Merge pull request #7 from xyzuan/renovate/docker-setup-buildx-action… #16

Workflow file for this run

.github/workflows/build-prod.yml at 6251c8f

	name: Deploy xyzuan-api-v2 Production Build

	on:
	push:
	branches:
	- main

	jobs:
	test:
	name: Run Treaty Tests
	runs-on: ubuntu-latest
	steps:
	- name: Checkout repository
	uses: actions/checkout@v2

	- name: Initialize Bun Environtment
	uses: oven-sh/setup-bun@v2

	- name: Declaring some Global Environtment vars
	run: \|
	echo "PORT=3121" >> $GITHUB_ENV
	echo "DOMAIN=localhost" >> $GITHUB_ENV
	echo "NODE_ENV=dev" >> $GITHUB_ENV
	echo "PASSWORD_PEPPER=${{ secrets.PASSWORD_PEPPER }}" >> $GITHUB_ENV
	echo "DATABASE_URL=${{ secrets.DATABASE_URL }}" >> $GITHUB_ENV
	echo "GOOGLE_CLIENT_ID=${{ secrets.GOOGLE_CLIENT_ID }}" >> $GITHUB_ENV
	echo "GOOGLE_CLIENT_SECRET=${{ secrets.GOOGLE_CLIENT_SECRET }}" >> $GITHUB_ENV
	echo "GITHUB_CLIENT_ID=${{ secrets.GH_CLIENT_ID }}" >> $GITHUB_ENV
	echo "GITHUB_CLIENT_SECRET=${{ secrets.GH_CLIENT_SECRET }}" >> $GITHUB_ENV
	echo "LINKEDIN_CLIENT_ID=${{ secrets.LINKEDIN_CLIENT_ID }}" >> $GITHUB_ENV
	echo "LINKEDIN_CLIENT_SECRET=${{ secrets.LINKEDIN_CLIENT_SECRET }}" >> $GITHUB_ENV
	echo "TELEGRAM_TOKEN=${{ secrets.TELEGRAM_TOKEN }}" >> $GITHUB_ENV
	echo "TELEGRAM_CHAT_ID=${{ secrets.TELEGRAM_CHAT_ID }}" >> $GITHUB_ENV
	echo "CLOUDINARY_CLOUD_NAME=${{ secrets.CLOUDINARY_CLOUD_NAME }}" >> $GITHUB_ENV
	echo "CLOUDINARY_API_KEY=${{ secrets.CLOUDINARY_API_KEY }}" >> $GITHUB_ENV
	echo "CLOUDINARY_API_SECRET=${{ secrets.CLOUDINARY_API_SECRET }}" >> $GITHUB_ENV

	- name: Run Treaty Tests
	id: treaty_test
	run: \|
	bun install
	bunx prisma generate
	bun test
	echo "::set-output name=result::success"

	- name: Mark as failed if tests fail
	if: failure()
	run: echo "::set-output name=result::failure"

	build:
	name: Build & Push to GHCR Registry
	runs-on: ubuntu-latest
	needs: test
	if: success()
	steps:
	- name: Checkout code
	uses: actions/checkout@v3

	- name: Settle up Docker Buildx
	uses: docker/setup-buildx-action@v3

	- name: Declaring some Global Environtment vars
	run: \|
	echo "BRANCH_NAME=${GITHUB_REF##*/}" >> $GITHUB_ENV
	echo "SHA=$(echo "$GITHUB_SHA" \| head -c 7)" >> $GITHUB_ENV
	echo "ENV=production" >> $GITHUB_ENV
	echo "PORT=3131" >> $GITHUB_ENV
	echo "BASE_URL=https://api.xyzuan.my.id" >> $GITHUB_ENV
	echo "DOMAIN=xyzuan.my.id" >> $GITHUB_ENV
	echo "REGISTRY=ghcr.io/xyzuan" >> $GITHUB_ENV
	echo "IMAGE_NAME=xyzuan_api_v2" >> $GITHUB_ENV
	echo "DOCKERFILE=misc/Dockerfile.prod" >> $GITHUB_ENV

	- name: Authenticating to Eden Server realms.
	uses: webfactory/ssh-agent@v0.9.0
	with:
	ssh-private-key: ${{ secrets.SERVER_PRIVATE_KEY }}

	- name: Authenticating to GHCR realms
	run: echo "${{ secrets.GH_TOKEN }}" \| docker login -u "${{ github.actor }}" ghcr.io --password-stdin

	- name: Treaty Build the Docker image
	run: \|
	docker build \
	--build-arg PORT=${{ env.PORT }} \
	--build-arg NODE_ENV=${{ env.ENV }} \
	--build-arg BASE_URL=${{ env.BASE_URL }} \
	--build-arg DOMAIN=${{ env.DOMAIN }} \
	--build-arg PASSWORD_PEPPER=${{ secrets.PASSWORD_PEPPER }} \
	--build-arg DATABASE_URL=${{ secrets.DATABASE_URL_DEV }} \
	--build-arg GOOGLE_CLIENT_ID=${{ secrets.GOOGLE_CLIENT_ID }} \
	--build-arg GOOGLE_CLIENT_SECRET=${{ secrets.GOOGLE_CLIENT_SECRET }} \
	--build-arg GITHUB_CLIENT_ID=${{ secrets.GH_CLIENT_ID }} \
	--build-arg GITHUB_CLIENT_SECRET=${{ secrets.GH_CLIENT_SECRET }} \
	--build-arg LINKEDIN_CLIENT_ID=${{ secrets.LINKEDIN_CLIENT_ID }} \
	--build-arg LINKEDIN_CLIENT_SECRET=${{ secrets.LINKEDIN_CLIENT_SECRET }} \
	--build-arg TELEGRAM_TOKEN=${{ secrets.TELEGRAM_TOKEN }} \
	--build-arg TELEGRAM_CHAT_ID=${{ secrets.TELEGRAM_CHAT_ID }} \
	--build-arg CLOUDINARY_CLOUD_NAME=${{ secrets.CLOUDINARY_CLOUD_NAME }} \
	--build-arg CLOUDINARY_API_KEY=${{ secrets.CLOUDINARY_API_KEY }} \
	--build-arg CLOUDINARY_API_SECRET=${{ secrets.CLOUDINARY_API_SECRET }} \
	-t ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ env.BRANCH_NAME }} -f ${{ env.DOCKERFILE }} .

	- name: Adding tags to the Images
	run: \|
	docker tag ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ env.BRANCH_NAME }} ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{env.SHA}}

	- name: Bring the Images to GHCR
	run: \|
	docker push ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ env.BRANCH_NAME }}
	docker push ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{env.SHA}}

	serve:
	name: Serve Images in Server
	runs-on: ubuntu-latest
	needs: build
	if: success()
	steps:
	- name: Authenticating to Eden Server realms
	uses: webfactory/ssh-agent@v0.9.0
	with:
	ssh-private-key: ${{ secrets.SERVER_PRIVATE_KEY }}

	- name: Declaring some Global Environtment vars
	run: \|
	echo "BRANCH_NAME=${GITHUB_REF##*/}" >> $GITHUB_ENV
	echo "PORT=3131" >> $GITHUB_ENV
	echo "CT_NAME=xyzuan-api-v2" >> $GITHUB_ENV
	echo "REGISTRY=ghcr.io/xyzuan" >> $GITHUB_ENV
	echo "IMAGE_NAME=xyzuan_api_v2" >> $GITHUB_ENV

	- name: Serve the Images
	run: \|
	ssh-keyscan -t rsa ${{ secrets.SERVER_HOST }} >> ~/.ssh/known_hosts
	ssh ${{ github.actor }}@${{ secrets.SERVER_HOST }} << 'EOF'
	echo 'Authenticating to GHCR realms...'
	echo "${{ secrets.GH_TOKEN }}" \| docker login -u "${{ github.actor }}" ghcr.io --password-stdin

	echo 'Pulling the latest image from GHCR...'
	docker pull ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ env.BRANCH_NAME }}

	echo 'Force Blowing the existing Docker Container...'
	docker rm -f ${{ env.CT_NAME }}

	echo 'Running the Docker Container...'
	docker run -d \
	--name ${{ env.CT_NAME }} \
	--restart always \
	--network nginx_default \
	-p ${{ env.PORT }}:${{ env.PORT }} \
	${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ env.BRANCH_NAME }}
	EOF

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Merge pull request #7 from xyzuan/renovate/docker-setup-buildx-action… #16

Workflow file

Merge pull request #7 from xyzuan/renovate/docker-setup-buildx-action… #16

Jobs

Run details

Workflow file for this run