openssh-client git gettext -y )"
	- run: eval $(ssh-agent -s)
	- run: mkdir -p ~/.ssh
	- run: chmod 700 ~/.ssh
	- run: ssh-keyscan "$DOMAIN" >> ~/.ssh/known_hosts
	- run: chmod 644 ~/.ssh/known_hosts
	- run: echo "$SSH_KEY" \| base64 --decode > key.pem
	- run: chmod 600 key.pem

	- run: ssh -o StrictHostKeyChecking=no -i key.pem azureuser@"$DOMAIN" "docker images"
	- run: bash scripts/deploy.sh

	- run: rm key.pem

	deploy-node:
	runs-on: ubuntu-22.04
	defaults:
	run:
	shell: bash
	needs:
	- docker-build-push-fastapi
	- docker-build-push-node
	- detect-deployment-environment
	environment:
	name: ${{ needs.detect-deployment-environment.outputs.environment }}
	env:
	GITHUB_USERNAME: ${{ github.actor }}
	GITHUB_PASSWORD: ${{ secrets.GITHUB_TOKEN }}
	PORT: ${{ vars.PORT }}
	GOOGLE_CLIENT_ID: ${{ vars.GOOGLE_CLIENT_ID }}
	GOOGLE_CLIENT_SECRET: ${{ secrets.GOOGLE_CLIENT_SECRET }}
	ADMIN_EMAILS: ${{ vars.ADMIN_EMAILS }}
	WASP_SERVER_URL: ${{ vars.WASP_SERVER_URL }}
	FASTAGENCY_SERVER_URL: ${{ vars.FASTAGENCY_SERVER_URL }}
	NODE_DOMAIN: ${{ vars.NODE_DOMAIN }}
	WASP_WEB_CLIENT_URL: ${{ vars.WASP_WEB_CLIENT_URL }}
	DATABASE_URL: ${{ secrets.DATABASE_URL }}
	REACT_APP_API_URL: ${{ vars.REACT_APP_API_URL }}
	JWT_SECRET: ${{ secrets.JWT_SECRET }}
	SSH_KEY: ${{ secrets.SSH_KEY }}
	steps:
	- name: Checkout repository with cached git lfs
	uses: nschloe/action-cached-lfs-checkout@v1
	# This is to fix GIT not liking owner of the checkout dir - https://github.com/actions/runner/issues/2033#issuecomment-1204205989
	- run: chown -R $(id -u):$(id -g) $PWD

	- run: if [[ $GITHUB_REF_NAME == "main" ]]; then echo "TAG=latest" >> $GITHUB_ENV ; else echo "TAG=dev" >> $GITHUB_ENV ; fi;

	- run: echo "PATH=$PATH:/github/home/.local/bin" >> $GITHUB_ENV
	- run: "which ssh-agent \|\| ( apt-get update -y && apt-get install openssh-client git -y )"
	- run: eval $(ssh-agent -s)
	- run: mkdir -p ~/.ssh
	- run: chmod 700 ~/.ssh
	- run: ssh-keyscan "$NODE_DOMAIN" >> ~/.ssh/known_hosts
	- run: chmod 644 ~/.ssh/known_hosts
	- run: echo "$SSH_KEY" \| base64 --decode > key.pem
	- run: chmod 600 key.pem

	- run: ssh -o StrictHostKeyChecking=no -i key.pem azureuser@"$NODE_DOMAIN" "docker images"
	- run: bash scripts/deploy-node.sh

	- run: rm key.pem

	deploy-frontend:
	runs-on: ubuntu-22.04
	permissions:
	contents: write
	needs:
	- docker-build-push-fastapi
	- docker-build-push-node
	- detect-deployment-environment
	environment:
	name: ${{ needs.detect-deployment-environment.outputs.environment }}
	env:
	NODE_DOMAIN: ${{ vars.NODE_DOMAIN }}
	SSH_KEY: ${{ secrets.SSH_KEY }}
	REACT_APP_API_URL: ${{ vars.REACT_APP_API_URL }}
	steps:
	- name: Checkout repository with cached git lfs
	uses: nschloe/action-cached-lfs-checkout@v1
	- uses: actions/setup-node@v4
	with:
	node-version: 20

	- name: Install wasp
	run: curl -sSL https://get.wasp-lang.dev/installer.sh \| sh

	- name: Temporary wasp fix
	run: \|
	PATCH_FILE_PATH=$(cat $(whereis wasp \| cut -d " " -f 2) \| tail -1 \| cut -d " " -f 1 \| cut -d "=" -f 2)/Generator/templates/server/package.json
	echo $PATCH_FILE_PATH
	sed -i 's/"postinstall": "patch-package"/"postinstall": ""/' $PATCH_FILE_PATH

	- name: Build wasp
	run: cd app && wasp build
	- name: Build frontend
	run: cd app && cd .wasp/build/web-app && npm install && REACT_APP_API_URL=$REACT_APP_API_URL npm run build
	- name: Copy 404.html
	run: cp 404.html app/.wasp/build/web-app/build

	- name: Deploy UI to nginx directory
	run: \|
	apt-get update -y && apt-get install openssh-client git -y
	eval $(ssh-agent -s)
	mkdir -p ~/.ssh
	chmod 700 ~/.ssh
	ssh-keyscan "$NODE_DOMAIN" >> ~/.ssh/known_hosts
	chmod 644 ~/.ssh/known_hosts
	echo "$SSH_KEY" \| base64 --decode > key.pem
	chmod 600 key.pem
	ssh -o StrictHostKeyChecking=no -i key.pem azureuser@"$NODE_DOMAIN" "ls -lah /var/www/html/UI"
	scp -i key.pem -r app/.wasp/build/web-app/build azureuser@"$NODE_DOMAIN":/var/www/html/UI
	ssh -o StrictHostKeyChecking=no -i key.pem azureuser@"$NODE_DOMAIN" "ls -lah /var/www/html/UI"
	rm key.pem

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

deploy workflow polishing (#538) #9

Workflow file

deploy workflow polishing (#538) #9

Jobs

Run details

Workflow file for this run