Skip to content

Deploy apps

Deploy apps #72

Workflow file for this run

name: Deploy apps
on:
workflow_run:
workflows: [Build apps]
types: [completed]
workflow_dispatch:
env:
REGISTRY: ghcr.io
DOCKER_HOST: ssh://target
TELEGRAM_IMAGE_NAME: ${{ github.repository }}-telegram
DISCORD_IMAGE_NAME: ${{ github.repository }}-discord
jobs:
deploy:
name: Deploy
if: ${{
github.event_name == 'workflow_dispatch' ||
(github.event.workflow_run.event != 'pull_request' && github.event.workflow_run.conclusion == 'success')
}}
runs-on: ubuntu-latest
permissions:
packages: read
contents: read
steps:
- name: Checkout repository
uses: actions/checkout@v4
with:
sparse-checkout: compose.yaml
sparse-checkout-cone-mode: false
- name: Log into registry ${{ env.REGISTRY }}
uses: docker/login-action@v3.3.0
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Extract Docker metadata
id: meta
uses: docker/metadata-action@v5.6.1
with:
images: |
${{ env.REGISTRY }}/${{ env.TELEGRAM_IMAGE_NAME }}
${{ env.REGISTRY }}/${{ env.DISCORD_IMAGE_NAME }}
- name: Install cloudflared
run: |
curl -L -o cloudflared.deb https://github.com/cloudflare/cloudflared/releases/latest/download/cloudflared-linux-amd64.deb
sudo dpkg -i cloudflared.deb
- name: Load SSH Key
uses: shimataro/ssh-key-action@v2
with:
key: ${{ secrets.SSH_PRIVATE_KEY }}
known_hosts: ${{ secrets.SSH_KNOWN_HOSTS }}
config: ${{ vars.SSH_CONFIG }}
- name: Deploy Docker image to server
env:
TUNNEL_SERVICE_TOKEN_ID: ${{ secrets.CLOUDFLARE_ACCESS_ID }}
TUNNEL_SERVICE_TOKEN_SECRET: ${{ secrets.CLOUDFLARE_ACCESS_SECRET }}
TELEGRAM_IMAGE_REF: ${{ fromJSON(steps.meta.outputs.json).tags[0] }}
DISCORD_IMAGE_REF: ${{ fromJSON(steps.meta.outputs.json).tags[1] }}
WORKER_AUTH: ${{ secrets.CLOUDFLARE_WORKER_AUTH }}
run: |
docker compose pull
docker compose up -d