Skip to content
Deploy-Docker

Deploy-Docker #244

Sign in to view logs

Deploy-Docker

Deploy-Docker #244

Workflow file for this run

.github/workflows/deploy-docker.yml at 483bed6
name: Deploy-Docker
permissions:
contents: read
packages: read
on:
workflow_dispatch:
inputs:
tag:
description: "Tag to deploy (e.g. agent-v1.0.0-rc1)"
required: true
type: string
jobs:
deploy:
runs-on: ubuntu-latest
# Only run if the input tag contains "rc"
if: ${{ contains(inputs.tag, 'rc') }}
environment: Dev
steps:
- name: Deploy to VM
env:
SSH_PRIVATE_KEY: ${{ secrets.SSH_PRIVATE_KEY }}
SSH_HOST: ${{ secrets.SSH_HOST }}
SSH_USER: ${{ secrets.SSH_USER }}
GHCR_USERNAME: ${{ secrets.GHCR_USERNAME || github.actor }}
GHCR_TOKEN: ${{ secrets.GHCR_PAT }}
GHCR_IMAGE: ghcr.io/${{ github.repository_owner }}/orchestra
run: |
# ---------------------------------------------------
# Setup SSH
# ---------------------------------------------------
mkdir -p ~/.ssh
echo "${{ secrets.SSH_PRIVATE_KEY }}" > ~/.ssh/id_rsa
chmod 600 ~/.ssh/id_rsa
ssh-keyscan github.com >> ~/.ssh/known_hosts
ssh-keyscan -H $SSH_HOST >> ~/.ssh/known_hosts
# ---------------------------------------------------
# Use input tag instead of ref
# ---------------------------------------------------
TAG=${{ inputs.tag }}
# ---------------------------------------------------
# SSH into the server and execute deployment
# ---------------------------------------------------
ssh -i ~/.ssh/id_rsa $SSH_USER@$SSH_HOST "
set -e # Exit on error
cd ~/agent_api
echo '--- Logging into GHCR ---'
echo \"$GHCR_TOKEN\" | docker login ghcr.io -u \"$GHCR_USERNAME\" --password-stdin
echo '--- Pulling new image ---'
docker pull $GHCR_IMAGE:$TAG
echo '--- Starting staging container (graphchat_new) on port 8006 ---'
# Stop/remove any leftover staging container from a previous run (ignore errors if not found)
docker stop graphchat_new 2>/dev/null || true
docker rm graphchat_new 2>/dev/null || true
docker run -d \
--name graphchat_new \
--network graphchat_default \
--env-file ./backend/.env \
-p 8006:8000 \
$GHCR_IMAGE:$TAG
echo '--- Waiting a few seconds for startup ---'
sleep 10
echo '--- Health check on staging container (graphchat_new) ---'
for i in {1..3}; do
if curl -f http://localhost:8006/api/info; then
echo 'New container on port 8006 is healthy!'
break
else
echo "Attempt $i failed. Waiting 10 seconds before retry..."
sleep 10
if [ $i -eq 3 ]; then
echo 'All retry attempts failed.'
exit 1
fi
fi
done
echo '--- Stopping and removing old container (graphchat) if it exists ---'
docker stop graphchat || true
docker rm graphchat || true
echo '--- Stopping and removing staging container (graphchat_new) ---'
docker stop graphchat_new 2>/dev/null || true
docker rm graphchat_new 2>/dev/null || true
echo '--- Running new container on production port (8005) as graphchat ---'
docker run -d \
--name graphchat \
--network graphchat_default \
--restart always \
--env-file ./backend/.env \
-e APP_VERSION=$TAG \
-e VITE_APP_VERSION=$TAG \
-p 8005:8000 \
$GHCR_IMAGE:$TAG
echo '--- Ensuring redis7 is on graphchat_default network ---'
docker network connect graphchat_default redis7 2>/dev/null || echo 'redis7 already on network or not found'
echo '--- Stopping and removing old worker container if it exists ---'
docker stop graphchat_worker 2>/dev/null || true
docker rm graphchat_worker 2>/dev/null || true
echo '--- Starting worker container ---'
docker run -d \
--name graphchat_worker \
--network graphchat_default \
--restart always \
--env-file ./backend/.env \
-e DISTRIBUTED_WORKERS=true \
-e REDIS_URL=redis://redis7:6379/0 \
-e DB_POOL_MIN_SIZE=1 \
-e DB_POOL_MAX_SIZE=5 \
--memory=1g \
--cpus=1 \
--entrypoint uv \
$GHCR_IMAGE:$TAG \
run taskiq worker src.workers.tasks:broker
echo '--- Worker deployment complete ---'
echo '--- Cleaning up old images ---'
docker system prune -a --filter "until=24h" -f
echo '--- Deployment successful! ---'
"