test #4

Workflow file for this run

.github/workflows/deploy.yaml at d301e92

	name: Deploy

	on:
	push:
	branches: [main, cb/deploy]
	workflow_dispatch:

	permissions:
	contents: read

	env:
	IMAGE_NAME: home-automation

	jobs:
	build-and-push:
	name: Build and Push Docker Image
	runs-on: ubicloud-standard-2
	permissions:
	packages: write
	outputs:
	image_tag: ${{ steps.image.outputs.tag }}
	steps:
	- name: Checkout code
	uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5

	- name: Set up Docker Buildx
	uses: docker/setup-buildx-action@v3

	- name: Log in to GitHub Container Registry
	uses: docker/login-action@v3
	with:
	registry: ghcr.io
	username: ${{ github.actor }}
	password: ${{ secrets.GITHUB_TOKEN }}

	- name: Extract metadata
	id: meta
	uses: docker/metadata-action@v5
	with:
	images: ghcr.io/${{ github.repository_owner }}/${{ env.IMAGE_NAME }}
	tags: \|
	type=ref,event=branch
	type=sha,prefix={{branch}}-
	type=raw,value=latest,enable={{is_default_branch}}

	- name: Build and push Docker image
	uses: docker/build-push-action@v6
	with:
	context: .
	file: ./Dockerfile
	push: true
	tags: ${{ steps.meta.outputs.tags }}
	labels: ${{ steps.meta.outputs.labels }}
	cache-from: type=gha
	cache-to: type=gha,mode=max

	- name: Output image tag
	id: image
	run: \|
	IMAGE_TAG=$(echo "${{ steps.meta.outputs.tags }}" \| head -n 1)
	echo "tag=$IMAGE_TAG" >> $GITHUB_OUTPUT
	echo "Built image: $IMAGE_TAG"

	deploy:
	name: Deploy to ubicloud VM
	runs-on: ubicloud-standard-2
	needs: build-and-push
	steps:
	- name: Mask secrets in logs
	run: \|
	echo "::add-mask::${{ secrets.UBICLOUD_VM_HOST }}"
	echo "::add-mask::${{ secrets.UBICLOUD_VM_USER }}"
	echo "::add-mask::${{ secrets.UBICLOUD_SSH_PRIVATE_KEY }}"

	- name: Checkout code
	uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5

	- name: Setup SSH
	uses: webfactory/ssh-agent@v0.9.0
	with:
	ssh-private-key: ${{ secrets.UBICLOUD_SSH_PRIVATE_KEY }}

	- name: Add server to known hosts
	run: \|
	ssh-keyscan -H ${{ secrets.UBICLOUD_VM_HOST }} >> ~/.ssh/known_hosts

	- name: Copy docker-compose.yml to server
	run: \|
	scp docker-compose.yml ${{ secrets.UBICLOUD_VM_USER }}@${{ secrets.UBICLOUD_VM_HOST }}:~/home/docker-compose.yml

	- name: Deploy to ubicloud VM
	env:
	IMAGE_TAG: ${{ needs.build-and-push.outputs.image_tag }}
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
	GITHUB_ACTOR: ${{ github.actor }}
	VM_HOST: ${{ secrets.UBICLOUD_VM_HOST }}
	VM_USER: ${{ secrets.UBICLOUD_VM_USER }}
	run: \|
	set +x
	ssh "$VM_USER@$VM_HOST" bash << REMOTE_SCRIPT
	set -e
	set +x

	cd ~/home \|\| mkdir -p ~/home && cd ~/home

	GITHUB_TOKEN="$GITHUB_TOKEN"
	GITHUB_ACTOR="$GITHUB_ACTOR"
	IMAGE_TAG="$IMAGE_TAG"

	echo "\$GITHUB_TOKEN" \| docker login ghcr.io -u "\$GITHUB_ACTOR" --password-stdin
	docker pull "\$IMAGE_TAG"
	sed -i "s\|image:.*\|image: \$IMAGE_TAG\|" docker-compose.yml
	docker compose down \|\| true
	docker compose up -d
	docker image prune -f

	echo "Deployment complete!"
	REMOTE_SCRIPT

	- name: Verify deployment
	env:
	VM_HOST: ${{ secrets.UBICLOUD_VM_HOST }}
	VM_USER: ${{ secrets.UBICLOUD_VM_USER }}
	run: \|
	set +x
	ssh "$VM_USER@$VM_HOST" bash << 'REMOTE_SCRIPT'
	set -e
	set +x

	sleep 5

	if docker ps \| grep -q home-automation; then
	echo "✅ Container is running"
	docker ps \| grep home-automation
	echo ""
	echo "Container logs (last 20 lines):"
	docker logs --tail 20 home-automation
	else
	echo "❌ Container is not running"
	docker ps -a \| grep home-automation \|\| true
	echo ""
	echo "Container logs:"
	docker logs home-automation \|\| true
	exit 1
	fi
	REMOTE_SCRIPT

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

test #4

Workflow file

test #4

Uh oh!

Workflow file for this run