Continuous Deployment #43
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Continuous Deployment | |
| on: | |
| workflow_dispatch: ~ | |
| push: | |
| branches: | |
| - develop | |
| jobs: | |
| undeploy: | |
| name: Undeploy | |
| runs-on: ubuntu-latest | |
| environment: uat | |
| steps: | |
| - name: Adding Known Hosts | |
| run: mkdir -p ~/.ssh && ssh-keyscan -p ${{ secrets.SSH_PORT }} -H ${{ secrets.SSH_HOST }} >> ~/.ssh/known_hosts | |
| - name: Install SSH Key | |
| uses: shimataro/ssh-key-action@v2 | |
| with: | |
| key: ${{ secrets.SSH_PRIVATE_KEY }} | |
| known_hosts: unnecessary | |
| - name: Clean workspace | |
| run: ssh -p ${{ secrets.SSH_PORT }} ${{ secrets.SSH_USER }}@${{ secrets.SSH_HOST }} -C "rm -rf ~/pinanas-src" | |
| - name: Stop previous PiNanas | |
| run: ssh -p ${{ secrets.SSH_PORT }} ${{ secrets.SSH_USER }}@${{ secrets.SSH_HOST }} -C "if [[ -f ~/pinanas/docker-compose.yaml ]] ; then cd ~/pinanas && docker-compose down ; fi" | |
| - name: Remove docker containers, volumes, networks and images | |
| run: | | |
| ssh -p ${{ secrets.SSH_PORT }} ${{ secrets.SSH_USER }}@${{ secrets.SSH_HOST }} -C "docker container prune --force" | |
| ssh -p ${{ secrets.SSH_PORT }} ${{ secrets.SSH_USER }}@${{ secrets.SSH_HOST }} -C "docker volume prune --force" | |
| ssh -p ${{ secrets.SSH_PORT }} ${{ secrets.SSH_USER }}@${{ secrets.SSH_HOST }} -C "docker network prune --force" | |
| ssh -p ${{ secrets.SSH_PORT }} ${{ secrets.SSH_USER }}@${{ secrets.SSH_HOST }} -C "docker image prune --force --all" | |
| - name: Remove installation directory | |
| run: ssh -p ${{ secrets.SSH_PORT }} ${{ secrets.SSH_USER }}@${{ secrets.SSH_HOST }} -C "sudo rm -rf -- ~/pinanas/" | |
| deploy: | |
| name: Deploy | |
| runs-on: ubuntu-latest | |
| environment: uat | |
| needs: undeploy | |
| steps: | |
| - name: Adding Known Hosts | |
| run: mkdir -p ~/.ssh && ssh-keyscan -p ${{ secrets.SSH_PORT }} -H ${{ secrets.SSH_HOST }} >> ~/.ssh/known_hosts | |
| - name: Install SSH Key | |
| uses: shimataro/ssh-key-action@v2 | |
| with: | |
| key: ${{ secrets.SSH_PRIVATE_KEY }} | |
| known_hosts: unnecessary | |
| - name: Clone | |
| uses: actions/checkout@v3 | |
| - name: Recreate directories | |
| run: ssh -p ${{ secrets.SSH_PORT }} ${{ secrets.SSH_USER }}@${{ secrets.SSH_HOST }} -C "mkdir -p ~/pinanas-src ~/pinanas" | |
| - name: Deploy to PiNanas UAT | |
| run: scp -P ${{ secrets.SSH_PORT }} -r * ${{ secrets.SSH_USER }}@${{ secrets.SSH_HOST }}:~/pinanas-src/. | |
| install: | |
| name: Install | |
| runs-on: ubuntu-latest | |
| environment: uat | |
| needs: deploy | |
| steps: | |
| - name: Adding Known Hosts | |
| run: mkdir -p ~/.ssh && ssh-keyscan -p ${{ secrets.SSH_PORT }} -H ${{ secrets.SSH_HOST }} >> ~/.ssh/known_hosts | |
| - name: Install SSH Key | |
| uses: shimataro/ssh-key-action@v2 | |
| with: | |
| key: ${{ secrets.SSH_PRIVATE_KEY }} | |
| known_hosts: unnecessary | |
| - name: Configure | |
| env: | |
| settings_pinanas_master_secret: "${{ secrets.settings_pinanas_master_secret }}" | |
| settings_pinanas_johndoe_password: "${{ secrets.settings_pinanas_johndoe_password }}" | |
| settings_pinanas_network_dns_provider_api: "${{ secrets.settings_pinanas_network_dns_provider_api }}" | |
| settings_pinanas_network_dns_provider_email: "${{ secrets.settings_pinanas_network_dns_provider_email }}" | |
| settings_pinanas_network_dns_provider_name: "${{ secrets.settings_pinanas_network_dns_provider_name }}" | |
| settings_pinanas_network_smtp_host: "${{ secrets.settings_pinanas_network_smtp_host }}" | |
| settings_pinanas_network_smtp_password: "${{ secrets.settings_pinanas_network_smtp_password }}" | |
| settings_pinanas_network_smtp_port: "${{ secrets.settings_pinanas_network_smtp_port }}" | |
| settings_pinanas_network_smtp_sender: "${{ secrets.settings_pinanas_network_smtp_sender }}" | |
| settings_pinanas_network_smtp_username: "${{ secrets.settings_pinanas_network_smtp_username }}" | |
| run: | | |
| env | grep ^settings_pinanas_ | ssh -p ${{ secrets.SSH_PORT }} ${{ secrets.SSH_USER }}@${{ secrets.SSH_HOST }} -C "cat >~/.ssh/environment" | |
| ssh -p ${{ secrets.SSH_PORT }} ${{ secrets.SSH_USER }}@${{ secrets.SSH_HOST }} -C "envsubst <~/pinanas-src/test/settings.yaml.d/cd.yaml >~/pinanas/settings.yaml" | |
| - name: Install | |
| run: ssh -p ${{ secrets.SSH_PORT }} ${{ secrets.SSH_USER }}@${{ secrets.SSH_HOST }} -C "cd ~/pinanas && ~/pinanas-src/src/install/installer.sh && rm ~/.ssh/environment" | |
| start: | |
| name: Start | |
| runs-on: ubuntu-latest | |
| environment: uat | |
| needs: install | |
| steps: | |
| - name: Adding Known Hosts | |
| run: mkdir -p ~/.ssh && ssh-keyscan -p ${{ secrets.SSH_PORT }} -H ${{ secrets.SSH_HOST }} >> ~/.ssh/known_hosts | |
| - name: Install SSH Key | |
| uses: shimataro/ssh-key-action@v2 | |
| with: | |
| key: ${{ secrets.SSH_PRIVATE_KEY }} | |
| known_hosts: unnecessary | |
| - name: Start | |
| run: ssh -p ${{ secrets.SSH_PORT }} ${{ secrets.SSH_USER }}@${{ secrets.SSH_HOST }} -C "cd ~/pinanas && docker-compose up -d && ~/pinanas-src/test/wait-for-containers.sh ." | |
| - name: Import Let's Encrypt stagging root CA | |
| run: | | |
| echo -n "Nexcloud... " | |
| ssh -p ${{ secrets.SSH_PORT }} ${{ secrets.SSH_USER }}@${{ secrets.SSH_HOST }} -C "curl -o ~/pinanas/nextcloud/data/files/letsencrypt-stg-root-x1.crt https://letsencrypt.org/certs/staging/letsencrypt-stg-root-x1.pem" | |
| ssh -p ${{ secrets.SSH_PORT }} ${{ secrets.SSH_USER }}@${{ secrets.SSH_HOST }} -C "docker exec nextcloud occ security:certificates:import /data/letsencrypt-stg-root-x1.crt" | |
| ssh -p ${{ secrets.SSH_PORT }} ${{ secrets.SSH_USER }}@${{ secrets.SSH_HOST }} -C "rm -f ~/pinanas/nextcloud/data/files/letsencrypt-stg-root-x1.crt" | |
| echo "OK" | |
| echo -n "Jellyfin... " | |
| ssh -p ${{ secrets.SSH_PORT }} ${{ secrets.SSH_USER }}@${{ secrets.SSH_HOST }} -C "docker exec jellyfin mkdir -p /usr/share/ca-certificates/misc" | |
| ssh -p ${{ secrets.SSH_PORT }} ${{ secrets.SSH_USER }}@${{ secrets.SSH_HOST }} -C "docker exec jellyfin curl -o /usr/share/ca-certificates/misc/letsencrypt-stg-root-x1.crt https://letsencrypt.org/certs/staging/letsencrypt-stg-root-x1.pem" | |
| ssh -p ${{ secrets.SSH_PORT }} ${{ secrets.SSH_USER }}@${{ secrets.SSH_HOST }} -C "docker exec jellyfin bash -c 'echo misc/letsencrypt-stg-root-x1.crt >> /etc/ca-certificates.conf'" | |
| ssh -p ${{ secrets.SSH_PORT }} ${{ secrets.SSH_USER }}@${{ secrets.SSH_HOST }} -C "docker exec jellyfin update-ca-certificates" | |
| echo "OK" | |
| - name: Distclean | |
| run: ssh -p ${{ secrets.SSH_PORT }} ${{ secrets.SSH_USER }}@${{ secrets.SSH_HOST }} -C "cd ~/pinanas && ./distclean.sh" |