deploy #9

	name: "deploy"

	on:
	workflow_dispatch:

	env:
	REGISTRY: ghcr.io
	IMAGE_NAME: ${{github.repository_owner}}/spy:latest

	jobs:
	publish:
	runs-on: ubuntu-latest
	permissions:
	packages: write
	contents: read

	steps:
	- uses: actions/checkout@v4
	- name: Login
	run: echo ${{secrets.GITHUB_TOKEN}} \| docker login ghcr.io -u ${{github.actor}} --password-stdin

	- name: Build and Publish
	run: \|
	docker build . --tag ${{env.REGISTRY}}/${{env.IMAGE_NAME}}
	docker push ${{env.REGISTRY}}/${{env.IMAGE_NAME}}
	deploy:
	runs-on: ubuntu-latest
	needs: publish

	steps:
	- uses: actions/checkout@v4
	- name: install ssh keys
	run: \|
	mkdir -p ~/.ssh
	chmod 700 ~/.ssh
	echo "${{ secrets.SSH_PRIVATE_KEY }}" > ~/.ssh/id_rsa
	chmod 600 ~/.ssh/id_rsa
	ssh-keyscan -H ${{secrets.SERVER_IP}} > ~/.ssh/known_hosts
	chmod 644 ~/.ssh/known_hosts
	- name: connect and pull
	run: \|
	scp docker-compose.yml ${{ secrets.SSH_USER }}@${{ secrets.SERVER_IP }}:~/${{ secrets.SERVER_WORK_DIR }}/docker-compose.yml
	ssh ${{ secrets.SSH_USER }}@${{ secrets.SERVER_IP }} "cd ${{ secrets.SERVER_WORK_DIR }} && docker-compose pull && docker-compose up --force-recreate --build -d && exit"
	- name: cleanup
	run: rm -rf ~/.ssh

Provide feedback